Re: crypt() should raise error without 2nd parameter

From: Yasuo Ohgaki Date: Thu, 08 Aug 2013 01:20:42 +0000

Subject: Re: crypt() should raise error without 2nd parameter

References: 1 2 Groups: php.internals

Request: Send a blank email to internals+get-68413@lists.php.net to get a copy of this message

Hi all,

It seems there are 2 options for master branch when crypt()'s 2nd parameter
is omitted.

 - raise E_DEPRECIATED that advice use of stronger salt or password_hash()
       and make 2nd parameter required for future release.
 - make crypt() use stronger default salt/hash w/o error

Since password_hash() is supposed to do better job, first option seems
better to me.

Do I have to setup vote?

Regards,


--
Yasuo Ohgaki
yohgaki@ohgaki.net

Thread (10 messages)

Yasuo OhgakiWed, 07 Aug 2013 10:18:15 +0000
LeighWed, 07 Aug 2013 11:00:00 +0000
Ángel GonzálezWed, 07 Aug 2013 11:58:32 +0000
Kalle Sommer NielsenWed, 07 Aug 2013 13:21:30 +0000
Anthony FerraraWed, 07 Aug 2013 13:50:11 +0000
Stas MalyshevWed, 07 Aug 2013 20:30:09 +0000
Yasuo OhgakiThu, 08 Aug 2013 01:20:42 +0000
Hannes MagnussonThu, 08 Aug 2013 04:22:36 +0000
Yasuo OhgakiThu, 08 Aug 2013 04:44:59 +0000
Yasuo OhgakiThu, 22 Aug 2013 11:30:06 +0000Re: crypt() should raise error without 2nd parameter

« previous	php.internals (#68413)	next »

From:	Yasuo Ohgaki	Date:	Thu, 08 Aug 2013 01:20:42 +0000
Subject:	Re: crypt() should raise error without 2nd parameter
References:	1 2	Groups:	php.internals
Request:	Send a blank email to internals+get-68413@lists.php.net to get a copy of this message