|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2019-06-25 16:21 UTC] daverandom@php.net
-Status: Open
+Status: Verified
[2019-06-25 16:21 UTC] daverandom@php.net
[2019-06-25 16:21 UTC] requinix@php.net
-Status: Verified
+Status: Open
-Assigned To:
+Assigned To: pollita
[2019-06-25 16:21 UTC] requinix@php.net
[2019-06-25 17:41 UTC] thomas dot gerbet at enalean dot com
[2019-06-25 18:15 UTC] pollita@php.net
[2019-06-27 23:28 UTC] pollita@php.net
[2019-06-27 23:28 UTC] pollita@php.net
-Status: Assigned
+Status: Closed
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Thu Nov 21 09:01:32 2024 UTC |
Description: ------------ password hashed using crypt() with a different algorithm than the one chosen for password_needs_rehash() are not considered as needing to be rehashed. This behaviour is different than the one of PHP 7.1 to PHP 7.3. Test script: --------------- <?php var_dump(password_needs_rehash(crypt('Example', '$1$'), PASSWORD_DEFAULT)); // CRYPT_MD5 var_dump(password_needs_rehash(crypt('Example', '$6$rounds=5000$aa$'), PASSWORD_DEFAULT)); // CRYPT_SHA512 with 5000 rounds Expected result: ---------------- bool(true) bool(true) Actual result: -------------- bool(false) bool(false)