Hi Hannes, On Thu, Aug 8, 2013 at 1:22 PM, Hannes Magnusson <hannes.magnus...@gmail.com > wrote:
> On Wed, Aug 7, 2013 at 6:20 PM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote: > > Hi all, > > > > It seems there are 2 options for master branch when crypt()'s 2nd > parameter > > is omitted. > > > > - raise E_DEPRECIATED that advice use of stronger salt or > password_hash() > > and make 2nd parameter required for future release. > > - make crypt() use stronger default salt/hash w/o error > > > > Since password_hash() is supposed to do better job, first option seems > > better to me. > > > Deprecating it means it will be removed in the future. > > Please leave the function alone. This should be solved with education, > not a gun to peoples head. This would be third option. I agree that good documentation is always good. E_NOTICE might be better as E_DEPRECIATED means obsolete. I'll write RFC for voting later. Please comment so that your comments are in RFC. Regards, -- Yasuo Ohgaki yohg...@ohgaki.net
