[pmwiki-devel] PHP 5.6 crypt() without salt raises E_NOTICE
Petko Yotov
5ko at 5ko.fr
Sat Feb 15 13:58:28 CST 2014
Hello.
There was a known bug in some PHP versions when crypt() is used without a
"salt" parameter, see http://www.pmwiki.org/wiki/PITS/01277 .
This was a bug, but from PHP 5.6 on there will be a "feature", and using
crypt() without a salt will raise E_NOTICE. See http://php.net/crypt .
We are using crypt() without a salt to create hashes from passwords.
Does anyone have a suggestion how to implement a random enough salt
parameter?
Petko
More information about the pmwiki-devel
mailing list