It was an unintentional BC break.
- Standard:
. Fixed bug #78902 (Memory leak when using stream_filter_append). (liudaixiao)
+ . Fixed bug #78969 (PASSWORD_DEFAULT should match PASSWORD_BCRYPT instead of being null). (kocsismate)
- Zip:
. Add ZipArchive::CM_LZMA2 constant (since libzip 1.6.0). (remi)
. Password hashing algorithm identifiers are now nullable strings rather
than integers.
- * PASSWORD_DEFAULT was int 1; now is null
+ * PASSWORD_DEFAULT was int 1; now is null in PHP <7.4.3 and string '2y' afterwards
* PASSWORD_BCRYPT was int 1; now is string '2y'
* PASSWORD_ARGON2I was int 2; now is string 'argon2i'
* PASSWORD_ARGON2ID was int 3; now is string 'argon2id'
the INI directive opcache.cache_id. All processes with the same cache ID and
user share an OPcache instance.
-- The OpenSSL default config path has been changed to
+- The OpenSSL default config path has been changed to
"C:\Program Files\Common Files\SSL\openssl.cnf" and
"C:\Program Files (x86)\Common Files\SSL\openssl.cnf", respectively.
PHP_MINIT_FUNCTION(password) /* {{{ */
{
zend_hash_init(&php_password_algos, 4, NULL, ZVAL_PTR_DTOR, 1);
- REGISTER_NULL_CONSTANT("PASSWORD_DEFAULT", CONST_CS | CONST_PERSISTENT);
+ REGISTER_STRING_CONSTANT("PASSWORD_DEFAULT", "2y", CONST_CS | CONST_PERSISTENT);
if (FAILURE == php_password_algo_register("2y", &php_password_algo_bcrypt)) {
return FAILURE;
--- /dev/null
+--TEST--
+Test that the value of PASSWORD_DEFAULT matches PASSWORD_BCRYPT
+--FILE--
+<?php
+echo PASSWORD_DEFAULT . "\n";
+echo PASSWORD_BCRYPT . "\n";
+--EXPECT--
+2y
+2y
projects / php / commitdiff