the hash_file() function still supports md5 and sha1 so people that need it
should then migrate to hash_file('md5', ...) or hash_file('sha1', ...)
instead. That was the idea
On Mon, Feb 10, 2020 at 10:52 PM j adams <email@example.com> wrote:
> I disagree. While MD5 and SHA1 might not be suitable for modern
> cryptographic operations, these functions might be needed for legacy
> situations -- e.g., munging through old data.
> On Mon, Feb 10, 2020 at 1:50 PM Tom Van Looy via internals <
> firstname.lastname@example.org> wrote:
>> While in some environments the use of MD5 and SHA1 are still acceptable
>> some use cases like file integrity verification etc. the use of these
>> algorithms should be discouraged and not be your choice when developing
>> I suggest to deprecated the functions md5_file() and sha1_file(). This
>> make people think about upgrading to a better alternative. If you still
>> need this functionality you can always switch to the hash_file() function.
>> Carrying around these two dedicated functions seems a bit too much for a
>> modern PHP. What do you think?
>> My feeling was that this is a no brainer. Should I open an RFC for this?
>> Kind regards,
>> Tom Van Looy
February 11, 2020 06:email@example.com (Stanislav Malyshev)
> the hash_file() function still supports md5 and sha1 so people that need it
> should then migrate to hash_file('md5', ...) or hash_file('sha1', ...)
> instead. That was the idea
This means spending time and effort to cause extra work to people that
already have working code with existing PHP and don't need our "help". I
don't think we should be doing that.