> While in some environments the use of MD5 and SHA1 are still acceptable for
> some use cases like file integrity verification etc. the use of these
> algorithms should be discouraged and not be your choice when developing new
> I suggest to deprecated the functions md5_file() and sha1_file(). This will
> make people think about upgrading to a better alternative. If you still
> need this functionality you can always switch to the hash_file() function.
> Carrying around these two dedicated functions seems a bit too much for a
> modern PHP. What do you think?
> My feeling was that this is a no brainer. Should I open an RFC for this?
> Kind regards,
> Tom Van Looy