ReturnTypeExtension for wp_hash_password()

The return value of [`wp_hash_password()`](https://developer.wordpress.org/reference/functions/wp_hash_password/) is determined by one of the following:

- `\PasswordHash::HashPassword()` – always returns a `non-falsy-string`.
- `password_hash()` – returns a `non-falsy-string` for valid algorithms. For invalid algorithms, it gives a warning and returns `null` on PHP 7 and throws a `ValueError` on PHP 8.
- `base64_encode(hash_hmac())` – returns a `non-falsy-string` for valid algorithms. For invalid algorithms, it gives a warning and returns an empty string (`''`) on PHP 7 and throws a `ValueError` on PHP 8.
- `'*'`.

The applied algorithm is filterable and **not validated**. Consequently, the overall return type is `string|null` on PHP 7 and `non-falsy-string` on PHP 8.

Leaving this here for future reference, or in case somebody wishes to take it up.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

ReturnTypeExtension for wp_hash_password() #292

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Uh oh!

ReturnTypeExtension for wp_hash_password() #292

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions