1--TEST-- 2Test that the password parameter is marked sensitive. 3--FILE-- 4<?php 5try { 6 var_dump(password_hash("foo")); 7} catch (\Throwable $e) { 8 echo $e, PHP_EOL; 9} 10try { 11 var_dump(password_hash("foo", "Invalid")); 12} catch (\Throwable $e) { 13 echo $e, PHP_EOL; 14} 15?> 16--EXPECTF-- 17ArgumentCountError: password_hash() expects at least 2 arguments, 1 given in %spassword_hash_sensitive_parameter.php:3 18Stack trace: 19#0 %spassword_hash_sensitive_parameter.php(3): password_hash(Object(SensitiveParameterValue)) 20#1 {main} 21ValueError: password_hash(): Argument #2 ($algo) must be a valid password hashing algorithm in%spassword_hash_sensitive_parameter.php:8 22Stack trace: 23#0 %spassword_hash_sensitive_parameter.php(8): password_hash(Object(SensitiveParameterValue), 'Invalid') 24#1 {main} 25
