It provides a future proof interface to stronger password hashes than plain MD5.
Unfortunately it's a rather new feature (PHP 5.5), so use MD5 as a fallback.
(A future change might import the password_hash polyfill that works with >= 5.3.7)
The change also avoids a possible lock-out bug in case passwords were entered with
leading or trailing spaces by handling password hashing the same everywhere.
It provides a future proof interface to stronger password hashes than plain MD5. Unfortunately it's a rather new feature (PHP 5.5), so use MD5 as a fallback. (A future change might import the password_hash polyfill that works with >= 5.3.7)
The change also avoids a possible lock-out bug in case passwords were entered with leading or trailing spaces by handling password hashing the same everywhere.