Don't accept objects for options in password_hash()

This was likely a mixup of zpp modifiers in the original implementation.
Per the RFC only arrays should be accepted here.

Author: nikic

ext/standard/password.c

@@ -614,7 +614,7 @@ PHP_FUNCTION(password_needs_rehash)
 		Z_PARAM_STR(hash)
 		Z_PARAM_ZVAL(znew_algo)
 		Z_PARAM_OPTIONAL
-		Z_PARAM_ARRAY_OR_OBJECT_HT(options)
+		Z_PARAM_ARRAY_HT(options)
 	ZEND_PARSE_PARAMETERS_END();
 
 	new_algo = php_password_algo_find_zval(znew_algo);
@@ -663,7 +663,7 @@ PHP_FUNCTION(password_hash)
 		Z_PARAM_STR(password)
 		Z_PARAM_ZVAL(zalgo)
 		Z_PARAM_OPTIONAL
-		Z_PARAM_ARRAY_OR_OBJECT_HT(options)
+		Z_PARAM_ARRAY_HT(options)
 	ZEND_PARSE_PARAMETERS_END();
 
 	algo = php_password_algo_find_zval(zalgo);

ext/standard/tests/password/password_hash_error.phpt

@@ -12,7 +12,11 @@ try {
 
 var_dump(password_hash("foo", array()));
 
-var_dump(password_hash("foo", 19, new StdClass));
+try {
+    var_dump(password_hash("foo", 19, new StdClass));
+} catch (TypeError $e) {
+    echo $e->getMessage(), "\n";
+}
 
 try {
     var_dump(password_hash("foo", PASSWORD_BCRYPT, "baz"));
@@ -34,8 +38,6 @@ Warning: Array to string conversion in %s on line %d
 
 Warning: password_hash(): Unknown password hashing algorithm: Array in %s on line %d
 NULL
-
-Warning: password_hash(): Unknown password hashing algorithm: 19 in %s on line %d
-NULL
+password_hash() expects parameter 3 to be array, object given
 password_hash() expects parameter 3 to be array, string given
 password_hash() expects parameter 1 to be string, array given