As @"Ecks" and others have mentioned, salting is imperative in hashing passwords (and Computerphile is great). Without salts, you'll have a repeat of the Adobe incident if your database is compromised. They didn't salt their hashes (so identical passwords had identical hashes) and stored password hints, so it was essentially a giant crossword puzzle for the hackers.
Additionally,
DO NOT USE MD5 or any other algorithm with a documented, applied (i.e. not theoretical) attack. I don't care that MD5 is faster or takes up less space (which is pretty much negligible anyway); if you don't want to be vulnerable to proven attacks, don't use it. See the following links for explanations/data.
[To see links please register here]
[To see links please register here]
The following code should serve as a viable hashing process. See
[To see links please register here]
for a list of algorithms.
Hidden Content
You must
[To see links please register here]
or
[To see links please register here]
to view this content.
Use the "hash" and "salt" keys to access their respective values in the array returned from hash_passwd().
Finally, use
[To see links please register here]
to mitigate timing attacks when comparing hashes.
Edit: @"Pikami": SHA-256 and SHA-512 are viable for cryptographic use but you're correct in respect to SHA-1, which has been documented as cracked several times.