|
|
@@ -342,7 +342,7 @@ class UsersController extends \lithium\action\Controller {
|
|
|
return $this->redirect('/');
|
|
|
}
|
|
|
|
|
|
- private function changePassword()
|
|
|
+ public function changePassword()
|
|
|
{
|
|
|
//Get the user to verify their current password
|
|
|
$input = $this->request->data;
|
|
|
@@ -351,13 +351,21 @@ class UsersController extends \lithium\action\Controller {
|
|
|
if ($input)
|
|
|
{
|
|
|
//Get the user from auth
|
|
|
- $user = Auth::check('default');
|
|
|
- if(!empty($user) && isset($input['newpass']))
|
|
|
+ $user = Auth::check('default');
|
|
|
+
|
|
|
+ //Ensure that the passwords are the same.
|
|
|
+ if ($input['newpass'] != $input['confirm'])
|
|
|
+ {
|
|
|
+ //return error
|
|
|
+ return $this->redirect('/');
|
|
|
+ }
|
|
|
+ else if(!empty($user) && isset($input['newpass']))
|
|
|
{
|
|
|
//find the user by their ID
|
|
|
$user = User::find($user['_id']);
|
|
|
|
|
|
//Set the newpassword, this triggers the hash function in ->save()
|
|
|
+
|
|
|
$user->newpass = $input['newpass'];
|
|
|
|
|
|
//Save the data
|
|
|
@@ -392,7 +400,7 @@ class UsersController extends \lithium\action\Controller {
|
|
|
//Save the user.
|
|
|
$user->save(null, array('validate' => false));
|
|
|
}
|
|
|
-
|
|
|
+
|
|
|
return compact('user');
|
|
|
}
|
|
|
|
Michael Francis