/**
* Saves the user's requested password, optionally checking if their correct current password is given
* @param User $user
* @return bool
*/
public function SavePassword(User $user)
{
$registered = $this->GetSettings()->GetTable('User');
$success = false;
$new_password_hashed = password_hash($user->GetRequestedPassword(), PASSWORD_DEFAULT);
$sql = "UPDATE {$registered} SET " . 'date_changed = ' . gmdate('U') . ', ' . "salt = NULL, " . "password_md5 = NULL, " . 'password_reset_request_date = NULL, ' . "password_reset_token = NULL, " . "password_hash = " . Sql::ProtectString($this->GetDataConnection(), $new_password_hashed) . " " . "WHERE user_id = " . Sql::ProtectNumeric($user->GetId(), false);
$this->Lock(array($registered));
$result = $this->GetDataConnection()->query($sql);
$success = (!$this->GetDataConnection()->isError() and $this->GetDataConnection()->GetAffectedRows() == 1);
$this->Unlock();
return $success;
}
