if (!APIHelpers::issetParam('old_password')) { APIHelpers::showerror(1016, 'Not found parameter "old_password"'); } if (!APIHelpers::issetParam('new_password')) { APIHelpers::showerror(1017, 'Not found parameter "new_password"'); } if (!APIHelpers::issetParam('new_password_confirm')) { APIHelpers::showerror(1018, 'Not found parameter "new_password_confirm"'); } $old_password = APIHelpers::getParam('old_password', ''); $new_password = APIHelpers::getParam('new_password', ''); $new_password_confirm = APIHelpers::getParam('new_password_confirm', ''); if (strlen($new_password) <= 3) { APIHelpers::showerror(1015, '"New password" must be more then 3 characters'); } $email = APISecurity::email(); $userid = APISecurity::userid(); if (md5($new_password) != md5($new_password_confirm)) { APIHelpers::showerror(1014, 'New password and New password confirm are not equals'); } // temporary double passwords $hash_old_password = APISecurity::generatePassword2($email, $old_password); $hash_new_password = APISecurity::generatePassword2($email, $new_password); /*$result['data']['password'] = $password; $result['data']['email'] = $email; $result['data']['userid'] = $userid;*/ // check old password try { $query = 'SELECT id FROM users WHERE id = ? AND email = ? AND pass = ?'; $stmt = $conn->prepare($query); $stmt->execute(array($userid, $email, $hash_old_password));