public function changePassword($current_password, $new_password) { global $sessionManager; $USER_ID = $sessionManager->getUserId(); // if the supplied password ($current_password) is correct if (hash(AuthManager::getHashingAlgorithm(), $current_password . AuthManager::getSalt()) == AuthManager::getPasswordHash()) { $hashing = AuthManager::createNewHash($password); $new_salt = $hashing['salt']; $new_hash_algorithm = $hashing['hash_algorithm']; $new_hash = $hashing['hash']; $new_salt_database = $hashing['salt_database']; $sql = <<<EOD \tUPDATE \t\t`sarah`.`users` \tSET \t\t`password` = '{$new_hash}', \t\t`salt` = '{$new_salt_database}', \t\t`hash_algorithm` = '{$new_hash_algorithm}' \tWHERE \t\t`USER_ID`='{$USER_ID}' EOD; return mysql_query($sql) or die(mysql_error()); } return NULL; }