$errors = isset($flash['errors']) ? $flash['errors'] : array();
$app->view()->set_template('layouts/basic.php');
$app->render('users/changepassword.php', array('page_title' => $app->view()->tr('pages.changepassword'), 'errors' => $errors));
});
$app->post('/users/:id/changepassword', $require_ssl, $authenticate, function ($id) use($app, $db) {
if ($id != $_SESSION['user_id']) {
$app->notFound();
}
include BASE_URI . DS . 'routes' . DS . 'validators' . DS . 'changepassword.php';
$data = $app->request()->post();
$errors = validate($data);
if ($errors) {
$app->flash('errors', $errors);
$app->redirect($app->view()->url_secure('/users/' . $id . '/changepassword'));
}
$user = \Data\UserRepository::get_user_by_password($db, $data['password']);
if ($user) {
if (\Data\UserRepository::update_password($db, $data['new_password'], $_SESSION['user_id'])) {
$app->flash('info', $app->view()->tr('session.change.success'));
$app->redirect($app->view()->url('/users/' . $id));
} else {
$app->error(new \Exception($app->view()->tr('session.change.system.error')));
}
} else {
$app->flash('error', $app->view()->tr('session.change.password.error'));
$app->redirect($app->view()->url_secure('/session/' . $id . '/changepassword'));
}
});
$app->get('/users/:id/account', $require_ssl, $authenticate, function ($id) use($app, $db) {
if ($id != $_SESSION['user_id']) {
$app->notFound();
