public function changePasswordAction() { $auth = new \Zend\Authentication\AuthenticationService(); if ($auth->hasIdentity()) { $user = $auth->getIdentity(); } else { return $this->redirect()->toRoute('signin', array('action' => 'index')); } if ($user->role == 'Operator') { return array('error' => 'You don\'t have permission to do this action'); } $id = (int) $this->params()->fromRoute('id', 0); try { $userEdit = $this->getUserTable()->getUser($id); } catch (\Exception $ex) { return $this->redirect()->toRoute('user', array('action' => 'index')); } if ($userEdit->role == 'System Admin' && $user->userId != $userEdit->userId) { return array('error' => 'You don\'t have permission to do this action'); } $item = new ChangePasswordModel(); $form = new ChangePasswordForm(); $request = $this->getRequest(); if ($request->isPost()) { $form->setInputFilter($item->getInputFilter()); $form->setData($request->getPost()); if ($form->isValid()) { $item->userId = $userEdit->userId; $item->oldPassword = $form->get('oldPassword')->getValue(); $item->newPassword = $form->get('newPassword')->getValue(); $item->confirmNewPassword = $form->get('confirmNewPassword')->getValue(); // try { $error = $this->getUserTable()->changePasswordForUser($item); // } catch (Exception $exc) { // $error=$exc; // } if (!$error) { return $this->redirect()->toRoute('user', array('action' => 'edit', 'id' => $id)); } } } return array('id' => $id, 'form' => $form, 'error' => $error); }