public static function post()
{
if (isset($_POST['save'])) {
$page = new Page();
$page->data['title'] = 'Wachtwoord wijzigen';
$errMsgs = ChangePasswordViewValidator::validate($_POST);
if (empty($errMsgs)) {
try {
$passwordSalt = UserDB::getPasswordSaltByUserId($_SESSION['Stippers']['user']->userId);
$oldPasswordHash = hash_pbkdf2('sha256', $_POST['old_password'], $passwordSalt, SecurityConfig::N_PASSWORD_HASH_ITERATIONS);
//If the old password is incorrect, show an error
if ($_SESSION['Stippers']['ChangePassword']['user']->passwordHash != $oldPasswordHash) {
ChangePasswordController::buildChangePasswordView($page);
$page->data['ChangePasswordView']['errMsgs']['global'] = '<h2 class="error_message" id="change_password_form_error_message">Het oude wachtwoord is fout.</h2>';
} else {
$newPasswordHash = hash_pbkdf2('sha256', $_POST['new_password'], $passwordSalt, SecurityConfig::N_PASSWORD_HASH_ITERATIONS);
UserDB::updatePassword($_SESSION['Stippers']['ChangePassword']['user'], $newPasswordHash);
$_SESSION['Stippers']['user']->passwordHash = $newPasswordHash;
//Show success view
$page->data['SuccessMessageNoDescriptionWithLinkView']['successTitle'] = 'Wachtwoord succesvol gewijzigd';
$page->data['SuccessMessageNoDescriptionWithLinkView']['redirectUrl'] = 'profile';
$page->addView('success/SuccessMessageNoDescriptionWithLinkView');
}
} catch (UserDBException $ex) {
//Show correct error message for errors
if ($ex->getCode() == UserDBException::USEROUTOFDATE) {
$page->data['ErrorMessageWithDescriptionWithLinkView']['errorTitle'] = 'Wachtwoord niet gewijzigd';
$page->data['ErrorMessageWithDescriptionWithLinkView']['errorDescription'] = 'Iemand anders heeft je gegevens in tussentijd al gewijzigd.';
$page->data['ErrorMessageWithDescriptionWithLinkView']['tryAgainUrl'] = $_SERVER['REQUEST_URI'];
$page->addView('error/ErrorMessageWithDescriptionWithLinkView');
} else {
ChangePasswordController::buildChangePasswordView($page);
$page->data['ChangePasswordView']['errMsgs']['global'] = '<h2 class="error_message" id="change_password_form_error_message">Kan wachtwoord niet wijzigen, probeer het opnieuw.</h2>';
}
} catch (Exception $ex) {
ChangePasswordController::buildChangePasswordView($page);
$page->data['ChangePasswordView']['errMsgs']['global'] = '<h2 class="error_message" id="change_password_form_error_message">Kan wachtwoord niet wijzigen, probeer het opnieuw.</h2>';
}
} else {
//If we had an error we show the page again with errors
ChangePasswordController::buildChangePasswordView($page);
$page->data['ChangePasswordView']['errMsgs'] = array_merge($page->data['ChangePasswordView']['errMsgs'], $errMsgs);
}
$page->showWithMenu();
} else {
ChangePasswordController::get();
}
}
public static function post()
{
//Show the same page when posting
ChangePasswordController::get();
}
public static function post()
{
ChangePasswordController::get();
}
