function _password_submit()
{
$this->_import_login();
$userdb = $this->get_userdb();
$user = init_user_from_post_data();
$user = $userdb->get_user_from_name($user->get_name());
$current = $this->_get_current_or_confirming_user();
$controller = new LoginController($this->api);
if ($user->is_anonymous()) {
die('Invalid user');
} elseif ($user->get_id() != $current->get_id()) {
$this->_assert_may('administer');
}
// Make sure that the passwords match.
if ($_POST['password'] !== $_POST['password2']) {
$controller->add_hint(new \hint\Error(_('Error: Passwords do not match.')));
return $controller->show_password_change($user);
}
// Make sure that the password is valid.
$err = $user->set_password($_POST['password']);
if ($err) {
$controller->add_hint(new \hint\Error($err));
return $controller->show_password_change($user);
}
// Save the password.
$user->set_status(USER_STATUS_ACTIVE);
if (!$userdb->save_user($user)) {
$controller->add_hint(new \hint\Error(_('Failed to save the user.')));
return $controller->show_password_change($user);
}
// Done.
$controller->show_password_changed($user);
}
