function checkFieldsCorrect($post)
{
if (empty($post['current_password']) || empty($post['new_password']) || empty($post['confirm_password'])) {
$this->errorMessage = "Please fill all fields.";
return false;
} elseif (!PasswordUtils::checkMatchingPasswords($post['new_password'], $post['confirm_password'])) {
$this->errorMessage = "Passwords don't match.";
return false;
} else {
return true;
}
}
header("Location: ../index.php");
die("Redirecting to index.php");
} else {
if (!empty($_POST) && $changer->checkFieldsCorrect($_POST)) {
$query = "\n SELECT *\n FROM users\n WHERE\n email = :email\n ";
$query_params = array(':email' => $user['email']);
try {
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
} catch (PDOException $ex) {
die("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if ($row) {
$check_password = PasswordUtils::hashPassword($_POST['current_password'], $row['salt']);
if (PasswordUtils::checkMatchingPasswords($check_password, $row['password'])) {
$changer->errorMessage = PasswordUtils::testPassword($_POST['new_password']);
if (empty($changer->errorMessage)) {
$changer->makePasswordChange($db, $_POST['new_password'], $row['salt'], $row['id']);
$changer->success = "Password changed successfully.";
}
} else {
$changer->errorMessage = "Incorrect password.";
}
}
}
}
?>
<!doctype html>
<html lang="en">
function test_confirmPasswordsFalse()
{
$result = PasswordUtils::checkMatchingPasswords("test", "fail");
$this->assertFalse($result);
}
