$new_pass_try = $_POST['txt_new_pass_retry'];
$correct_user = Employer::authenticate($username, $old_pass);
/* check old password**/
if (!$correct_user) {
$error[] = format_lang('errormsg', 44);
}
/**new password*/
if (strlen($new_pass) != strlen($new_pass_try)) {
$error[] = format_lang('errormsg', 45);
}
if (strlen($new_pass) < 6 || strlen($new_pass) > 20) {
$error[] = format_lang('errormsg', 46);
}
if (sizeof($error) == 0) {
//if everything ok
$pass_change = Employer::change_password($username, $new_pass);
if ($pass_change) {
$session->message("<div class='success'>" . format_lang('success', 'pass_chg_success') . "</div>");
destroy_my_session();
redirect_to(BASE_URL . "employer/account/change_password/");
} else {
$session->message("<div class='error'>" . format_lang('errormsg', 47) . "</div>");
}
} else {
$message = "<div class='error'> \r\n\t\t\t\t\t" . format_lang('following_errors') . "\r\n\t\t\t\t<ul> <li />";
$message .= join(" <li /> ", $error);
$message .= " </ul> \r\n\t\t\t\t\t </div>";
$session->message($message);
}
}
$html_title = SITE_NAME . " - " . format_lang('page_title', 'change_password');
