$password = $_POST["password"]; $oldPassword = isset($_POST["oldpassword"]) ? $_POST["oldpassword"] : ''; $userstatus = null; if (OC_Group::inGroup(OC_User::getUser(), 'admin')) { $userstatus = 'admin'; } if (OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) { $userstatus = 'subadmin'; } if (OC_User::getUser() === $username) { if (OC_User::checkPassword($username, $oldPassword)) { $userstatus = 'user'; } else { if (!OC_Util::isUserVerified()) { $userstatus = null; } } } if (is_null($userstatus)) { OC_JSON::error(array("data" => array("message" => "Authentication error"))); exit; } if ($userstatus === 'admin' || $userstatus === 'subadmin') { OC_JSON::verifyUser(); } // Return Success story if (OC_User::setPassword($username, $password)) { OC_JSON::success(array("data" => array("username" => $username))); } else { OC_JSON::error(array("data" => array("message" => "Unable to change password"))); }