if ($request->handleOptions()) { error_log('Option request. Exit...', 0); exit; } $user = $request->getJSON(); $username = $user->username; $password = $user->password; if (!$request->validate(null, $username)) { error_log('Validation failed. Not authorized!!'); exit; } try { $rs = $db->getUser($username); if ($rs) { if (password_verify($password, $rs['password'])) { $user->iduser = $rs['iduser']; $message = $db->updatePassword($user); } else { $message = "Current password do not match!!!"; } } else { $message = "User not found!!"; } $output = new stdClass(); $output->message = $message; header('Content-type: application/json'); echo json_encode($output); } catch (Exception $e) { error_log($e, 0); header('HTTP/1.0 500 Internal Server Error'); }