upgrade user password management

- add confirm password option
- remove maxlength
- add dedicated flash messages

1 files changed, 26 insertions, 3 deletions

diff --git a/app/class/Controlleruser.php b/app/class/Controlleruser.php
index 0345434..1e61c1a 100644
--- a/app/class/Controlleruser.php
+++ b/app/class/Controlleruser.php
@@ -40,9 +40,6 @@ class Controlleruser extends Controller
             } catch (RuntimeException $th) {
                 Model::sendflashmessage('There was a problem when updating preference : ' . $th->getMessage(), 'error');
             }
-            if ($_POST['passwordhash']) {
-                $user->hashpassword();
-            }
             $this->usermanager->add($user);
             $this->routedirect('user');
         } else {
@@ -50,6 +47,32 @@ class Controlleruser extends Controller
         }
     }
 
+    public function password()
+    {
+        if ($this->user->iseditor()) {
+            if (
+                !empty($_POST['password1']) &&
+                !empty($_POST['password2']) &&
+                $_POST['password1'] === $_POST['password2']
+            ) {
+                if (
+                    $this->user->setpassword($_POST['password1']) &&
+                    $this->user->hashpassword() &&
+                    $this->usermanager->add($this->user)
+                ) {
+                    Model::sendflashmessage('password updated successfully', 'success');
+                } else {
+                    Model::sendflashmessage("password is not compatible or an error occured", 'error');
+                }
+            } else {
+                Model::sendflashmessage("passwords does not match", "error");
+            }
+            $this->routedirect('user');
+        } else {
+            $this->routedirect('home');
+        }
+    }
+
 
     public function bookmark()
     {