3 files changed, 57 insertions, 35 deletions
diff --git a/classes/auth_internal.php b/classes/auth_internal.php
index b4c473f21..eb376568d 100644
--- a/classes/auth_internal.php
+++ b/classes/auth_internal.php
@@ -71,5 +71,47 @@ class Auth_Internal extends Auth_Base {
 
 		return false;
 	}
+
+	function change_password($owner_uid, $old_password, $new_password) {
+		$owner_uid = db_escape_string($owner_uid);
+
+		$result = db_query($this->link, "SELECT salt FROM ttrss_users WHERE
+			id = '$owner_uid'");
+
+		$salt = db_fetch_result($result, 0, "salt");
+
+		if (!$salt) {
+			$old_password_hash1 = encrypt_password($old_password);
+			$old_password_hash2 = encrypt_password($old_password, $_SESSION["name"]);
+
+			$query = "SELECT id FROM ttrss_users WHERE
+				id = '$owner_uid' AND (pwd_hash = '$old_password_hash1' OR
+				pwd_hash = '$old_password_hash2')";
+
+		} else {
+			$old_password_hash = encrypt_password($old_password, $salt, true);
+
+			$query = "SELECT id FROM ttrss_users WHERE
+				id = '$owner_uid' AND pwd_hash = '$old_password_hash'";
+		}
+
+		$result = db_query($this->link, $query);
+
+		if (db_num_rows($result) == 1) {
+
+			$new_salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
+			$new_password_hash = encrypt_password($new_password, $new_salt, true);
+
+			db_query($this->link, "UPDATE ttrss_users SET
+				pwd_hash = '$new_password_hash', salt = '$new_salt'
+					WHERE id = '$owner_uid'");
+
+			$_SESSION["pwd_hash"] = $new_password_hash;
+
+			return __("Password has been changed.");
+		} else {
+			return "ERROR: ".__('Old password is incorrect.');
+		}
+	}
 }
 ?>
diff --git a/classes/pref_prefs.php b/classes/pref_prefs.php
index 5339095ba..60d241103 100644
--- a/classes/pref_prefs.php
+++ b/classes/pref_prefs.php
@@ -28,42 +28,13 @@ class Pref_Prefs extends Protected_Handler {
 			return;
 		}
 
-		$result = db_query($this->link, "SELECT salt FROM ttrss_users WHERE
-			id = " . $_SESSION['uid']);
-
-		$salt = db_fetch_result($result, 0, "salt");
-
-		if (!$salt) {
-			$old_pw_hash1 = encrypt_password($old_pw);
-			$old_pw_hash2 = encrypt_password($old_pw, $_SESSION["name"]);
-
-			$query = "SELECT id FROM ttrss_users WHERE
-				id = ".$_SESSION['uid']." AND (pwd_hash = '$old_pw_hash1' OR
-				pwd_hash = '$old_pw_hash2')";
+		$module_class = "auth_" . $_SESSION["auth_module"];
+		$authenticator = new $module_class($this->link);
 
+		if (method_exists($authenticator, "change_password")) {
+			print $authenticator->change_password($_SESSION["uid"], $old_pw, $new_pw);
 		} else {
-			$old_pw_hash = encrypt_password($old_pw, $salt, true);
-
-			$query = "SELECT id FROM ttrss_users WHERE
-				id = ".$_SESSION['uid']." AND pwd_hash = '$old_pw_hash'";
-		}
-
-		$result = db_query($this->link, $query);
-
-		if (db_num_rows($result) == 1) {
-
-			$new_salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
-			$new_pw_hash = encrypt_password($new_pw, $new_salt, true);
-
-			db_query($this->link, "UPDATE ttrss_users SET
-				pwd_hash = '$new_pw_hash', salt = '$new_salt'
-					WHERE id = ".$_SESSION['uid']);
-
-			$_SESSION["pwd_hash"] = $new_pw_hash;
-
-			print __("Password has been changed.");
-		} else {
-			print "ERROR: ".__('Old password is incorrect.');
+			print "ERROR: ".__("Function not supported by authentication module.");
 		}
 	}
 
@@ -214,7 +185,14 @@ class Pref_Prefs extends Protected_Handler {
 
 		print "</form>";
 
-		if (!SINGLE_USER_MODE && $_SESSION["auth_module"] == 'internal') {
+		if  ($_SESSION["auth_module"]) {
+			$module_class = "auth_" . $_SESSION["auth_module"];
+			$authenticator = new $module_class($this->link);
+		} else {
+			$authenticator = false;
+		}
+
+		if ($authenticator && method_exists($authenticator, "change_password")) {
 
 			$result = db_query($this->link, "SELECT id FROM ttrss_users
 				WHERE id = ".$_SESSION["uid"]." AND pwd_hash
diff --git a/include/functions.php b/include/functions.php
index a2e164416..702843c16 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -738,6 +738,8 @@
 			$_SESSION["hide_hello"] = true;
 			$_SESSION["hide_logout"] = true;
 
+			$_SESSION["auth_module"] = false;
+
 			if (!$_SESSION["csrf_token"]) {
 				$_SESSION["csrf_token"] = sha1(uniqid(rand(), true));
 			}