1 files changed, 10 insertions, 21 deletions
diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php
index b9b2417ad9a..98c2a8b37a1 100644
--- a/settings/ajax/changepassword.php
+++ b/settings/ajax/changepassword.php
@@ -3,35 +3,24 @@
 // Init owncloud
 require_once('../../lib/base.php');
 
-$l=new OC_L10N('settings');
-
 // We send json data
-header("Content-Type: application/jsonrequest");
+header( "Content-Type: application/jsonrequest" );
 
 // Check if we are a user
-if(!OC_User::isLoggedIn()){
-	echo json_encode(array("status" => "error", "data" => array("message" => $l->t("Authentication error"))));
+if( !OC_User::isLoggedIn() || !OC_Group::inGroup( OC_User::getUser(), 'admin' )){
+	echo json_encode( array( "status" => "error", "data" => array( "message" => "Authentication error" )));
 	exit();
 }
 
-// Get data
-if(!isset($_POST["password"]) && !isset($_POST["oldpassword"])){
-	echo json_encode(array("status" => "error", "data" => array("message" => $l->t("You have to enter the old and the new password!"))));
-	exit();
-}
+$username = $_POST["username"];
+$password = $_POST["password"];
 
-// Check if the old password is correct
-if(!OC_User::checkPassword($_SESSION["user_id"], $_POST["oldpassword"])){
-	echo json_encode(array("status" => "error", "data" => array("message" => $l->t("Your old password is wrong!"))));
-	exit();
+// Return Success story
+if( OC_User::setPassword( $username, $password )){
+	echo json_encode( array( "status" => "success", "data" => array( "username" => $username )));
 }
-
-// Change password
-if(OC_User::setPassword($_SESSION["user_id"], $_POST["password"])){
-	echo json_encode(array("status" => "success", "data" => array("message" => $l->t("Password changed"))));
-	OC_Crypt::changekeypasscode($_POST["password"]);
-}else{
-	echo json_encode(array("status" => "error", "data" => array("message" => $l->t("Unable to change password"))));
+else{
+	echo json_encode( array( "status" => "error", "data" => array( "message" => "Unable to change password" )));
 }
 
 ?>