I searched and this appears to be an untouch issue.
This html form is being converted to CouchCMS, so it comes to do the 'old password' check.
Should I employ some php to do it? Like following form auth.php
Or maybe it's best to completely ditch the old password field? I feel like it's okay to confirm that logged in user is indeed the one who wishes to establish a new password.
This html form is being converted to CouchCMS, so it comes to do the 'old password' check.
Should I employ some php to do it? Like following form auth.php
- Code: Select all
$check = $this->hasher->CheckPassword( $pwd, $user->password );
Or maybe it's best to completely ditch the old password field? I feel like it's okay to confirm that logged in user is indeed the one who wishes to establish a new password.