function change_password($owner_uid, $old_password, $new_password) {
$owner_uid = db_escape_string($owner_uid);
- $result = db_query($this->link, "SELECT salt FROM ttrss_users WHERE
+ $result = db_query($this->link, "SELECT salt,login FROM ttrss_users WHERE
id = '$owner_uid'");
$salt = db_fetch_result($result, 0, "salt");
+ $login = db_fetch_result($result, 0, "login");
if (!$salt) {
$old_password_hash1 = encrypt_password($old_password);
- $old_password_hash2 = encrypt_password($old_password, $_SESSION["name"]);
+ $old_password_hash2 = encrypt_password($old_password, $login);
$query = "SELECT id FROM ttrss_users WHERE
id = '$owner_uid' AND (pwd_hash = '$old_password_hash1' OR