From 3359f3f5c7ecc4b6a34c4fcfc095ab4dd5fab0f1 Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <mrpetovan@gmail.com>
Date: Sun, 3 Dec 2017 08:36:39 -0500
Subject: [PATCH 1/2] Fix formatting in mod/settings

---
 mod/settings.php | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/mod/settings.php b/mod/settings.php
index af514e3a9f..6ac3af285c 100644
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -348,7 +348,6 @@ function settings_post(App $a) {
 			}
 		}
 
-
 		$r = q("UPDATE `user` SET `theme` = '%s' WHERE `uid` = %d",
 				dbesc($theme),
 				intval(local_user())
@@ -370,7 +369,6 @@ function settings_post(App $a) {
 	call_hooks('settings_post', $_POST);
 
 	if (x($_POST, 'password') || x($_POST, 'confirm')) {
-
 		$newpass = $_POST['password'];
 		$confirm = $_POST['confirm'];
 
@@ -385,9 +383,8 @@ function settings_post(App $a) {
 			$err = true;
         }
 
-        //  check if the old password was supplied correctly before
-        //  changing it to the new value
         if (User::authenticate(intval(local_user()), $_POST['opassword'])) {
+        //  check if the old password was supplied correctly before changing it to the new value
             notice(t('Wrong password.') . EOL);
             $err = true;
         }
@@ -398,14 +395,14 @@ function settings_post(App $a) {
 				dbesc($password),
 				intval(local_user())
 			);
-			if ($r)
+			if ($r) {
 				info(t('Password changed.') . EOL);
-			else
+			} else {
 				notice(t('Password update failed. Please try again.') . EOL);
+			}
 		}
 	}
 
-
 	$username         = ((x($_POST, 'username'))   ? notags(trim($_POST['username']))     : '');
 	$email            = ((x($_POST, 'email'))      ? notags(trim($_POST['email']))        : '');
 	$timezone         = ((x($_POST, 'timezone'))   ? notags(trim($_POST['timezone']))     : '');

From 1eb8355ac8321c937ae8e884f857f676ab72e609 Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <mrpetovan@gmail.com>
Date: Sun, 3 Dec 2017 08:37:01 -0500
Subject: [PATCH 2/2] Fix wrong condition

Grmbl
---
 mod/settings.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mod/settings.php b/mod/settings.php
index 6ac3af285c..9af354a9bc 100644
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -383,8 +383,8 @@ function settings_post(App $a) {
 			$err = true;
         }
 
-        if (User::authenticate(intval(local_user()), $_POST['opassword'])) {
         //  check if the old password was supplied correctly before changing it to the new value
+        if (!User::authenticate(intval(local_user()), $_POST['opassword'])) {
             notice(t('Wrong password.') . EOL);
             $err = true;
         }