From 8b71f964dad4ea2e5af5bf6c8cbcd1ea9be1acd1 Mon Sep 17 00:00:00 2001
From: DNx5 <dani.narianto@gmail.com>
Date: Thu, 24 Sep 2015 18:30:24 +0700
Subject: [PATCH] fix changepassword issue. #190 #218

---
 .../commands/ChangePasswordCommand.java       |  2 +-
 .../xephi/authme/task/ChangePasswordTask.java | 20 +++++++++++--------
 2 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/src/main/java/fr/xephi/authme/commands/ChangePasswordCommand.java b/src/main/java/fr/xephi/authme/commands/ChangePasswordCommand.java
index 6d3c1f2f7..54626d77d 100644
--- a/src/main/java/fr/xephi/authme/commands/ChangePasswordCommand.java
+++ b/src/main/java/fr/xephi/authme/commands/ChangePasswordCommand.java
@@ -62,7 +62,7 @@ public class ChangePasswordCommand implements CommandExecutor {
                 return true;
             }
         }
-        plugin.getServer().getScheduler().runTaskAsynchronously(plugin, new ChangePasswordTask(plugin, player, args[0]));
+        plugin.getServer().getScheduler().runTaskAsynchronously(plugin, new ChangePasswordTask(plugin, player, args[0], args[1]));
         return true;
     }
 }
diff --git a/src/main/java/fr/xephi/authme/task/ChangePasswordTask.java b/src/main/java/fr/xephi/authme/task/ChangePasswordTask.java
index c9cb72d66..2cf21d19b 100644
--- a/src/main/java/fr/xephi/authme/task/ChangePasswordTask.java
+++ b/src/main/java/fr/xephi/authme/task/ChangePasswordTask.java
@@ -15,12 +15,14 @@ public class ChangePasswordTask implements Runnable {
 
     private final AuthMe plugin;
     private final Player player;
-    private String password;
+    private final String oldPassword;
+    private final String newPassword;
 
-    public ChangePasswordTask(AuthMe plugin, Player player, String password) {
+    public ChangePasswordTask(AuthMe plugin, Player player, String oldPassword, String newPassword) {
         this.plugin = plugin;
         this.player = player;
-        this.password = password;
+        this.oldPassword = oldPassword;
+        this.newPassword = newPassword;
     }
 
     @Override
@@ -28,13 +30,15 @@ public class ChangePasswordTask implements Runnable {
         Messages m = Messages.getInstance();
         try {
             String name = player.getName().toLowerCase();
-            String hashnew = PasswordSecurity.getHash(Settings.getPasswordHash, password, name);
-            if (PasswordSecurity.comparePasswordWithHash(password, PlayerCache.getInstance().getAuth(name).getHash(), player.getName())) {
-                PlayerAuth auth = PlayerCache.getInstance().getAuth(name);
+            String hashnew = PasswordSecurity.getHash(Settings.getPasswordHash, newPassword, name);
+            PlayerAuth auth = PlayerCache.getInstance().getAuth(name);
+            if (PasswordSecurity.comparePasswordWithHash(oldPassword, auth.getHash(), player.getName())) {
                 auth.setHash(hashnew);
-                if (PasswordSecurity.userSalt.containsKey(name) && PasswordSecurity.userSalt.get(name) != null)
+                if (PasswordSecurity.userSalt.containsKey(name) && PasswordSecurity.userSalt.get(name) != null) {
                     auth.setSalt(PasswordSecurity.userSalt.get(name));
-                else auth.setSalt("");
+                } else {
+                    auth.setSalt("");
+                }
                 if (!plugin.database.updatePassword(auth)) {
                     m.send(player, "error");
                     return;