#201989 by celeretaudax

Theme:

edit.html.erb

  <% form_tag url_for(:action => "update") do %>
     Old Password

     <%= password_field_tag 'old_password', @old_password, :size => 45 %>
    
     New Password

     <%= password_field_tag 'password', {}, :size => 45 %>

     Between 4 and 40 characters
    
     Confirm new password

     <%= password_field_tag 'password_confirmation', {}, :size => 45 %>
    
     <%= submit_tag 'Change password' %>
    
  <% end %>

accounts_controller.rb

def edit
   end

   # Change password action  
   def update
   return unless request.post?
     if User.authenticate(current_user.login, params[:old_password])
       if ((params[:password] == params[:password_confirmation]) && !params[:password_confirmation].blank?)
         current_user.password_confirmation = params[:password_confirmation]
         current_user.password = params[:password]        
     if current_user.save
           flash[:notice] = "Password successfully updated."
           redirect_to root_path #profile_url(current_user.login)
         else
           flash[:error] = "An error occured, your password was not changed."
           render :action => 'edit'
         end
       else
         flash[:error] = "New password does not match the password confirmation."
         @old_password = params[:old_password]
         render :action => 'edit'      
       end
     else
       flash[:error] = "Your old password is incorrect."
       render :action => 'edit'
     end 
   end

routes.rb

  map.change_password '/change_password', :controller => 'accounts', :action => 'edit'

menu link in layout

           <%= link_to 'Change Password', change_password_path %>