ACP Password Change Bug

[Hwona]

Hello! I might be the only one, but has anyone else noticed that if you try and change a user's password via the acp, the user later can't log in with the new or the old password? I'm experimenting with v.1.3.3, but when I checked the v.1.3.4 list of fixed bugs, this wasn't mentioned. Does anyone else have this issue or know how to fix it?

PHP Code:

<?php

class ACPUserController extends AppController{

    const PARAM = "uid";
    private $view;
    private $subController;
    
    public function __construct(){
        parent::__construct();
        $mysidia = Registry::get("mysidia");
        if($mysidia->usergroup->getpermission("canmanageusers") != "yes"){
            throw new NoPermissionException("You do not have permission to manage users.");
        }    
    }
    
    public function index(){
        parent::index();
        $mysidia = Registry::get("mysidia");
        $document = $mysidia->frame->getDocument();        
        $stmt = $mysidia->db->select("users", array());        
        $fields = array("uid", "username", "email", "ip", "usergroup", "uid::edit", "uid::delete");
        
        $userTable = new TableBuilder("user");
        $userTable->setAlign(new Align("center", "middle"));
        $userTable->buildHeaders("uid", "Username", "Email", "IP", "Usergroup", "Edit", "Delete");
        $userTable->setHelper(new UserTableHelper);
        $userTable->setMethod($fields[1], "getProfileLink");
        $userTable->setMethod($fields[5], "getEditLink");
        $userTable->setMethod($fields[6], "getDeleteLink");
        $userTable->buildTable($stmt, $fields);
        $document->add($userTable);    
    }
    
    public function add(){
        throw new InvalidActionException($mysidia->lang->global_action);
    }
    
    public function edit(){
        $mysidia = Registry::get("mysidia");
        $document = $mysidia->frame->getDocument();
        if(!$mysidia->input->get("uid")){
            $this->index();
            return;
        }
        $user = new Member($mysidia->input->get("uid"));        
        
        if($mysidia->input->post("submit")){
            // A form has been submitted, we will be processing the request.
            if($mysidia->input->post("pass1")){
                $newsalt = codegen(15, 0); 
                $password = passencr($username, $pass1, $newsalt);
                $mysidia->db->update("users", array("password" => $password), "uid='{$mysidia->input->get("uid")}'");
                if($mysidia->input->post("emailpwchange") == "yes"){
                    //SEND THE PASSWORD CHANGE EMAIL...    
                    $systememail = $mysidia->settings->systememail;
                    $headers = "From: {$systememail}";
                    $message = "Hello {$user->username};\n\nYour password at {$mysidia->settings->sitename} has been changed by the site admin. Your new account details are as follows:\n
                                Username: {$user->username}\nPassword: {$mysidia->input->post("pass1")}\n
                                You can log in to your account at: {$mysidia->path->getAbsolute()}login\n
                                Thank You. The {$mysidia->settings->sitename} team.";
                    mail($mysidia->input->post("email"), "{$mysidia->settings->sitename} - Your password has been changed", $message, $headers);                    
                }
            }
                
            $mysidia->db->update("users", array("email" => $mysidia->input->post("email")), "uid='{$mysidia->input->get("uid")}'");
            if(is_numeric($mysidia->input->post("level"))) $mysidia->db->update("users", array("usergroup" => $mysidia->input->post("level")), "uid='{$mysidia->input->get("uid")}'");
            
            //Carry out user banning options
            if($mysidia->input->post("canlevel") == "no") $mysidia->db->update("users_status", array("canlevel" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("canvm") == "no") $mysidia->db->update("users_status", array("canvm" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("canfriend") == "no") $mysidia->db->update("users_status", array("canfriend" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("cantrade") == "no") $mysidia->db->update("users_status", array("cantrade" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("canbreed") == "no") $mysidia->db->update("users_status", array("canbreed" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("canpound") == "no") $mysidia->db->update("users_status", array("canpound" => 'no'), "uid='{$mysidia->input->get("uid")}'");  
            if($mysidia->input->post("canshop") == "no") $mysidia->db->update("users_status", array("canshop" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("unban") == "yes") unbanuser($user->username);
          
            $document->setTitle($mysidia->lang->edited_title);
            $document->addLangvar($mysidia->lang->edited);
        }
        else{
            // Show default form action
            $userForm = new FormBuilder("editform", $mysidia->input->get("uid"), "post");
            $userForm->add(new Comment("<br><br>"));
            $userForm->add(new Image("templates/icons/delete.gif"));
            $userForm->buildCheckBox(" Delete This User. <strong>This cannot be undone!</strong>", "delete", "yes")
                     ->buildComment("Assign New Password: ", FALSE)->buildPasswordField("password", "pass1", "", TRUE)
                     ->buildComment("Passwords may contain letters and numbers only. Leave the box blank to keep the current password.")
                     ->buildCheckBox(" Email the user the new password (Only takes effect if setting a new password) ", "emailpwchange", "yes")
                     ->buildComment("Change Email Address: ", FALSE)->buildTextField("email", $user->getemail())
                     ->buildCheckBox(" Ban this user's rights to click adoptables", "canlevel", "no")
                     ->buildCheckBox(" Ban this user's rights to post profile comments", "canvm", "no")
                     ->buildCheckBox(" Ban this user's rights to make trade offers", "cantrade", "no")
                     ->buildCheckBox(" Ban this user's rights to send friend requests", "canfriend", "no")
                     ->buildCheckBox(" Ban this user's rights to breed adoptables", "canbreed", "no")
                     ->buildCheckBox(" Ban this user's rights to abandon adoptables", "canpound", "no")
                     ->buildCheckBox(" Ban this user's rights to visit Shops", "canshop", "no");
                     
            $userForm->add(new Comment("<u>{$user->username}'s Current Usergroup:</u> Group {$user->usergroup}"));    
            $userForm->add(new Comment("Change {$user->username}'s Usergroup To:", FALSE));
            $userForm->buildDropdownList("level", "UsergroupList", $user->usergroup->gid)                    
                     ->buildButton("Edit User", "submit", "submit");
            $document->add($userForm);
        }
    }
    
    public function delete(){
         $mysidia = Registry::get("mysidia");
        $document = $mysidia->frame->getDocument();
        if(!$mysidia->input->get("uid")){
            $this->index();
            return;
        }

        $user = new Member($mysidia->input->get("uid"));
        deleteuser($user->username);
        $document->setTitle($mysidia->lang->delete_title);
        $document->addLangvar($mysidia->lang->delete);
        header("Refresh:3; URL='../../index'");
    }
    
    public function merge(){
        $mysidia = Registry::get("mysidia");
        throw new InvalidActionException($mysidia->lang->global_action);
    }
    
    public function search(){
        $mysidia = Registry::get("mysidia");
        throw new InvalidActionException($mysidia->lang->global_action);
    }
}

?>