Merge pull request #663 from M4ttoF/643

#643

Author: joshi1983

app/app/Http/Controllers/ChangePasswordController.php

@@ -44,6 +44,8 @@ public function post(Request $request)
             }
             if ($failing) {
                 return Redirect::to('/user/change-password')->withErrors($validator)->withInput();
+            } elseif ($request->input('current_password')==$request->input('new_password')) {
+                return Redirect::back()->withErrors(['New password must be different than old']);
             } else {
                 $user->password_hash = User::generateSaltedHash($request->input('new_password'));
                 $user->save();

app/app/Http/Controllers/PasswordRecoveryController.php

@@ -79,7 +79,9 @@ public function resetPassword(Request $request)
                 'password_confirm'     => 'required|same:new_password'
             );
             $validator = Validator::make(Input::all(), $validation_rules);
-            if ($validator->fails()) {
+            if (BaseUser::authenticate($user_email, $request->input('new_password'))) {
+                return Redirect::back()->withErrors(['New password must be different than old']);
+            } elseif ($validator->fails()) {
                 return Redirect::back()->withErrors($validator)->withInput();
             } else {
                 $user->password_hash = User::generateSaltedHash($request->input('new_password'));