public bool ChangePassword(string sessionId, string password, string nPassword) { string username = _db.GetUsername(sessionId); if (username == null || !LoginUser(username, password)) { return(false); } string nPassHash = GetHashString(nPassword); return(_db.ChangePassword(nPassHash, username)); }