+ case "changepass":
+ $currpass = unquote ($_POST ["pass_current"]);
+ if (!$con->checkpwdmd5 ($user, md5 ($currpass))) {
+ error_wrongpass ();
+ }
+ $newpass = unquote ($_POST ["pass_new"]);
+ try {
+ $con->setpwd ($user, $newpass);
+ } catch (Exception $e) {
+ error_server ();
+ }
+ setcookies ($user, $newpass);
+ success_changepass ($user);
+ break;
+ case "newuser":
+ if ($user != "admin") {
+ error_unauthorized ();
+ }
+ $newuser_name = unquote ($_POST ["newuser_name"]);
+ if (!$newuser_name) {
+ error_request ();
+ }
+ if ($con->user_exists ($newuser_name)) {
+ error_newuser_exists ();
+ }
+ $newuser_password = unquote ($_POST ["newuser_password"]);
+ try {
+ $con->setpwd ($newuser_name, $newuser_password);
+ } catch (Exception $e) {
+ error_server ();
+ }
+ success_newuser ($newuser_name);
+ break;