**note**: In this documentation, php notation is used (`_POST` and `_FILES`),
but server may be written in any language.
+` _POST["password"]` and `_POST["user"] may contain user name and password. If
+ they are set, access is checked. If they is not set, cookies are checked. If
+ neither are present.
+
`_POST["request"]` is either:
## auth
asks for authentication
- * ` _POST["password"]` must contains user password
-
## add
adds a new feature
## success handling:
- * `<success request="auth"></success>`:
- authentication was successfull
+ * `<success request="auth"><user>?user_name?</name></success>`:
+ authentication was successfull. ?user_name? is name of authenticated user.
* `<success request="del">
<feature>