# 
# 
# add_file "www/user-ctrl.php"
#  content [a29daaaaceb7f4205cdcd36b9520e79446511d2a]
# 
============================================================
--- www/user-ctrl.php	a29daaaaceb7f4205cdcd36b9520e79446511d2a
+++ www/user-ctrl.php	a29daaaaceb7f4205cdcd36b9520e79446511d2a
@@ -0,0 +1,41 @@
+<?
+include_once('common-ctrl.php');
+$who = $args->who;
+
+if ($action == 'delete_user') {
+	if (! $administrator) {
+		print $json->encode(array('error' => 'You are not permitted to do that.'));
+		exit;
+	}
+	$db->Execute("DELETE FROM users WHERE username=?",
+		array($who));
+	$db->Execute("DELETE FROM permissions WHERE username=?",
+		array($who));
+	print $json->encode(array('ok' => 'ok'));
+} else if ($action == 'chuserpass') {
+	if (! $administrator) {
+		print $json->encode(array('error' => 'You are not permitted to do that.'));
+		exit;
+	}
+	$db->Execute("UPDATE USERS SET password=? WHERE username=?",
+		array(sha1($args->new_password), $who));
+	print $json->encode(array('ok' => 'ok'));
+} else if ($action == 'op') {
+	if (! $administrator) {
+		print $json->encode(array('error' => 'You are not permitted to do that.'));
+		exit;
+	}
+	$db->Execute("UPDATE USERS SET admin=? WHERE username=?",
+		array(1, $who));
+	print $json->encode(array('ok' => 'ok'));
+} else if ($action == 'deop') {
+	if (! $administrator) {
+		print $json->encode(array('error' => 'You are not permitted to do that.'));
+		exit;
+	}
+	$db->Execute("UPDATE USERS SET admin=? WHERE username=?",
+		array(0, $who));
+	print $json->encode(array('ok' => 'ok'));
+} else
+	print $json->encode(array('error' => sprintf("I don't know how to '%s'.", $action)));
+?>