<h2>Password</h2>
<?php
include_once($UTIL_DIR."/user.php");
include_once($UTIL_DIR."/convert.php");

if($task == "setpassword") {
	$users = new Users($DATA_DIR . "/users.xml");
	$user = $users->findUser($HTTP_COOKIE_VARS["UserID"]);
	$user->setPassword($oldpassword, $password1, $password2);
	$users->add($user); // We need to update the user after changing the password!
	$users->write();
}
?>

<div class="small_header">Change password</div>
<form method="post" action="?page=admin&amp;module=user&amp;task=setpassword">
  <p>
    Old password:
    <input type="password" name="oldpassword" style="width: 100px;" value=""/
  </p>
  <p>
    New password:
    <input type="password" name="password1" style="width: 100px;" value=""/>
  </p>
  <p>
    Confirm password:
    <input type="password" name="password2" style="width: 100px;" value=""/>
  </p>
  <p>
    <button type="submit">Change password</button>
  </p>
</form>