diff --git a/blash.css b/blash.css
index da09cb0..da4f52e 100644
--- a/blash.css
+++ b/blash.css
@@ -17,6 +17,16 @@ input.promptInput
 	width : 500px;
 }
 
+input.password
+{
+	background-color : black;
+	border : 0;
+	color : #888;
+	font-family : Terminus, courier, monospace, fixed;
+	font-size : 13px;
+	width : 500px;
+}
+
 div#blashWindow
 {
 	width : 800px;
diff --git a/blash.js b/blash.js
index b2d1cce..bc46107 100644
--- a/blash.js
+++ b/blash.js
@@ -48,6 +48,12 @@ function blash ()
 
 	/** Check if this is the first command given in this session (for fixing <br/> stuff) */
 	this.__first_cmd = true;
+
+	/** Variable set if the prompt is re-generated automatically after a command was given */
+	this.auto_prompt_refresh = true;
+
+	/** Variable set if the focus should be automatically set to the prompt line after a command */
+	this.auto_prompt_focus = true;
 	/**************************************/
 
 	this.loadCommand = function ( cmd )
@@ -139,48 +145,55 @@ function blash ()
 				}
 			}
 
-			var value = this.prompt.value;
-			var out = this.cmdOut.innerHTML;
-
-			var text = ( shell.json.promptText ) ? shell.json.promptText : "[%n@%m %W] $ ";
-			text = shell.unescapePrompt ( text, shell.json.promptSequences );
-
-			this.window.removeChild ( this.prompt );
-			this.window.removeChild ( this.cmdOut );
-
-			if ( this.__first_cmd && this.prompt.value.length > 0 )
+			if ( this.auto_prompt_refresh )
 			{
-				this.window.innerHTML += value + '<br/>' + out + text;
-				this.__first_cmd = false;
-			} else {
-				if ( out )
+				var value = this.prompt.value;
+				var out = this.cmdOut.innerHTML;
+
+				var text = ( shell.json.promptText ) ? shell.json.promptText : "[%n@%m %W] $ ";
+				text = shell.unescapePrompt ( text, shell.json.promptSequences );
+
+				this.window.removeChild ( this.prompt );
+				this.window.removeChild ( this.cmdOut );
+
+				if ( this.__first_cmd && this.prompt.value.length > 0 )
 				{
-					if ( out.match ( /^\s*<br.?>\s*/ ))
+					this.window.innerHTML += value + '<br/>' + out + text;
+					this.__first_cmd = false;
+				} else {
+					if ( out )
 					{
-						out = '';
+						if ( out.match ( /^\s*<br.?>\s*/ ))
+						{
+							out = '';
+						}
 					}
+
+					this.window.innerHTML += value + '<br/>' + out + text;
 				}
 
-				this.window.innerHTML += value + '<br/>' + out + text;
+				this.prompt = document.createElement ( 'input' );
+				this.prompt.setAttribute ( 'name', 'blashPrompt' );
+				this.prompt.setAttribute ( 'type', 'text' );
+				this.prompt.setAttribute ( 'class', 'promptInput' );
+				this.prompt.setAttribute ( 'autocomplete', 'off' );
+				this.prompt.setAttribute ( 'onkeydown', 'shell.getKey ( event )' );
+				this.prompt.setAttribute ( 'onkeyup', 'this.focus()' );
+				this.prompt.setAttribute ( 'onblur', 'return false' );
+
+				this.cmdOut = document.createElement ( 'div' );
+				this.cmdOut.setAttribute ( 'id', 'blashCmdOut' );
+				this.cmdOut.setAttribute ( 'class', 'blashCmdOut' );
+				this.cmdOut.innerHTML = '<br/>';
+
+				this.window.appendChild ( this.prompt );
+				this.window.appendChild ( this.cmdOut );
+
+				if ( this.auto_prompt_focus )
+				{
+					this.prompt.focus();
+				}
 			}
-
-			this.prompt = document.createElement ( 'input' );
-			this.prompt.setAttribute ( 'name', 'blashPrompt' );
-			this.prompt.setAttribute ( 'type', 'text' );
-			this.prompt.setAttribute ( 'class', 'promptInput' );
-			this.prompt.setAttribute ( 'autocomplete', 'off' );
-			this.prompt.setAttribute ( 'onkeydown', 'shell.getKey ( event )' );
-			this.prompt.setAttribute ( 'onkeyup', 'this.focus()' );
-			this.prompt.setAttribute ( 'onblur', 'return false' );
-
-			this.cmdOut = document.createElement ( 'div' );
-			this.cmdOut.setAttribute ( 'id', 'blashCmdOut' );
-			this.cmdOut.setAttribute ( 'class', 'blashCmdOut' );
-			this.cmdOut.innerHTML = '<br/>';
-
-			this.window.appendChild ( this.prompt );
-			this.window.appendChild ( this.cmdOut );
-			this.prompt.focus();
 		} else if ( key == 38 || key == 40 ) {
 			if ( key == 38 )
 			{
@@ -332,18 +345,24 @@ function blash ()
 				}
 			}
 
-			this.prompt.focus();
-			setTimeout ( function()  { shell.prompt.focus(); }, 1 );
-			
-			if ( this.prompt.setSelectionRange )
+			if ( this.auto_prompt_focus )
 			{
-				this.prompt.setSelectionRange ( this.prompt.value.length, this.prompt.value.length );
+				this.prompt.focus();
+				setTimeout ( function()  { shell.prompt.focus(); }, 1 );
+			
+				if ( this.prompt.setSelectionRange )
+				{
+					this.prompt.setSelectionRange ( this.prompt.value.length, this.prompt.value.length );
+				}
 			}
 
 			return false;
 		}
 
-		this.prompt.focus();
+		if ( this.auto_prompt_focus )
+		{
+			this.prompt.focus();
+		}
 	}
 
 	this.unescapePrompt = function ( prompt, sequences )
@@ -374,6 +393,54 @@ function blash ()
 		return prompt;
 	}
 
+	/**
+	 * \brief Refresh the shell prompt
+	 * \param clearTerm Set this variable as true if you want also to clear the terminal screen
+	 * \param clearOut Set this variable as true if you want to clear the latest output command
+	 */
+	this.refreshPrompt = function ( clearTerm, clearOut )
+	{
+		var value = this.prompt.value;
+		var out = this.cmdOut.innerHTML;
+		var text = ( this.json.promptText ) ? this.json.promptText : "[%n@%m %W] $ ";
+		text = this.unescapePrompt ( text, this.json.promptSequences );
+
+		this.window.removeChild ( this.prompt );
+		this.window.removeChild ( this.cmdOut );
+
+		if ( clearTerm )
+		{
+			this.window.innerHTML = '';
+		}
+		
+		if ( !clearOut )
+		{
+			if ( out.length > 0 )
+			{
+				var outDiv = document.createElement ( 'span' );
+				outDiv.innerHTML = '<br/>' + out + '<br/>' + text;
+				this.window.appendChild ( outDiv );
+			}
+		}
+
+		this.prompt = document.createElement ( 'input' );
+		this.prompt.setAttribute ( 'name', 'blashPrompt' );
+		this.prompt.setAttribute ( 'type', 'text' );
+		this.prompt.setAttribute ( 'class', 'promptInput' );
+		this.prompt.setAttribute ( 'autocomplete', 'off' );
+		this.prompt.setAttribute ( 'onkeydown', 'shell.getKey ( event )' );
+		this.prompt.setAttribute ( 'onkeyup', 'this.focus()' );
+		this.prompt.setAttribute ( 'onblur', 'return false' );
+
+		this.cmdOut = document.createElement ( 'div' );
+		this.cmdOut.setAttribute ( 'id', 'blashCmdOut' );
+		this.cmdOut.setAttribute ( 'class', 'blashCmdOut' );
+
+		this.window.appendChild ( this.prompt );
+		this.window.appendChild ( this.cmdOut );
+		this.prompt.focus();
+	}
+
 	this.unescapePromptSequence = function ( prompt, sequence, text, default_text )
 	{
 		var re = new RegExp ( "([^\]?)" + sequence, "g" );
diff --git a/blash.json b/blash.json
index 327eb11..974ff6c 100644
--- a/blash.json
+++ b/blash.json
@@ -189,11 +189,13 @@
 		"cat",
 		"cd",
 		"clear",
+		"echo",
 		"eval",
 		"find",
 		"ls",
 		"man",
 		"pwd",
+		"useradd",
 		"whoami",
 	],
 }
diff --git a/commands/clear.json b/commands/clear.json
index c049011..5e9fff6 100644
--- a/commands/clear.json
+++ b/commands/clear.json
@@ -9,30 +9,7 @@
 	"action" : function ( arg )
 	{
 		var out = '';
-		var text = ( shell.json.promptText ) ? shell.json.promptText : "[%n@%m %W] $ ";
-		text = shell.unescapePrompt ( text, shell.json.promptSequences );
-
-		shell.window.removeChild ( shell.prompt );
-		shell.window.removeChild ( shell.cmdOut );
-		shell.window.innerHTML = '';
-
-		shell.prompt = document.createElement ( 'input' );
-		shell.prompt.setAttribute ( 'name', 'blashPrompt' );
-		shell.prompt.setAttribute ( 'type', 'text' );
-		shell.prompt.setAttribute ( 'class', 'promptInput' );
-		shell.prompt.setAttribute ( 'autocomplete', 'off' );
-		shell.prompt.setAttribute ( 'onkeydown', 'shell.getKey ( event )' );
-		shell.prompt.setAttribute ( 'onkeyup', 'this.focus()' );
-		shell.prompt.setAttribute ( 'onblur', 'return false' );
-
-		shell.cmdOut = document.createElement ( 'div' );
-		shell.cmdOut.setAttribute ( 'id', 'blashCmdOut' );
-		shell.cmdOut.setAttribute ( 'class', 'blashCmdOut' );
-
-		shell.window.appendChild ( shell.prompt );
-		shell.window.appendChild ( shell.cmdOut );
-		shell.prompt.focus();
-
+		shell.refreshPrompt ( true );
 		return out;
 	},
 }
diff --git a/commands/echo.json b/commands/echo.json
new file mode 100644
index 0000000..2acfa33
--- /dev/null
+++ b/commands/echo.json
@@ -0,0 +1,15 @@
+{
+	"name" : "echo",
+
+	"info" : {
+		"syntax" : "echo [text]",
+		"brief" : "Display a line of text",
+	},
+
+	"action" : function ( arg )
+	{
+		var out = arg + "<br/>\n";
+		return out;
+	},
+}
+
diff --git a/commands/useradd.json b/commands/useradd.json
new file mode 100644
index 0000000..c1dc323
--- /dev/null
+++ b/commands/useradd.json
@@ -0,0 +1,113 @@
+{
+	"name" : "useradd",
+
+	"info" : {
+		"syntax" : "useradd &lt;username&gt;",
+		"brief" : "Create a new user on the system",
+	},
+
+	"password" : '',
+	"repeatPassword" : '',
+
+	"keyPassword" : function ( e )
+	{
+		var evt = ( window.event ) ? window.event : e;
+		var key = ( evt.charCode ) ? evt.charCode : evt.keyCode;
+		var password = document.getElementsByName ( "password" )[0];
+		var repeatPassword = document.getElementsByName ( "repeatPassword" )[0];
+		var repeatPasswordText = document.getElementById ( "repeatPasswordText" );
+
+		if ( key == 13 && password.value.length > 0 )
+		{
+			repeatPassword.style.visibility = 'visible';
+			repeatPasswordText.style.visibility = 'visible';
+			repeatPassword.focus();
+		}
+	},
+
+	"keyRepeatPassword" : function ( e )
+	{
+		var evt = ( window.event ) ? window.event : e;
+		var key = ( evt.charCode ) ? evt.charCode : evt.keyCode;
+		var password = document.getElementsByName ( "password" )[0];
+		var repeatPassword = document.getElementsByName ( "repeatPassword" )[0];
+		var repeatPasswordText = document.getElementById ( "repeatPasswordText" );
+
+		if ( key == 13 && password.value.length > 0 )
+		{
+			if ( password.value != repeatPassword.value )
+			{
+				shell.cmdOut.innerHTML = 'The passwords do not match';
+			} else {
+				var users_php = window.location.href;
+				users_php = users_php.replace ( /\/([a-zA-Z\.]+)$/, '/modules/users/users.php' );
+				params = 'action=add&user=' + escape ( shell.newuser ) + '&pass=' + md5 ( password.value );
+
+				var http = new XMLHttpRequest();
+				http.open ( "POST", users_php, true );
+				http.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
+				http.setRequestHeader("Content-length", params.length);
+				http.setRequestHeader("Connection", "close");
+
+				http.onreadystatechange = function ()
+				{
+					if ( http.readyState == 4 && http.status == 200 )
+					{
+						if ( http.responseText.length > 0 )
+						{
+							shell.cmdOut.innerHTML = http.responseText;
+						} else {
+							shell.cmdOut.innerHTML = '';
+						}
+
+						shell.refreshPrompt ( false, false );
+					}
+				}
+
+				http.send ( params );
+				shell.cmdOut.innerHTML = '';
+			}
+
+			shell.auto_prompt_focus = true;
+			shell.auto_prompt_refresh = true;
+			shell.refreshPrompt ( false, false );
+		}
+	},
+
+	"action" : function ( arg )
+	{
+		var out = '';
+
+		if ( !arg || arg.length == 0 )
+		{
+			return "Usage: " + this.name + " &lt;username&gt;<br/>\n";
+		}
+
+		shell.keyPassword = this.keyPassword;
+		shell.keyRepeatPassword = this.keyRepeatPassword;
+		shell.newuser = arg;
+
+		if ( shell.__first_cmd )
+		{
+			shell.cmdOut.innerHTML = '<br/>';
+			shell.__first_cmd = false;
+		}
+
+		shell.cmdOut.innerHTML += 'Password: <input type="password" ' +
+			'name="password" class="password" ' +
+			'onkeyup="shell.keyPassword ( event )">' +
+			'<br/><span id="repeatPasswordText" style="visibility: hidden">' +
+			'Repeat password: </span>' +
+			'<input type="password" name="repeatPassword" class="password" ' +
+			'style="visibility: hidden" onkeyup="shell.keyRepeatPassword ( event )"><br/>';
+
+		shell.auto_prompt_focus = false;
+		shell.auto_prompt_refresh = false;
+
+		this.password = document.getElementsByName ( "password" )[0];
+		this.password.focus();
+
+		return out;
+	},
+}
+
diff --git a/index.html b/index.html
index aad07ae..5c6f0b4 100644
--- a/index.html
+++ b/index.html
@@ -2,6 +2,7 @@
 	<head>
 		<title>Blash - An AJAX interactive shell emulator for web browsing</title>
 		<script type="text/javascript" language="javascript" src="blash.js"></script>
+		<script type="text/javascript" language="javascript" src="md5.js"></script>
 		<link rel="stylesheet" href="blash.css" type="text/css">
 	</head>
 
diff --git a/md5.js b/md5.js
new file mode 100644
index 0000000..e09c081
--- /dev/null
+++ b/md5.js
@@ -0,0 +1,209 @@
+/**
+*
+*  MD5 (Message-Digest Algorithm)
+*  http://www.webtoolkit.info/
+*
+**/
+ 
+function md5 (string)
+{
+ 
+	function RotateLeft(lValue, iShiftBits) {
+		return (lValue<<iShiftBits) | (lValue>>>(32-iShiftBits));
+	}
+ 
+	function AddUnsigned(lX,lY) {
+		var lX4,lY4,lX8,lY8,lResult;
+		lX8 = (lX & 0x80000000);
+		lY8 = (lY & 0x80000000);
+		lX4 = (lX & 0x40000000);
+		lY4 = (lY & 0x40000000);
+		lResult = (lX & 0x3FFFFFFF)+(lY & 0x3FFFFFFF);
+		if (lX4 & lY4) {
+			return (lResult ^ 0x80000000 ^ lX8 ^ lY8);
+		}
+		if (lX4 | lY4) {
+			if (lResult & 0x40000000) {
+				return (lResult ^ 0xC0000000 ^ lX8 ^ lY8);
+			} else {
+				return (lResult ^ 0x40000000 ^ lX8 ^ lY8);
+			}
+		} else {
+			return (lResult ^ lX8 ^ lY8);
+		}
+ 	}
+ 
+ 	function F(x,y,z) { return (x & y) | ((~x) & z); }
+ 	function G(x,y,z) { return (x & z) | (y & (~z)); }
+ 	function H(x,y,z) { return (x ^ y ^ z); }
+	function I(x,y,z) { return (y ^ (x | (~z))); }
+ 
+	function FF(a,b,c,d,x,s,ac) {
+		a = AddUnsigned(a, AddUnsigned(AddUnsigned(F(b, c, d), x), ac));
+		return AddUnsigned(RotateLeft(a, s), b);
+	};
+ 
+	function GG(a,b,c,d,x,s,ac) {
+		a = AddUnsigned(a, AddUnsigned(AddUnsigned(G(b, c, d), x), ac));
+		return AddUnsigned(RotateLeft(a, s), b);
+	};
+ 
+	function HH(a,b,c,d,x,s,ac) {
+		a = AddUnsigned(a, AddUnsigned(AddUnsigned(H(b, c, d), x), ac));
+		return AddUnsigned(RotateLeft(a, s), b);
+	};
+ 
+	function II(a,b,c,d,x,s,ac) {
+		a = AddUnsigned(a, AddUnsigned(AddUnsigned(I(b, c, d), x), ac));
+		return AddUnsigned(RotateLeft(a, s), b);
+	};
+ 
+	function ConvertToWordArray(string) {
+		var lWordCount;
+		var lMessageLength = string.length;
+		var lNumberOfWords_temp1=lMessageLength + 8;
+		var lNumberOfWords_temp2=(lNumberOfWords_temp1-(lNumberOfWords_temp1 % 64))/64;
+		var lNumberOfWords = (lNumberOfWords_temp2+1)*16;
+		var lWordArray=Array(lNumberOfWords-1);
+		var lBytePosition = 0;
+		var lByteCount = 0;
+		while ( lByteCount < lMessageLength ) {
+			lWordCount = (lByteCount-(lByteCount % 4))/4;
+			lBytePosition = (lByteCount % 4)*8;
+			lWordArray[lWordCount] = (lWordArray[lWordCount] | (string.charCodeAt(lByteCount)<<lBytePosition));
+			lByteCount++;
+		}
+		lWordCount = (lByteCount-(lByteCount % 4))/4;
+		lBytePosition = (lByteCount % 4)*8;
+		lWordArray[lWordCount] = lWordArray[lWordCount] | (0x80<<lBytePosition);
+		lWordArray[lNumberOfWords-2] = lMessageLength<<3;
+		lWordArray[lNumberOfWords-1] = lMessageLength>>>29;
+		return lWordArray;
+	};
+ 
+	function WordToHex(lValue) {
+		var WordToHexValue="",WordToHexValue_temp="",lByte,lCount;
+		for (lCount = 0;lCount<=3;lCount++) {
+			lByte = (lValue>>>(lCount*8)) & 255;
+			WordToHexValue_temp = "0" + lByte.toString(16);
+			WordToHexValue = WordToHexValue + WordToHexValue_temp.substr(WordToHexValue_temp.length-2,2);
+		}
+		return WordToHexValue;
+	};
+ 
+	function Utf8Encode(string) {
+		string = string.replace(/\r\n/g,"\n");
+		var utftext = "";
+ 
+		for (var n = 0; n < string.length; n++) {
+ 
+			var c = string.charCodeAt(n);
+ 
+			if (c < 128) {
+				utftext += String.fromCharCode(c);
+			}
+			else if((c > 127) && (c < 2048)) {
+				utftext += String.fromCharCode((c >> 6) | 192);
+				utftext += String.fromCharCode((c & 63) | 128);
+			}
+			else {
+				utftext += String.fromCharCode((c >> 12) | 224);
+				utftext += String.fromCharCode(((c >> 6) & 63) | 128);
+				utftext += String.fromCharCode((c & 63) | 128);
+			}
+ 
+		}
+ 
+		return utftext;
+	};
+ 
+	var x=Array();
+	var k,AA,BB,CC,DD,a,b,c,d;
+	var S11=7, S12=12, S13=17, S14=22;
+	var S21=5, S22=9 , S23=14, S24=20;
+	var S31=4, S32=11, S33=16, S34=23;
+	var S41=6, S42=10, S43=15, S44=21;
+ 
+	string = Utf8Encode(string);
+ 
+	x = ConvertToWordArray(string);
+ 
+	a = 0x67452301; b = 0xEFCDAB89; c = 0x98BADCFE; d = 0x10325476;
+ 
+	for (k=0;k<x.length;k+=16) {
+		AA=a; BB=b; CC=c; DD=d;
+		a=FF(a,b,c,d,x[k+0], S11,0xD76AA478);
+		d=FF(d,a,b,c,x[k+1], S12,0xE8C7B756);
+		c=FF(c,d,a,b,x[k+2], S13,0x242070DB);
+		b=FF(b,c,d,a,x[k+3], S14,0xC1BDCEEE);
+		a=FF(a,b,c,d,x[k+4], S11,0xF57C0FAF);
+		d=FF(d,a,b,c,x[k+5], S12,0x4787C62A);
+		c=FF(c,d,a,b,x[k+6], S13,0xA8304613);
+		b=FF(b,c,d,a,x[k+7], S14,0xFD469501);
+		a=FF(a,b,c,d,x[k+8], S11,0x698098D8);
+		d=FF(d,a,b,c,x[k+9], S12,0x8B44F7AF);
+		c=FF(c,d,a,b,x[k+10],S13,0xFFFF5BB1);
+		b=FF(b,c,d,a,x[k+11],S14,0x895CD7BE);
+		a=FF(a,b,c,d,x[k+12],S11,0x6B901122);
+		d=FF(d,a,b,c,x[k+13],S12,0xFD987193);
+		c=FF(c,d,a,b,x[k+14],S13,0xA679438E);
+		b=FF(b,c,d,a,x[k+15],S14,0x49B40821);
+		a=GG(a,b,c,d,x[k+1], S21,0xF61E2562);
+		d=GG(d,a,b,c,x[k+6], S22,0xC040B340);
+		c=GG(c,d,a,b,x[k+11],S23,0x265E5A51);
+		b=GG(b,c,d,a,x[k+0], S24,0xE9B6C7AA);
+		a=GG(a,b,c,d,x[k+5], S21,0xD62F105D);
+		d=GG(d,a,b,c,x[k+10],S22,0x2441453);
+		c=GG(c,d,a,b,x[k+15],S23,0xD8A1E681);
+		b=GG(b,c,d,a,x[k+4], S24,0xE7D3FBC8);
+		a=GG(a,b,c,d,x[k+9], S21,0x21E1CDE6);
+		d=GG(d,a,b,c,x[k+14],S22,0xC33707D6);
+		c=GG(c,d,a,b,x[k+3], S23,0xF4D50D87);
+		b=GG(b,c,d,a,x[k+8], S24,0x455A14ED);
+		a=GG(a,b,c,d,x[k+13],S21,0xA9E3E905);
+		d=GG(d,a,b,c,x[k+2], S22,0xFCEFA3F8);
+		c=GG(c,d,a,b,x[k+7], S23,0x676F02D9);
+		b=GG(b,c,d,a,x[k+12],S24,0x8D2A4C8A);
+		a=HH(a,b,c,d,x[k+5], S31,0xFFFA3942);
+		d=HH(d,a,b,c,x[k+8], S32,0x8771F681);
+		c=HH(c,d,a,b,x[k+11],S33,0x6D9D6122);
+		b=HH(b,c,d,a,x[k+14],S34,0xFDE5380C);
+		a=HH(a,b,c,d,x[k+1], S31,0xA4BEEA44);
+		d=HH(d,a,b,c,x[k+4], S32,0x4BDECFA9);
+		c=HH(c,d,a,b,x[k+7], S33,0xF6BB4B60);
+		b=HH(b,c,d,a,x[k+10],S34,0xBEBFBC70);
+		a=HH(a,b,c,d,x[k+13],S31,0x289B7EC6);
+		d=HH(d,a,b,c,x[k+0], S32,0xEAA127FA);
+		c=HH(c,d,a,b,x[k+3], S33,0xD4EF3085);
+		b=HH(b,c,d,a,x[k+6], S34,0x4881D05);
+		a=HH(a,b,c,d,x[k+9], S31,0xD9D4D039);
+		d=HH(d,a,b,c,x[k+12],S32,0xE6DB99E5);
+		c=HH(c,d,a,b,x[k+15],S33,0x1FA27CF8);
+		b=HH(b,c,d,a,x[k+2], S34,0xC4AC5665);
+		a=II(a,b,c,d,x[k+0], S41,0xF4292244);
+		d=II(d,a,b,c,x[k+7], S42,0x432AFF97);
+		c=II(c,d,a,b,x[k+14],S43,0xAB9423A7);
+		b=II(b,c,d,a,x[k+5], S44,0xFC93A039);
+		a=II(a,b,c,d,x[k+12],S41,0x655B59C3);
+		d=II(d,a,b,c,x[k+3], S42,0x8F0CCC92);
+		c=II(c,d,a,b,x[k+10],S43,0xFFEFF47D);
+		b=II(b,c,d,a,x[k+1], S44,0x85845DD1);
+		a=II(a,b,c,d,x[k+8], S41,0x6FA87E4F);
+		d=II(d,a,b,c,x[k+15],S42,0xFE2CE6E0);
+		c=II(c,d,a,b,x[k+6], S43,0xA3014314);
+		b=II(b,c,d,a,x[k+13],S44,0x4E0811A1);
+		a=II(a,b,c,d,x[k+4], S41,0xF7537E82);
+		d=II(d,a,b,c,x[k+11],S42,0xBD3AF235);
+		c=II(c,d,a,b,x[k+2], S43,0x2AD7D2BB);
+		b=II(b,c,d,a,x[k+9], S44,0xEB86D391);
+		a=AddUnsigned(a,AA);
+		b=AddUnsigned(b,BB);
+		c=AddUnsigned(c,CC);
+		d=AddUnsigned(d,DD);
+	}
+ 
+	var temp = WordToHex(a)+WordToHex(b)+WordToHex(c)+WordToHex(d);
+ 
+	return temp.toLowerCase();
+}
+
diff --git a/modules/users/.userlist.php.swp b/modules/users/.userlist.php.swp
new file mode 100644
index 0000000..225fe82
Binary files /dev/null and b/modules/users/.userlist.php.swp differ
diff --git a/modules/users/.users.php.swp b/modules/users/.users.php.swp
new file mode 100644
index 0000000..21565a0
Binary files /dev/null and b/modules/users/.users.php.swp differ
diff --git a/modules/users/userlist.php b/modules/users/userlist.php
new file mode 100644
index 0000000..29108df
--- /dev/null
+++ b/modules/users/userlist.php
@@ -0,0 +1,10 @@
+<?php
+
+$xmlcontent = <<<XML
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<users>
+</users>
+
+XML;
+
+?>
diff --git a/modules/users/users.php b/modules/users/users.php
new file mode 100644
index 0000000..e381134
--- /dev/null
+++ b/modules/users/users.php
@@ -0,0 +1,68 @@
+<?php
+
+include 'userlist.php';
+$action = $_REQUEST['action'];
+
+if ( $action == null )
+{
+	die ("");
+}
+
+switch ( $action )
+{
+	case 'add':
+		$username = $_REQUEST['user'];
+		$password = $_REQUEST['pass'];
+
+		if ( !( $username != null && $password != null ))
+		{
+			die ("");
+		}
+
+		if ( preg_match ( '/[^a-zA-Z0-9_]/', $username ))
+		{
+			print "The username can only contain characters in the charset '[a-zA-Z0-9_]'\n";
+			return 1;
+		}
+
+		if ( preg_match ( '/[^a-zA-Z0-9]/', $password ) || strlen ( $password ) != 32 )
+		{
+			print "The provided password '$password' is not a valid hash\n";
+			return 1;
+		}
+
+		if ( !( $xml = new SimpleXMLElement ( $xmlcontent )))
+		{
+			print "Unable to open the users XML file\n";
+			return 1;
+		}
+
+		for ( $i = 0; $i < count ( $xml->user ); $i++ )
+		{
+			if ( !strcasecmp ( $xml->user[$i]['name'], $username ))
+			{
+				print "The specified user already exists\n";
+				return 1;
+			}
+		}
+
+		$newuser = $xml->addChild ( 'user' );
+		$newuser->addAttribute ( 'name', $username );
+		$newuser->addAttribute ( 'pass', $password );
+		$newuser->addAttribute ( 'home', '/home/' . $username );
+
+		if ( !( $fp = fopen ( 'userlist.php', 'w' )))
+		{
+			print "Unable to add the specified user, unknown error\n";
+			return 1;
+		}
+
+		fwrite ( $fp, "<?php\n\n\$xmlcontent = <<<XML\n" . $xml->asXML() . "\nXML;\n\n?>\n" );
+		fclose ( $fp );
+
+		print 'User "'.$username.' successfully added, home directory set to "/home/'.$username."\"\n";
+		break;
+}
+
+?>
+