Move most of the password changing code to the backend, as I just did
for email changes. Currently, the hash is passed in on the command line from the web interface, and there is no method for invoking it on the command line and providing a text password, but that is an easy change now that the bulk of the code is in the backend instead of the web interface. Note that this change took longer cause we allow inactive,frozen, and wikionly users to change their password, but since they do not have accounts (yet) the operation is invoked as user "nobody" and tbacct about to me made aware of that possibility. Also add equivalent auditing email message that goes to the user when password is changed. Also more cleanup and conversion to objects.
Showing with 256 additions and 90 deletions