diff --git a/WebContent/css/style.css b/WebContent/css/style.css
index 37419c4..fecf6da 100644
--- a/WebContent/css/style.css
+++ b/WebContent/css/style.css
@@ -1158,7 +1158,7 @@ html, body {
 }
 #footer{
 	margin-top: 0;
-	height: 30px;
+	#height: 30px;
 	padding: 20px 0;
 }
 .push {
diff --git a/WebContent/footer.jsp b/WebContent/footer.jsp
index f73eac8..d0f9634 100644
--- a/WebContent/footer.jsp
+++ b/WebContent/footer.jsp
@@ -5,8 +5,17 @@
 	</div><!-- #wrapper -->
 
 	<div class="footer">
-		<div id="footer">
+		<div id="footer">		
 			<div id="siteinfo">
+				<div id="google_translate_element"></div>
+				<script type="text/javascript">
+					function googleTranslateElementInit() {
+					  new google.translate.TranslateElement({pageLanguage: 'en', layout: google.translate.TranslateElement.InlineLayout.HORIZONTAL, multilanguagePage: true, gaTrack: true, gaId: 'UA-310804-2'}, 'google_translate_element');
+					}
+				</script>
+				<script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script>
+					
+			
 				Powered by 
 				Java2EE And Tomcat. Zallery Gallery created by Ziver Koc. 
 				<br>Built on the 
diff --git a/WebContent/header.jsp b/WebContent/header.jsp
index dae8014..f713d24 100644
--- a/WebContent/header.jsp
+++ b/WebContent/header.jsp
@@ -54,6 +54,7 @@ UserMessage message = UserMessage.getUserMessage(session);
         }, "Please enter your first and last name" );
 	</script>
 	
+	<!-- Facebook -->
 	<script type="text/javascript">
 		// Google Analythics
 		var _gaq = _gaq || [];
@@ -65,6 +66,9 @@ UserMessage message = UserMessage.getUserMessage(session);
 			  var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
 		})();	
 	</script>
+	
+	<!-- Google translate -->
+	<meta name="google-translate-customization" content="2ed4e94374eecdd6-9478f2e9269794a2-ge4734ab0ad9c470f-6"></meta>
 </head>
 
 <% if( page_url.startsWith("upload") || page_url.startsWith("users") || page_url.startsWith("profile") || page_url.startsWith("login") || page_url.startsWith("register") ){ %>
@@ -117,7 +121,7 @@ UserMessage message = UserMessage.getUserMessage(session);
 				<div id="page-menu" class="menu">
 					<ul id="page-nav" class="sf-menu">
 						<li class="menu-item menu-item-type-post_type"><a href="status.jsp">Status</a></li>
-					</ul>
+					</ul>					
 				</div>
 				<div id="category-menu" class="menu">
 					<ul id="category-nav" class="sf-menu">
diff --git a/WebContent/users.jsp b/WebContent/users.jsp
index cf63d15..93e64ef 100644
--- a/WebContent/users.jsp
+++ b/WebContent/users.jsp
@@ -2,6 +2,7 @@
 <%@ page import="zall.bean.*" %>
 <%@ page import="java.text.SimpleDateFormat" %>
 <%@ page import="java.io.IOException" %>
+<%@ page import="java.sql.Timestamp" %>
 <%
 User user = (User)session.getAttribute("user");
 List<User> users = (List<User>)request.getAttribute("users");
@@ -35,7 +36,11 @@ if( request.getParameter("search") != null ){
 		out.println("				<table border=1 width='100%'>");
 		out.println("					<tr>");
 		out.println("						<td width='180px'><b>"+printUser.getName()+"</b></td>");
+		if( printUser.getLoginDate().after(new Timestamp(System.currentTimeMillis()-60*60*1000) )){
+        out.println("						<td width='180px'><b>Last login:</b> <span style='color: lightgreen;'>"+formatter.format( printUser.getLoginDate() )+"</span></td>");
+		} else {
 		out.println("						<td width='180px'><b>Last login:</b> "+formatter.format( printUser.getLoginDate() )+"</td>");
+		}
 		out.println("						<td>&nbsp;");
 		if( printUser.getFacebookUid() != null ){
 		out.println("							<a href='http://www.facebook.com/profile.php?id="+printUser.getFacebookUid()+"' target='blank' title='Link to Facebook profile'>Facebook</a>");
diff --git a/src/zall/ZalleryAjax.java b/src/zall/ZalleryAjax.java
index e91f87c..c0b7470 100644
--- a/src/zall/ZalleryAjax.java
+++ b/src/zall/ZalleryAjax.java
@@ -3,20 +3,22 @@ package zall;
 import java.io.IOException;
 import java.io.PrintWriter;
 import java.sql.SQLException;
+import java.util.HashMap;
 import java.util.List;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
+import javax.servlet.ServletConfig;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
-import zall.bean.Comment;
-import zall.bean.Folder;
-import zall.bean.Media;
-import zall.bean.User;
+import zall.action.*;
+import zall.action.media.*;
+import zall.action.user.*;
+import zall.bean.*;
 import zall.util.Email;
 import zall.util.Email.ContentType;
 import zall.util.msg.UserMessage;
@@ -28,7 +30,38 @@ public class ZalleryAjax extends HttpServlet{
 	public static final Logger logger = LogUtil.getLogger();
 	private static final long serialVersionUID = 1L;
 
-	public  void doGet(HttpServletRequest request, HttpServletResponse  response) throws ServletException{
+	private HashMap<String,ZalleryAction> actions;
+
+	public void init(ServletConfig config) throws ServletException {
+		super.init(config);
+
+		// General
+		registerAction(new LoginAction());
+		registerAction(new RegisterAction());
+
+		// User Actions
+		registerAction(new ModifyUserAction());
+		registerAction(new ModifyUserStatusAction());
+		registerAction(new RemoveUserAction());
+		registerAction(new SendVerificationEmailAction());
+		registerAction(new VerifyEmailAction());
+
+		// Media Actions
+		registerAction(new CommentAction());
+		registerAction(new CreateFolderAction());
+		registerAction(new ModifyMediaAction());
+		registerAction(new RemoveFolderAction());
+		registerAction(new RemoveMediaAction());
+		registerAction(new TogglePrivateAction());
+	}
+
+	protected void registerAction(ZalleryAction action){
+		if(actions == null)
+			actions = new HashMap<String,ZalleryAction>();
+		actions.put(action.getActionId().toLowerCase(), action);
+	}
+
+	public  void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException{
 		try {
 			doGet(request, response, response.getWriter());
 		} catch (IOException e) {
@@ -36,388 +69,49 @@ public class ZalleryAjax extends HttpServlet{
 		}
 	}
 
-	public  void doPost(HttpServletRequest request, HttpServletResponse  response) throws ServletException{
+	public  void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException{
 		doGet(request, response, null);
 	}
 
 	/**
 	 * @param 		out		is the PrintStream that will be used, no output will be generated if it is null
 	 */
-	public  void doGet(HttpServletRequest request, HttpServletResponse  response, PrintWriter out) throws ServletException{
+	public  void doGet(HttpServletRequest request, HttpServletResponse response, PrintWriter out) throws ServletException{
 		DBConnection db = null;
 		try {
+			String actionStr = request.getParameter("action").toLowerCase();
 			HttpSession session = request.getSession();
 			User user = (User) session.getAttribute("user");
-			String action = request.getParameter("action");
-			if( action == null ) action = "";
 			db = Zallery.getDB();
 			UserMessage msgs = UserMessage.getUserMessage(session);
 
 
-			// Login
-			if( action.equalsIgnoreCase("login") ){
-				user = User.load(request, response, db, request.getParameter("email"), request.getParameter("password") );
-				if( user != null ){
-					logger.info("Used user input to auth \""+user.getName()+"\"");
-					session.setAttribute("user", user);
-					if( out != null )
-						out.println("{ }");
+			ZalleryAction action = actions.get( actionStr );
+			if( action != null ){
+				if( (action.requireUser() && user != null) || !action.requireUser() ){
+					action.handleRequest(db, request, response, session, out, user, msgs);
 				}
-				else if(out != null)	out.println("{ \"error\":\"Wrong username or password!\"}");
-				else					msgs.add(MessageType.ERROR, "Wrong username or password!");
-				return;
-			}
-			// Register
-			if( action.equalsIgnoreCase("register") ){
-				if( request.getParameter("email") == null ){
-					msgs.add(MessageType.ERROR, "Please provide a valid email!");
-					return;
-				}
-				if( User.emailExists(request.getParameter("email"), db) ){
-					msgs.add(MessageType.ERROR, "An account with that email already exists!");
-					return;
-				}					
-				user = new User();
-				user.setEmail( request.getParameter("email") );
-				user.setPassword( request.getParameter("password") );
-				user.setName( request.getParameter("name") );
-				user.save(db);
-				sendEmailVerification( user );
-				logger.info("Registered new user: "+user.getName()+".");
-				session.setAttribute("user", user);
-				if(out != null)	out.println("{ \"id\":"+user.getId()+" }");
-				else			msgs.add(MessageType.INFO, "Your account has successfully been created. A verification email has been sent to your email, please click the link to continue.");
-				return;
-			}
-			// Verify email address
-			if( action.equalsIgnoreCase("verfemail") ){
-				User verfuser = User.load(db, Long.parseLong(request.getParameter("id")));
-				if( verfuser.verifyEmail(request.getParameter("hash")) ){
-					if( verfuser.isEnabled() )
-						if(out != null) out.println("{ }");
-						else			msgs.add(MessageType.INFO, "Your email has been successfully verified");						
-					else {
-						sendEmailNewUserToAdmin(verfuser, db);						
-						if(out != null) out.println("{ }");
-						else			msgs.add(MessageType.INFO, "Your email has been successfully verified, the account is waiting account activation by an admin.");
+				else{
+					// Unauthorized
+					if( out != null ){
+						out.print( "{\"error\":\"Unauthorized user!\"}" );
+						response.setStatus( 401 );					
 					}
-					verfuser.save(db);
-				}
-				else if(out != null)	out.println("{ \"error\":\"Invalid email verification hash!\" }");
-				else					msgs.add(MessageType.ERROR, "Invalid email verification hash!");
-				return;
-			}
-
-			// Other
-			else if( user != null ){
-				// Administration things of users
-				if( user.isSuperUser() && action.equalsIgnoreCase("moduserstat") ){
-					User target_user = User.load(db, Long.parseLong( request.getParameter("id") ) );
-					// Enable user
-					if( request.getParameter("enable") != null ){
-						target_user.setEnabled( true );
-						// Email the user about the activation
-						Email email = new Email("admin@koc.se", target_user.getEmail());
-						email.setSubject("Account activation at "+Zallery.getWebsiteName());
-						email.setContentType(ContentType.HTML);
-						email.setMessage("Your account has now been activated by an admin. You can now login and use the site. " +
-								"<a href='"+Zallery.getWebsiteURL()+"'>"+Zallery.getWebsiteURL()+"</a>");
-					}
-					// Disable user, can not disable one self!
-					else if( request.getParameter("disable") != null && !user.equals( target_user ) )
-						target_user.setEnabled( false );
-					// Promote user to Admin
-					else if( request.getParameter("setadmin") != null )
-						target_user.setSuperUser( true );
-					// Degrade Admin to normal user, can not degrade one self!
-					else if( request.getParameter("unadmin") != null && !user.equals( target_user ) )
-						target_user.setSuperUser( false );
-					else{
-						if( out != null ) out.println("{ }");
-						return;
-					}
-					target_user.save(db);
-					if( out != null ) 
-						out.println("{ }");
-					else 
-						msgs.add(MessageType.INFO, "Account changes saved.");
-					return;
-				}
-				// User profile changes
-				else if( action.equalsIgnoreCase("moduser") ){
-					User target_user = null;
-					if( request.getParameter("id") != null )
-						target_user = User.load(db, Long.parseLong( request.getParameter("id") ) );
-					else // set target user to the logged in user
-						target_user = user;
-
-					if( user.canEdit(target_user) ){
-						if( request.getParameter("email") != null )
-							target_user.setEmail( request.getParameter("email") );
-						if( request.getParameter("password") != null ){
-							if( target_user.getPassword() == null )
-								target_user.setPassword( request.getParameter("password") );
-							else if( request.getParameter("oldPassword") != null )
-								if( target_user.equalsPassword(request.getParameter("oldPassword")) )
-									target_user.setPassword( request.getParameter("password") );
-								else{									
-									if(out != null)	out.println("{ \"error\": \"Wrong password!\"}");
-									else			msgs.add(MessageType.ERROR, "Wrong password!");
-									return;
-								}
-						}
-						if( request.getParameter("name") != null )
-							target_user.setName( request.getParameter("name") );
-						target_user.save(db);
-						if( !user.isEmailVerified() )
-							sendEmailVerification( target_user );
-						if( out != null ) 
-							out.println("{ }");
-						else
-							msgs.add(MessageType.INFO, "Settings saved successfully.");
-					}
-					else if(out != null)	out.println("{ \"error\": \"You are not authorize to change these values!\"}");
-					else					msgs.add(MessageType.ERROR, "You are not authorize to change these values!");
-					return;
-				}
-				// Remove user
-				else if( action.equalsIgnoreCase("rmuser") ){
-					User target_user = null;
-					if( request.getParameter("id") != null )
-						target_user = User.load(db, Long.parseLong( request.getParameter("id") ) );
-					else {
-						if(out != null)	out.println("{ \"error\": \"Missing parameters!\"}");
-						else			msgs.add(MessageType.ERROR, "Missing parameters!");
-						return;
-					}
-
-					if( target_user != null ){
-						if( user.isSuperUser() ){
-							target_user.delete(db);
-							
-							if( out != null ) 	out.println("{ }");
-							else				msgs.add(MessageType.INFO, "User removed successfully.");
-						}
-						else if(out != null)	out.println("{ \"error\": \"You are not authorize to delete that user!\"}");
-						else					msgs.add(MessageType.ERROR, "You are not authorize to delete that user!");
-					}
-					else {
-						if(out != null)	out.println("{ \"error\": \"No such user!\"}");
-						else			msgs.add(MessageType.ERROR, "No such user!");
-					}
-					return;
-				}
-				// Remove user
-				else if( action.equalsIgnoreCase("sendverfemail") ){
-					User target_user = null;
-					if( request.getParameter("id") != null )
-						target_user = User.load(db, Long.parseLong( request.getParameter("id") ) );
-					else {
-						if(out != null)	out.println("{ \"error\": \"Missing parameters!\"}");
-						else			msgs.add(MessageType.ERROR, "Missing parameters!");
-						return;
-					}
-
-					if( target_user != null ){
-						if( user.isSuperUser() ){
-							sendEmailVerification(target_user);
-							
-							logger.info("Verification email sent successfully to: "+user.getEmail());
-							if( out != null ) 	out.println("{ }");
-							else				msgs.add(MessageType.INFO, "Verification email sent successfully.");
-						}
-						else if(out != null)	out.println("{ \"error\": \"You are not authorize send verification emails!\"}");
-						else					msgs.add(MessageType.ERROR, "You are not authorize send verification emails!");
-					}
-					else {
-						if(out != null)	out.println("{ \"error\": \"No such user!\"}");
-						else			msgs.add(MessageType.ERROR, "No such user!");
-					}
-					return;
-				}
-				
-				///// Media stuff
-				// Comments for media
-				else if( action.equalsIgnoreCase("comment") ){
-					if( request.getParameter("id") == null || request.getParameter("type") == null ){
-						if(out != null)	out.println("{ \"error\": \"Missing parameters!\"}");
-						else			msgs.add(MessageType.ERROR, "Missing parameters!");
-						return;
-					}
-					long id =  Long.parseLong(request.getParameter("id"));
-					Media media = Media.load(db, request.getParameter("type"), id);
-					
-					Comment cm = new Comment();
-					cm.setUser( user );
-					cm.setMessage( request.getParameter("msg") );
-					media.addComment( cm );
-					media.save( db );
-					
-					if( out != null ) out.println("{ }");
-					else msgs.add(MessageType.INFO, "Comment saved.");
-					return;
-				}
-				// Edit media information
-				else if( action.equalsIgnoreCase("modmedia") ){
-					if( request.getParameter("id") == null || request.getParameter("type") == null ){
-						if(out != null)	out.println("{ \"error\": \"Missing parameters!\"}");
-						else			msgs.add(MessageType.ERROR, "Missing parameters!");
-						return;
-					}
-					long id =  Long.parseLong(request.getParameter("id"));
-					Media media = Media.load(db, request.getParameter("type"), id);
-										
-					if( media != null ){
-						if( user.canEdit(media) ){
-							media.setTitle( request.getParameter("title") );
-							media.setDescription( request.getParameter("description") );
-							media.save(db);
-							
-							if(out != null)	out.println("{}");
-							else			msgs.add(MessageType.INFO, "Item edited successfully.");
-						}
-						else if(out != null)	out.println("{ \"error\": \"You are not authorize to modify this item!\"}");
-						else					msgs.add(MessageType.ERROR, "You are not authorize to modify this item!");
-					}
-					else if(out != null)	out.println("{ \"error\": \"No such item!\"}");
-					else					msgs.add(MessageType.ERROR, "The item does not exist!");
-				
-				}
-				// Remove media
-				else if( action.equalsIgnoreCase("rmmedia") ){
-					if( request.getParameter("id") == null || request.getParameter("type") == null ){
-						if(out != null)	out.println("{ \"error\": \"Missing parameters!\"}");
-						else			msgs.add(MessageType.ERROR, "Missing parameters!");
-						return;
-					}
-					long id =  Long.parseLong(request.getParameter("id"));
-					Media media = Media.load(db, request.getParameter("type"), id);
-										
-					if( media != null ){
-						if( user.canEdit(media) ){
-							media.delete( db );
-							
-							if(out != null)	out.println("{}");
-							else			msgs.add(MessageType.INFO, "Item removed successfully.");
-						}
-						else if(out != null)	out.println("{ \"error\": \"You are not authorize to delete the item!\"}");
-						else					msgs.add(MessageType.ERROR, "You are not authorize to delete the item!");
-					}
-					else if(out != null)	out.println("{ \"error\": \"No such item!\"}");
-					else					msgs.add(MessageType.ERROR, "The item does not exist!");
-				
-				}
-				// Toggle folder private
-				else if( action.equalsIgnoreCase("mkprivate") ){
-					if( request.getParameter("id") == null){
-						if(out != null)	out.println("{ \"error\": \"Missing parameters!\"}");
-						else			msgs.add(MessageType.ERROR, "Missing parameters!");
-						return;
-					}
-					long id = Long.parseLong(request.getParameter("id"));
-					Folder folder = Folder.load(db, id);
-										
-					if( folder != null ){
-						if( user.canEdit(folder) ){
-							folder.setPrivate( !folder.isPrivate() );
-							folder.save(db);
-							if(out != null)	out.println("{}");
-							else{
-								if(folder.isPrivate()) msgs.add(MessageType.INFO, "Folder is now private (not visible to other users).");
-								else                   msgs.add(MessageType.INFO, "Folder is now public (can be viewed by other users).");
-							}
-						}
-						else if(out != null)	out.println("{ \"error\": \"You are not authorize to edit this folder!\"}");
-						else					msgs.add(MessageType.ERROR, "You are not authorize to edit this folder!");
-					}
-					else if(out != null)	out.println("{ \"error\": \"No such folder!\"}");
-					else					msgs.add(MessageType.ERROR, "The folder does not exist!");
-				
-				}
-				else if( action.equalsIgnoreCase("rmdir") ){
-					if( request.getParameter("id") == null){
-						if(out != null)	out.println("{ \"error\": \"Missing parameters!\"}");
-						else			msgs.add(MessageType.ERROR, "Missing parameters!");
-						return;
-					}
-					long id = Long.parseLong(request.getParameter("id"));
-					Folder folder = Folder.load(db, id);
-										
-					if( folder != null ){
-						if( !folder.isEmpty(db) ){
-							if(out != null)	out.println("{ \"error\": \"Folder is not empty!\"}");
-							else			msgs.add(MessageType.ERROR, "Folder is not empty!");
-						} else if( user.canEdit(folder) ){
-							folder.delete( db );
-							if(out != null)	out.println("{}");
-							else			msgs.add(MessageType.INFO, "Folder removed successfully.");
-						}
-						else if(out != null)	out.println("{ \"error\": \"You are not authorize to delete this folder!\"}");
-						else					msgs.add(MessageType.ERROR, "You are not authorize to delete this folder!");
-					}
-					else if(out != null)	out.println("{ \"error\": \"No such folder!\"}");
-					else					msgs.add(MessageType.ERROR, "The folder does not exist!");
-				
-				}
-				
-				// Create Folder
-				else if( action.equalsIgnoreCase("mkdir") ){
-					String path = request.getParameter("dir");
-					Folder folder = Folder.load(db, path, user);
-					logger.info( "Creating new folder: /"+user.getName()+"/"+path );
-					// parent folder
-					if( folder == null ){
-						String[] dirs = path.split("/");
-						Folder parent = Folder.loadRoot(db, user);
-						if( user.isSuperUser() && path.charAt(0) == '/' )
-							path = "";
-						else{
-							path = "/{NAME}";
-						
-							// Get root folder
-							parent = Folder.load(db, path, user); // Get user root folder
-							if( parent == null ){ // Create root folder
-								parent = Folder.loadRoot(db, user); // get root folder
-								folder = new Folder();
-								folder.setUser( user );
-								folder.setParent( parent );
-								folder.setName( "{NAME}" );
-								folder.save( db );
-								parent = folder;
-							}
-						}
-
-						for(String dir : dirs){
-							if( dir.trim().isEmpty() ) // skip empty names
-								continue;
-							path += "/"+dir;
-							folder = Folder.load(db, path, user);
-							if(folder == null){ // create folder
-								folder = new Folder();
-								folder.setUser( user );
-								folder.setParent( parent );
-								folder.setName( dir );
-								folder.save( db );
-							}
-							parent = folder;
-						}
-						if(out != null)	out.print( "{\"id\":"+folder.getId()+", \"name\":\""+folder.getPath()+"\"}" );
-						else			msgs.add(MessageType.INFO, "Folder '"+path+"' has been successfully created.!");
-					}
-					else if(out != null)	out.println("{\"error\":\"The folder '"+path+"' already exists!\"}");
-					else					msgs.add(MessageType.ERROR, "The folder '"+path+"' already exists!");
+					else
+						msgs.add(MessageType.ERROR, "Unauthorized user!");
+					logger.severe("Unauthorized user!");
 					return;
 				}
 			}
 			else{
 				// Unauthorized
 				if( out != null ){
-					out.print( "{\"error\":\"Unauthorized user!\"}" );
-					response.setStatus( 401 );					
+					out.print( "{\"error\":\"Unknown action!\"}" );
+					response.setStatus( 404 );					
 				}
 				else
-					msgs.add(MessageType.ERROR, "Unauthorized user!");
-				logger.severe("Unauthorized user!");
+					msgs.add(MessageType.ERROR, "Unknown action: '"+actionStr+"'!");
+				logger.severe("Unknown action: '"+actionStr+"'!");
 				return;
 			}
 
@@ -432,8 +126,8 @@ public class ZalleryAjax extends HttpServlet{
 			if(db != null) db.close();
 		}
 	}
-	
-	
+
+
 	public static void sendEmailVerification(User user) throws IOException{
 		// Email
 		Email smtpEmail = new Email("admin@koc.se", user.getEmail());
@@ -446,7 +140,7 @@ public class ZalleryAjax extends HttpServlet{
 				"<p> You will have to wait for an admin to activate your account after you have verified your email.");
 		smtpEmail.send();
 	}
-	
+
 	public static void sendEmailNewUserToAdmin(User newuser, DBConnection db) throws SQLException, IOException{
 		// Email the admin about new user
 		Email email = new Email("admin@koc.se", "admin@koc.se");
diff --git a/src/zall/action/LoginAction.java b/src/zall/action/LoginAction.java
new file mode 100644
index 0000000..37c03e5
--- /dev/null
+++ b/src/zall/action/LoginAction.java
@@ -0,0 +1,41 @@
+package zall.action;
+
+import java.io.PrintWriter;
+import java.sql.SQLException;
+import java.util.logging.Logger;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import zall.bean.User;
+import zall.util.msg.UserMessage;
+import zall.util.msg.UserMessage.MessageType;
+import zutil.db.DBConnection;
+import zutil.log.LogUtil;
+
+public class LoginAction extends ZalleryAction{
+
+	private static final Logger logger = LogUtil.getLogger();

+	public LoginAction() {
+		super("login");
+	}
+	
+
+	@Override
+	public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
+			PrintWriter out, User user, UserMessage msgs) throws SQLException {
+
+		user = User.load(request, response, db, request.getParameter("email"), request.getParameter("password") );
+		if( user != null ){
+			logger.info("Used user input to auth \""+user.getName()+"\"");
+			session.setAttribute("user", user);
+			if( out != null )
+				out.println("{ }");
+		}
+		else if(out != null)	out.println("{ \"error\":\"Wrong username or password!\"}");
+		else					msgs.add(MessageType.ERROR, "Wrong username or password!");
+
+	}
+
+}
diff --git a/src/zall/action/RegisterAction.java b/src/zall/action/RegisterAction.java
new file mode 100644
index 0000000..41ea835
--- /dev/null
+++ b/src/zall/action/RegisterAction.java
@@ -0,0 +1,51 @@
+package zall.action;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.sql.SQLException;
+import java.util.logging.Logger;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import zall.ZalleryAjax;
+import zall.bean.User;
+import zall.util.msg.UserMessage;
+import zall.util.msg.UserMessage.MessageType;
+import zutil.db.DBConnection;
+import zutil.log.LogUtil;
+
+public class RegisterAction extends ZalleryAction{
+	private static final Logger logger = LogUtil.getLogger();
+
+	public RegisterAction() {
+		super("register");
+	}
+	
+	@Override
+	public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
+			PrintWriter out, User user, UserMessage msgs) throws SQLException, IOException {
+
+		if( request.getParameter("email") == null ){
+			msgs.add(MessageType.ERROR, "Please provide a valid email!");
+			return;
+		}
+		if( User.emailExists(request.getParameter("email"), db) ){
+			msgs.add(MessageType.ERROR, "An account with that email already exists!");
+			return;
+		}					
+		user = new User();
+		user.setEmail( request.getParameter("email") );
+		user.setPassword( request.getParameter("password") );
+		user.setName( request.getParameter("name") );
+		user.save(db);
+		ZalleryAjax.sendEmailVerification( user );
+		logger.info("Registered new user: "+user.getName()+".");
+		session.setAttribute("user", user);
+		if(out != null)	out.println("{ \"id\":"+user.getId()+" }");
+		else			msgs.add(MessageType.INFO, "Your account has successfully been created. A verification email has been sent to your email, please click the link to continue.");
+
+	}
+
+}
diff --git a/src/zall/action/ZalleryAction.java b/src/zall/action/ZalleryAction.java
new file mode 100644
index 0000000..d8c1887
--- /dev/null
+++ b/src/zall/action/ZalleryAction.java
@@ -0,0 +1,44 @@
+package zall.action;
+
+import java.io.PrintWriter;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import zall.bean.User;
+import zall.util.msg.UserMessage;
+import zutil.db.DBConnection;
+
+public abstract class ZalleryAction {
+
+	private final String actionId;
+	private final boolean requireUser;
+	
+	public ZalleryAction(String actionId){
+		this(actionId, false);
+	}
+	
+	public ZalleryAction(String actionId, boolean requireUser){
+		this.actionId = actionId;
+		this.requireUser = requireUser;
+	}
+	
+	public abstract void handleRequest(
+			DBConnection db, 
+			HttpServletRequest request,
+			HttpServletResponse response,
+			HttpSession session, 
+			PrintWriter out, 
+			User user, 
+			UserMessage msgs) throws Exception;
+	
+	
+	public String getActionId(){
+		return actionId;
+	}
+	
+	public boolean requireUser(){
+		return requireUser;
+	}
+}
diff --git a/src/zall/action/media/CommentAction.java b/src/zall/action/media/CommentAction.java
new file mode 100644
index 0000000..61e4652
--- /dev/null
+++ b/src/zall/action/media/CommentAction.java
@@ -0,0 +1,49 @@
+package zall.action.media;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.sql.SQLException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import zall.action.ZalleryAction;
+import zall.bean.Comment;
+import zall.bean.Media;
+import zall.bean.User;
+import zall.util.msg.UserMessage;
+import zall.util.msg.UserMessage.MessageType;
+import zutil.db.DBConnection;
+
+public class CommentAction extends ZalleryAction{
+
+	public CommentAction() {
+		super("comment", true);
+	}
+
+	@Override
+	public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
+			PrintWriter out, User user, UserMessage msgs) throws SQLException, IOException {
+
+		// Comments for media
+		if( request.getParameter("id") == null || request.getParameter("type") == null ){
+			if(out != null)	out.println("{ \"error\": \"Missing parameters!\"}");
+			else			msgs.add(MessageType.ERROR, "Missing parameters!");
+			return;
+		}
+		long id =  Long.parseLong(request.getParameter("id"));
+		Media media = Media.load(db, request.getParameter("type"), id);
+
+		Comment cm = new Comment();
+		cm.setUser( user );
+		cm.setMessage( request.getParameter("msg") );
+		media.addComment( cm );
+		media.save( db );
+
+		if( out != null ) out.println("{ }");
+		else msgs.add(MessageType.INFO, "Comment saved.");
+
+	}
+
+}
diff --git a/src/zall/action/media/CreateFolderAction.java b/src/zall/action/media/CreateFolderAction.java
new file mode 100644
index 0000000..0d34045
--- /dev/null
+++ b/src/zall/action/media/CreateFolderAction.java
@@ -0,0 +1,79 @@
+package zall.action.media;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.sql.SQLException;
+import java.util.logging.Logger;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import zall.action.ZalleryAction;
+import zall.bean.Folder;
+import zall.bean.User;
+import zall.util.msg.UserMessage;
+import zall.util.msg.UserMessage.MessageType;
+import zutil.db.DBConnection;
+import zutil.log.LogUtil;
+
+public class CreateFolderAction extends ZalleryAction{
+	private static final Logger logger = LogUtil.getLogger();
+
+	public CreateFolderAction() {
+		super("mkdir", true);
+	}
+
+	@Override
+	public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
+			PrintWriter out, User user, UserMessage msgs) throws SQLException, IOException {
+
+		// Create Folder
+		String path = request.getParameter("dir");
+		Folder folder = Folder.load(db, path, user);
+		logger.info( "Creating new folder: /"+user.getName()+"/"+path );
+		// parent folder
+		if( folder == null ){
+			String[] dirs = path.split("/");
+			Folder parent = Folder.loadRoot(db, user);
+			if( user.isSuperUser() && path.charAt(0) == '/' )
+				path = "";
+			else{
+				path = "/{NAME}";
+
+				// Get root folder
+				parent = Folder.load(db, path, user); // Get user root folder
+				if( parent == null ){ // Create root folder
+					parent = Folder.loadRoot(db, user); // get root folder
+					folder = new Folder();
+					folder.setUser( user );
+					folder.setParent( parent );
+					folder.setName( "{NAME}" );
+					folder.save( db );
+					parent = folder;
+				}
+			}
+
+			for(String dir : dirs){
+				if( dir.trim().isEmpty() ) // skip empty names
+					continue;
+				path += "/"+dir;
+				folder = Folder.load(db, path, user);
+				if(folder == null){ // create folder
+					folder = new Folder();
+					folder.setUser( user );
+					folder.setParent( parent );
+					folder.setName( dir );
+					folder.save( db );
+				}
+				parent = folder;
+			}
+			if(out != null)	out.print( "{\"id\":"+folder.getId()+", \"name\":\""+folder.getPath()+"\"}" );
+			else			msgs.add(MessageType.INFO, "Folder '"+path+"' has been successfully created.!");
+		}
+		else if(out != null)	out.println("{\"error\":\"The folder '"+path+"' already exists!\"}");
+		else					msgs.add(MessageType.ERROR, "The folder '"+path+"' already exists!");
+		return;
+	}
+
+}
diff --git a/src/zall/action/media/ModifyMediaAction.java b/src/zall/action/media/ModifyMediaAction.java
new file mode 100644
index 0000000..a1a05bd
--- /dev/null
+++ b/src/zall/action/media/ModifyMediaAction.java
@@ -0,0 +1,54 @@
+package zall.action.media;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.sql.SQLException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import zall.action.ZalleryAction;
+import zall.bean.Media;
+import zall.bean.User;
+import zall.util.msg.UserMessage;
+import zall.util.msg.UserMessage.MessageType;
+import zutil.db.DBConnection;
+
+public class ModifyMediaAction extends ZalleryAction{
+
+	public ModifyMediaAction() {
+		super("modmedia", true);
+	}
+
+	@Override
+	public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
+			PrintWriter out, User user, UserMessage msgs) throws SQLException, IOException {
+
+		// Edit media information
+		if( request.getParameter("id") == null || request.getParameter("type") == null ){
+			if(out != null)	out.println("{ \"error\": \"Missing parameters!\"}");
+			else			msgs.add(MessageType.ERROR, "Missing parameters!");
+			return;
+		}
+		long id =  Long.parseLong(request.getParameter("id"));
+		Media media = Media.load(db, request.getParameter("type"), id);
+							
+		if( media != null ){
+			if( user.canEdit(media) ){
+				media.setTitle( request.getParameter("title") );
+				media.setDescription( request.getParameter("description") );
+				media.save(db);
+				
+				if(out != null)	out.println("{}");
+				else			msgs.add(MessageType.INFO, "Item edited successfully.");
+			}
+			else if(out != null)	out.println("{ \"error\": \"You are not authorize to modify this item!\"}");
+			else					msgs.add(MessageType.ERROR, "You are not authorize to modify this item!");
+		}
+		else if(out != null)	out.println("{ \"error\": \"No such item!\"}");
+		else					msgs.add(MessageType.ERROR, "The item does not exist!");
+
+	}
+
+}
diff --git a/src/zall/action/media/RemoveFolderAction.java b/src/zall/action/media/RemoveFolderAction.java
new file mode 100644
index 0000000..d6e8307
--- /dev/null
+++ b/src/zall/action/media/RemoveFolderAction.java
@@ -0,0 +1,54 @@
+package zall.action.media;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.sql.SQLException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import zall.action.ZalleryAction;
+import zall.bean.Folder;
+import zall.bean.User;
+import zall.util.msg.UserMessage;
+import zall.util.msg.UserMessage.MessageType;
+import zutil.db.DBConnection;
+
+public class RemoveFolderAction extends ZalleryAction{
+
+	public RemoveFolderAction() {
+		super("rmdir", true);
+	}
+
+	@Override
+	public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
+			PrintWriter out, User user, UserMessage msgs) throws SQLException, IOException {
+
+		//Remove Media
+		if( request.getParameter("id") == null){
+			if(out != null)	out.println("{ \"error\": \"Missing parameters!\"}");
+			else			msgs.add(MessageType.ERROR, "Missing parameters!");
+			return;
+		}
+		long id = Long.parseLong(request.getParameter("id"));
+		Folder folder = Folder.load(db, id);
+
+		if( folder != null ){
+			if( !folder.isEmpty(db) ){
+				if(out != null)	out.println("{ \"error\": \"Folder is not empty!\"}");
+				else			msgs.add(MessageType.ERROR, "Folder is not empty!");
+			} else if( user.canEdit(folder) ){
+				folder.delete( db );
+				if(out != null)	out.println("{}");
+				else			msgs.add(MessageType.INFO, "Folder removed successfully.");
+			}
+			else if(out != null)	out.println("{ \"error\": \"You are not authorize to delete this folder!\"}");
+			else					msgs.add(MessageType.ERROR, "You are not authorize to delete this folder!");
+		}
+		else if(out != null)	out.println("{ \"error\": \"No such folder!\"}");
+		else					msgs.add(MessageType.ERROR, "The folder does not exist!");
+
+	}
+
+}
diff --git a/src/zall/action/media/RemoveMediaAction.java b/src/zall/action/media/RemoveMediaAction.java
new file mode 100644
index 0000000..a2d2e2b
--- /dev/null
+++ b/src/zall/action/media/RemoveMediaAction.java
@@ -0,0 +1,52 @@
+package zall.action.media;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.sql.SQLException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import zall.action.ZalleryAction;
+import zall.bean.Media;
+import zall.bean.User;
+import zall.util.msg.UserMessage;
+import zall.util.msg.UserMessage.MessageType;
+import zutil.db.DBConnection;
+
+public class RemoveMediaAction extends ZalleryAction{
+
+	public RemoveMediaAction() {
+		super("rmmedia", true);
+	}
+
+	@Override
+	public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
+			PrintWriter out, User user, UserMessage msgs) throws SQLException, IOException {
+
+		// Remove media
+		if( request.getParameter("id") == null || request.getParameter("type") == null ){
+			if(out != null)	out.println("{ \"error\": \"Missing parameters!\"}");
+			else			msgs.add(MessageType.ERROR, "Missing parameters!");
+			return;
+		}
+		long id =  Long.parseLong(request.getParameter("id"));
+		Media media = Media.load(db, request.getParameter("type"), id);
+
+		if( media != null ){
+			if( user.canEdit(media) ){
+				media.delete( db );
+
+				if(out != null)	out.println("{}");
+				else			msgs.add(MessageType.INFO, "Item removed successfully.");
+			}
+			else if(out != null)	out.println("{ \"error\": \"You are not authorize to delete the item!\"}");
+			else					msgs.add(MessageType.ERROR, "You are not authorize to delete the item!");
+		}
+		else if(out != null)	out.println("{ \"error\": \"No such item!\"}");
+		else					msgs.add(MessageType.ERROR, "The item does not exist!");
+
+	}
+
+}
diff --git a/src/zall/action/media/TogglePrivateAction.java b/src/zall/action/media/TogglePrivateAction.java
new file mode 100644
index 0000000..e345271
--- /dev/null
+++ b/src/zall/action/media/TogglePrivateAction.java
@@ -0,0 +1,55 @@
+package zall.action.media;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.sql.SQLException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import zall.action.ZalleryAction;
+import zall.bean.Folder;
+import zall.bean.User;
+import zall.util.msg.UserMessage;
+import zall.util.msg.UserMessage.MessageType;
+import zutil.db.DBConnection;
+
+public class TogglePrivateAction extends ZalleryAction{
+
+	public TogglePrivateAction() {
+		super("mkprivate", true);
+	}
+
+	@Override
+	public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
+			PrintWriter out, User user, UserMessage msgs) throws SQLException, IOException {
+
+		// Toggle folder private
+		if( request.getParameter("id") == null){
+			if(out != null)	out.println("{ \"error\": \"Missing parameters!\"}");
+			else			msgs.add(MessageType.ERROR, "Missing parameters!");
+			return;
+		}
+		long id = Long.parseLong(request.getParameter("id"));
+		Folder folder = Folder.load(db, id);
+
+		if( folder != null ){
+			if( user.canEdit(folder) ){
+				folder.setPrivate( !folder.isPrivate() );
+				folder.save(db);
+				if(out != null)	out.println("{}");
+				else{
+					if(folder.isPrivate()) msgs.add(MessageType.INFO, "Folder is now private (not visible to other users).");
+					else                   msgs.add(MessageType.INFO, "Folder is now public (can be viewed by other users).");
+				}
+			}
+			else if(out != null)	out.println("{ \"error\": \"You are not authorize to edit this folder!\"}");
+			else					msgs.add(MessageType.ERROR, "You are not authorize to edit this folder!");
+		}
+		else if(out != null)	out.println("{ \"error\": \"No such folder!\"}");
+		else					msgs.add(MessageType.ERROR, "The folder does not exist!");
+
+	}
+
+}
diff --git a/src/zall/action/user/ModifyUserAction.java b/src/zall/action/user/ModifyUserAction.java
new file mode 100644
index 0000000..242733d
--- /dev/null
+++ b/src/zall/action/user/ModifyUserAction.java
@@ -0,0 +1,65 @@
+package zall.action.user;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.sql.SQLException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import zall.Zallery;
+import zall.action.ZalleryAction;
+import zall.bean.User;
+import zall.util.Email;
+import zall.util.Email.ContentType;
+import zall.util.msg.UserMessage;
+import zall.util.msg.UserMessage.MessageType;
+import zutil.db.DBConnection;
+
+public class ModifyUserAction extends ZalleryAction{
+
+	public ModifyUserAction() {
+		super("moduserstat", true);
+	}
+
+	@Override
+	public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
+			PrintWriter out, User user, UserMessage msgs) throws SQLException, IOException {
+
+		// Administration things of users
+		if( user.isSuperUser() ){
+			User target_user = User.load(db, Long.parseLong( request.getParameter("id") ) );
+			// Enable user
+			if( request.getParameter("enable") != null ){
+				target_user.setEnabled( true );
+				// Email the user about the activation
+				Email email = new Email("admin@koc.se", target_user.getEmail());
+				email.setSubject("Account activation at "+Zallery.getWebsiteName());
+				email.setContentType(ContentType.HTML);
+				email.setMessage("Your account has now been activated by an admin. You can now login and use the site. " +
+						"<a href='"+Zallery.getWebsiteURL()+"'>"+Zallery.getWebsiteURL()+"</a>");
+			}
+			// Disable user, can not disable one self!
+			else if( request.getParameter("disable") != null && !user.equals( target_user ) )
+				target_user.setEnabled( false );
+			// Promote user to Admin
+			else if( request.getParameter("setadmin") != null )
+				target_user.setSuperUser( true );
+			// Degrade Admin to normal user, can not degrade one self!
+			else if( request.getParameter("unadmin") != null && !user.equals( target_user ) )
+				target_user.setSuperUser( false );
+			else{
+				if( out != null ) out.println("{ }");
+				return;
+			}
+			target_user.save(db);
+			if( out != null ) 
+				out.println("{ }");
+			else 
+				msgs.add(MessageType.INFO, "Account changes saved.");
+			return;
+		}
+	}
+
+}
diff --git a/src/zall/action/user/ModifyUserStatusAction.java b/src/zall/action/user/ModifyUserStatusAction.java
new file mode 100644
index 0000000..749c716
--- /dev/null
+++ b/src/zall/action/user/ModifyUserStatusAction.java
@@ -0,0 +1,63 @@
+package zall.action.user;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.sql.SQLException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import zall.ZalleryAjax;
+import zall.action.ZalleryAction;
+import zall.bean.User;
+import zall.util.msg.UserMessage;
+import zall.util.msg.UserMessage.MessageType;
+import zutil.db.DBConnection;
+
+public class ModifyUserStatusAction extends ZalleryAction{
+
+	public ModifyUserStatusAction() {
+		super("moduser", true);
+	}
+
+	@Override
+	public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
+			PrintWriter out, User user, UserMessage msgs) throws SQLException, IOException {
+
+		User target_user = null;
+		if( request.getParameter("id") != null )
+			target_user = User.load(db, Long.parseLong( request.getParameter("id") ) );
+		else // set target user to the logged in user
+			target_user = user;
+
+		if( user.canEdit(target_user) ){
+			if( request.getParameter("email") != null )
+				target_user.setEmail( request.getParameter("email") );
+			if( request.getParameter("password") != null ){
+				if( target_user.getPassword() == null )
+					target_user.setPassword( request.getParameter("password") );
+				else if( request.getParameter("oldPassword") != null )
+					if( target_user.equalsPassword(request.getParameter("oldPassword")) )
+						target_user.setPassword( request.getParameter("password") );
+					else{									
+						if(out != null)	out.println("{ \"error\": \"Wrong password!\"}");
+						else			msgs.add(MessageType.ERROR, "Wrong password!");
+						return;
+					}
+			}
+			if( request.getParameter("name") != null )
+				target_user.setName( request.getParameter("name") );
+			target_user.save(db);
+			if( !user.isEmailVerified() )
+				ZalleryAjax.sendEmailVerification( target_user );
+			if( out != null ) 
+				out.println("{ }");
+			else
+				msgs.add(MessageType.INFO, "Settings saved successfully.");
+		}
+		else if(out != null)	out.println("{ \"error\": \"You are not authorize to change these values!\"}");
+		else					msgs.add(MessageType.ERROR, "You are not authorize to change these values!");
+	}
+
+}
diff --git a/src/zall/action/user/RemoveUserAction.java b/src/zall/action/user/RemoveUserAction.java
new file mode 100644
index 0000000..afc3ca4
--- /dev/null
+++ b/src/zall/action/user/RemoveUserAction.java
@@ -0,0 +1,53 @@
+package zall.action.user;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.sql.SQLException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import zall.action.ZalleryAction;
+import zall.bean.User;
+import zall.util.msg.UserMessage;
+import zall.util.msg.UserMessage.MessageType;
+import zutil.db.DBConnection;
+
+public class RemoveUserAction extends ZalleryAction{
+
+	public RemoveUserAction() {
+		super("rmuser", true);
+	}
+
+	@Override
+	public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
+			PrintWriter out, User user, UserMessage msgs) throws SQLException, IOException {
+		
+		// Remove user
+		User target_user = null;
+		if( request.getParameter("id") != null )
+			target_user = User.load(db, Long.parseLong( request.getParameter("id") ) );
+		else {
+			if(out != null)	out.println("{ \"error\": \"Missing parameters!\"}");
+			else			msgs.add(MessageType.ERROR, "Missing parameters!");
+			return;
+		}
+
+		if( target_user != null ){
+			if( user.isSuperUser() ){
+				target_user.delete(db);
+				
+				if( out != null ) 	out.println("{ }");
+				else				msgs.add(MessageType.INFO, "User removed successfully.");
+			}
+			else if(out != null)	out.println("{ \"error\": \"You are not authorize to delete that user!\"}");
+			else					msgs.add(MessageType.ERROR, "You are not authorize to delete that user!");
+		}
+		else {
+			if(out != null)	out.println("{ \"error\": \"No such user!\"}");
+			else			msgs.add(MessageType.ERROR, "No such user!");
+		}
+	}
+
+}
diff --git a/src/zall/action/user/SendVerificationEmailAction.java b/src/zall/action/user/SendVerificationEmailAction.java
new file mode 100644
index 0000000..48b989c
--- /dev/null
+++ b/src/zall/action/user/SendVerificationEmailAction.java
@@ -0,0 +1,57 @@
+package zall.action.user;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.sql.SQLException;
+import java.util.logging.Logger;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import zall.ZalleryAjax;
+import zall.action.ZalleryAction;
+import zall.bean.User;
+import zall.util.msg.UserMessage;
+import zall.util.msg.UserMessage.MessageType;
+import zutil.db.DBConnection;
+import zutil.log.LogUtil;
+
+public class SendVerificationEmailAction extends ZalleryAction{
+	private static final Logger logger = LogUtil.getLogger();
+
+	public SendVerificationEmailAction() {
+		super("sendverfemail", true);
+	}
+
+	@Override
+	public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
+			PrintWriter out, User user, UserMessage msgs) throws SQLException, IOException {
+		
+		User target_user = null;
+		if( request.getParameter("id") != null )
+			target_user = User.load(db, Long.parseLong( request.getParameter("id") ) );
+		else {
+			if(out != null)	out.println("{ \"error\": \"Missing parameters!\"}");
+			else			msgs.add(MessageType.ERROR, "Missing parameters!");
+			return;
+		}
+
+		if( target_user != null ){
+			if( user.isSuperUser() ){
+				ZalleryAjax.sendEmailVerification(target_user);
+				
+				logger.info("Verification email sent successfully to: "+user.getEmail());
+				if( out != null ) 	out.println("{ }");
+				else				msgs.add(MessageType.INFO, "Verification email sent successfully.");
+			}
+			else if(out != null)	out.println("{ \"error\": \"You are not authorize send verification emails!\"}");
+			else					msgs.add(MessageType.ERROR, "You are not authorize send verification emails!");
+		}
+		else {
+			if(out != null)	out.println("{ \"error\": \"No such user!\"}");
+			else			msgs.add(MessageType.ERROR, "No such user!");
+		}
+	}
+
+}
diff --git a/src/zall/action/user/VerifyEmailAction.java b/src/zall/action/user/VerifyEmailAction.java
new file mode 100644
index 0000000..4955ab4
--- /dev/null
+++ b/src/zall/action/user/VerifyEmailAction.java
@@ -0,0 +1,45 @@
+package zall.action.user;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.sql.SQLException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import zall.ZalleryAjax;
+import zall.action.ZalleryAction;
+import zall.bean.User;
+import zall.util.msg.UserMessage;
+import zall.util.msg.UserMessage.MessageType;
+import zutil.db.DBConnection;
+
+public class VerifyEmailAction extends ZalleryAction{
+
+	public VerifyEmailAction() {
+		super("verfemail", true);
+	}
+
+	@Override
+	public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
+			PrintWriter out, User user, UserMessage msgs) throws SQLException, IOException {
+
+		User verfuser = User.load(db, Long.parseLong(request.getParameter("id")));
+		if( verfuser.verifyEmail(request.getParameter("hash")) ){
+			if( verfuser.isEnabled() )
+				if(out != null) out.println("{ }");
+				else			msgs.add(MessageType.INFO, "Your email has been successfully verified");						
+			else {
+				ZalleryAjax.sendEmailNewUserToAdmin(verfuser, db);						
+				if(out != null) out.println("{ }");
+				else			msgs.add(MessageType.INFO, "Your email has been successfully verified, the account is waiting account activation by an admin.");
+			}
+			verfuser.save(db);
+		}
+		else if(out != null)	out.println("{ \"error\":\"Invalid email verification hash!\" }");
+		else					msgs.add(MessageType.ERROR, "Invalid email verification hash!");
+
+	}
+
+}
diff --git a/src/zall/bean/User.java b/src/zall/bean/User.java
index bd0b933..b59953d 100644
--- a/src/zall/bean/User.java
+++ b/src/zall/bean/User.java
@@ -138,7 +138,7 @@ public class User extends DBBean{
 
 	public static boolean emailExists(String email, DBConnection db) throws SQLException{
 		PreparedStatement sql = db.getPreparedStatement(
-			"SELECT * FROM User WHERE email=? LIMIT 1");
+			"SELECT email FROM User WHERE email=? LIMIT 1");
 		sql.setString(1, email);
 		
 		String tmp = DBConnection.exec(sql, new SimpleSQLHandler<String>());