The post-review script should use values provided in username/password argument when provided.
Currently it first looks for cookie and if valid cookie is found the username/password arguments are ignored. Hence if I need to use different login than one I use regularly, the cookie needs to be deleted.

With this change, username/password arguments are given higher priority than the session cookie.