Fix change_request option for multiple subsequent requests
In previous version on every request from user with change_request=True,
its login was potentially prefixed with the real requester. It could
produced undesirable result on subsequent requests as the user database
is not reinitialized between requests. This commit fixes it by earlier
setting r.requester{,_email} and using the second one as the address to
which send emails about errors with privs.