#204383 by hunmonk: User can register with email address -- doc error. removed faulty doc -- users have always been able to register w/ an email address for a username. tightened check for usernames that are already taken as email addresses by another user.

no validation messages or db operations are necessary when the pre-auth role is set to the auth user.

redirect should always be returned, so users who didn't create their own password are redirected to the front page if no redirect is specified.

#174553 by baldwinlouie, hunmonk: Grammer is incorrect when the password length validation message comes up.

#85185 -- allow uid substitution in redirects. patch by hunmonk. redirects will now take %uid, and subsitute that with the user ID prior to the redirect.

#93104 -- Handling of blocked users. patch by hunmonk. only login users with an active status. also, since all new account creations using the set password option get an active status in the db, it's no longer necessary to add it in dynamically in the auth perm revoke code -- this was causing problems with status display.

#103233 -- Users always get active status even when site is configured to require admin approval on new account creation. patch by inactivist, hunmonk. user status should be set to active during LT registration only if the immediate login feature is enabled -- otherwise fall back to the site settings.

#92361 -- The pre-auth user feature does not work properly. patch by plumbley. since user_load() always includes the authenticated user permission, LT needs to specifically re-check it's possible removal of the role in the load op of hook_user(). this *should* counteract anything which might reset the user object in the page load -- any modules not using user_load to mess with the user object are doing it wrong.  :)

#90503 -- wrong help description at signup. patch by hunmonk. display proper help text based on minimum password length setting.

admins approving accounts via the admin validation link are no longer logged in as the user after validation.

#83273 -- Improve password validation. patch by hunmonk.  make password length validation optional, and configurable by length.

#83273 -- Improve password validation. patch by torne. expand validation to allow all printable non-space characters.

correcting doc for admin only approval. put a little more detail in the email the admin receives for approving accounts.

fixed login feature for accounts waiting for admin approval.  no need to block them, because they automatically get the LT temp role, which can be permissioned just like the anon role, and which revokes auth perms dynamically.

78247 -- move profile values into profile_values table.  migrated profile values from users table, data column, into proper place in profile_values table.  this was caused by a bug in the LT registration function.  also fixed LT update 2, which was corrupting the user data by inserting extra escape characters.  NOTE: if you ran a db upgrade on LT between March 13th, 2006, and August 16th, 2006, the serialized data in the data column of the users table was corrupted!  it's either missing necessary curly braces, or has extra escape characters that prevent the data from being properly unserialized.  custom repair of that data will be necessary if it needs to be recovered.

#76188 -- Clarification on user profile pages.  alter description of user role form item on the user edit page when the selected user is in the pre-auth role, to properly indicate that they are not receiving auth user perms.

#72970 -- LoginToboggan should restore site_403 variable when module is disabled. added conditional check in hook_form_alter--if module is disabled and site_403 is set to toboggan/denied, it resets it to default.