no validation messages or db operations are necessary when the pre-auth role is set to the auth user.

redirect should always be returned, so users who didn't create their own password are redirected to the front page if no redirect is specified.

#174553 by baldwinlouie, hunmonk: Grammer is incorrect when the password length validation message comes up.

#145727 - Help text positioned in the middle of the login form rather than the top. patch by p_palmer, myself.

#124589 -- Login on Access Denied (403) resets itself when module listing page is submitted. patch by matt@antinomia, gman.

#118517 -- Fix text substitution variables in revalidation e-mail.  patch by Benjamin Melancon and myself.

close XSS attack vectors in themed 'logged in' block, and login block message. some white space removal.

#85185 -- allow uid substitution in redirects. patch by hunmonk. redirects will now take %uid, and subsitute that with the user ID prior to the redirect.

#93104 -- Handling of blocked users. patch by hunmonk. only login users with an active status. also, since all new account creations using the set password option get an active status in the db, it's no longer necessary to add it in dynamically in the auth perm revoke code -- this was causing problems with status display.

#103233 -- Users always get active status even when site is configured to require admin approval on new account creation. patch by inactivist, hunmonk. user status should be set to active during LT registration only if the immediate login feature is enabled -- otherwise fall back to the site settings.

#92361 -- The pre-auth user feature does not work properly. patch by plumbley. since user_load() always includes the authenticated user permission, LT needs to specifically re-check it's possible removal of the role in the load op of hook_user(). this *should* counteract anything which might reset the user object in the page load -- any modules not using user_load to mess with the user object are doing it wrong.  :)

#90503 -- wrong help description at signup. patch by hunmonk. display proper help text based on minimum password length setting.

admins approving accounts via the admin validation link are no longer logged in as the user after validation. fixed bad call to cache table.

#83273 -- Improve password validation. patch by hunmonk.  make password length validation optional, and configurable by length.

#83273 -- Improve password validation. patch by torne. expand validation to allow all printable non-space characters.

moved all login block functionality to form_alter functions. created a separate logged in block. revamped email login validation check and got rid of custom lt login validation.