#83273 -- Improve password validation. patch by torne. expand validation to allow all printable non-space characters.

correcting doc for admin only approval. put a little more detail in the email the admin receives for approving accounts.

fixed login feature for accounts waiting for admin approval.  no need to block them, because they automatically get the LT temp role, which can be permissioned just like the anon role, and which revokes auth perms dynamically.

78247 -- move profile values into profile_values table.  migrated profile values from users table, data column, into proper place in profile_values table.  this was caused by a bug in the LT registration function.  also fixed LT update 2, which was corrupting the user data by inserting extra escape characters.  NOTE: if you ran a db upgrade on LT between March 13th, 2006, and August 16th, 2006, the serialized data in the data column of the users table was corrupted!  it's either missing necessary curly braces, or has extra escape characters that prevent the data from being properly unserialized.  custom repair of that data will be necessary if it needs to be recovered.

#76188 -- Clarification on user profile pages.  alter description of user role form item on the user edit page when the selected user is in the pre-auth role, to properly indicate that they are not receiving auth user perms.

#72970 -- LoginToboggan should restore site_403 variable when module is disabled. added conditional check in hook_form_alter--if module is disabled and site_403 is set to toboggan/denied, it resets it to default.

updated help text, adding info about the login successful message, and removing the reference about setting the pre-auth role to anon user, as this is no longer supported.

disallowed selection of the anonymous user role as the pre-auth role--the new handling of roles in core makes this setting impossible. set it so the update code will automatically move the pre auth role to the auth user role if it is currently in the anon role. site maintainers are encouraged to create a new role w/ the same perms as the anon role, and set this new role as the LT pre-auth role--this will allow the same functionality as before (in this case it will also be necessary to manually add the new pre-auth role to any users who were unvalidated previous to this change.

#72245 -- drupal_get_path not loading. whoops, last solution didn't work. so, roll back and get rid of the define entirely.

#72245 -- drupal_get_path not loading. moved pre-auth role code into hook_menu, and eliminated hook_init entirely. should solve this problem.

#71155 -- tip: to style logintoboggan.module block. added logintoboggan.css, and added more granular div tags to the toggleboggan function, enabling greater theming control. fixed small error in comment format.

#71562 -- Option to register. reworked the logintoboggan_denied function to output the entire user login page content, and added an error message indicating access was denied.

#56402 -- Login Successful message. added option to display a 'Login successful' user message upon login.

made LT work properly with administrator approved accounts. edited help text to remove bad information, and added a description on how LT works with admin approved accounts.

updated register_submit function. since admins will never run through this function, all admin-related code has been removed.

#57623 -- Eliminate set password only option. the option to set a password but not login immediately seemed useless, so it is now removed. refactored the register_submit function to make it more clean as well.

#60558 -- Module help contents is broken. missing string concat when building help text. patch by me.

#56366 -- non-authenticated role doesn't work due to core HEAD rid =2 missing from db.user_roles. added hook_init which dynamically unsets the auth role from the user if they haven't validated their address.  patch by me.

add note in registration redirect form field description that the redirect will not work when the user password creation feature is disabled.  not supported, because it is bad workflow.

#68671 -- LT + hook_user op register causes wrong order of registration fields. unset the existing pass form field when the account form group is used--keeps field ordering correct.  patch by webchick/hunmonk.

added error message when users attempt to use one time validation e-mail more than once. suggested by aaron. patch by me.