#564062 by Matthew Davidson, hunmonk: Admin created accounts should have password length validation.

#513372 by hunmonk: 'Account activated' email not sent if new user manually removed from pre-auth role.

#368699 by hunmonk: re-send validation link always appears if non-authenticated role is set to auth user.

#413916 by hunmonk, rfay: New users deleted inappropriately.  this fixes the no-so-well-implemented auto user deletion feature -- much more stable and less dangerous now.

#291006 by hunmonk: Email validate link landing page inconsistency. see logintoboggan_update_6001 for details on this change.

#320162 by xurizaemon: LoginToboggan prevents use of spaces in passwords, breaking passphrase functionality.

#291001 by hunmonk: Allow One Time Login To Be Used Only Once. the previous solution was very broken --this one has been more well tested.

#264300 by webchick: Use checkboxes rather than Enabled/Disabled radios.  some changes to the titles/descriptions of settings.

#254387 by drewish, hunmonk: Redirecting after access denied doesn't work with language path prefixes. conditionally remove the language prefix if present.

#238660 by hunmonk: Allow user admins to re-send validation e-mail. thanks to manoloka for sponsoring the work on this patch.

#239571 by hunmonk: fix broken mailing functionality. Resend validation email code is now properly updated to 6.x, logintoboggan_mail() was not using user saved mail subjects/bodies.

#204383 by hunmonk: User can register with email address. cleaned up validation code of duplicate username/email for the case where login with email is enabled. ripped out some duplicate code.