#204383 by hunmonk: User can register with email address -- doc error. removed faulty doc -- users have always been able to register w/ an email address for a username. tightened check for usernames that are already taken as email addresses by another user.

#198551 by hunmonk: User registration guidelines not on top of registration form. properly re-weight the help text.

make username/password title/description themable, and don't clobber exiting attributes. some comment cleanup.

#196553 by hunmonk: LoginToboggan interferes with other modules altering registration form. manually place the registration submit function at the beginning of the submit handlers.

no validation messages or db operations are necessary when the pre-auth role is set to the auth user.

redirect should always be returned, so users who didn't create their own password are redirected to the front page if no redirect is specified.

#174553 by baldwinlouie, hunmonk: Grammer is incorrect when the password length validation message comes up.

#145727 - Help text positioned in the middle of the login form rather than the top. patch by p_palmer, myself.

#124589 -- Login on Access Denied (403) resets itself when module listing page is submitted. patch by matt@antinomia, gman.

#118517 -- Fix text substitution variables in revalidation e-mail.  patch by Benjamin Melancon and myself.

#85185 -- allow uid substitution in redirects. patch by hunmonk. redirects will now take %uid, and subsitute that with the user ID prior to the redirect.

#93104 -- Handling of blocked users. patch by hunmonk. only login users with an active status. also, since all new account creations using the set password option get an active status in the db, it's no longer necessary to add it in dynamically in the auth perm revoke code -- this was causing problems with status display.

#103233 -- Users always get active status even when site is configured to require admin approval on new account creation. patch by inactivist, hunmonk. user status should be set to active during LT registration only if the immediate login feature is enabled -- otherwise fall back to the site settings.

#92361 -- The pre-auth user feature does not work properly. patch by plumbley. since user_load() always includes the authenticated user permission, LT needs to specifically re-check it's possible removal of the role in the load op of hook_user(). this *should* counteract anything which might reset the user object in the page load -- any modules not using user_load to mess with the user object are doing it wrong.  :)