Index: includes/menu.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/menu.inc,v
retrieving revision 1.374
diff -u -p -r1.374 menu.inc
--- includes/menu.inc	12 Jan 2010 06:09:04 -0000	1.374
+++ includes/menu.inc	13 Jan 2010 16:04:43 -0000
@@ -2225,6 +2225,7 @@ function menu_reset_static_cache() {
   drupal_static_reset('menu_tree');
   drupal_static_reset('menu_tree_all_data');
   drupal_static_reset('menu_tree_page_data');
+  drupal_static_reset('menu_load_all');
 }
 
 /**
Index: modules/menu/menu.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/menu/menu.module,v
retrieving revision 1.226
diff -u -p -r1.226 menu.module
--- modules/menu/menu.module	9 Jan 2010 21:54:00 -0000	1.226
+++ modules/menu/menu.module	13 Jan 2010 16:04:43 -0000
@@ -213,9 +213,32 @@ function menu_overview_title($menu) {
  *
  * @param $menu_name
  *   The unique name of a custom menu to load.
+ * @return
+ *   Array defining the custom menu, or FALSE if the menu doesn't exist.
  */
 function menu_load($menu_name) {
-  return db_query("SELECT * FROM {menu_custom} WHERE menu_name = :menu", array(':menu' => $menu_name))->fetchAssoc();
+  $all_menus = menu_load_all();
+  return isset($all_menus[$menu_name]) ? $all_menus[$menu_name] : FALSE;
+}
+
+/**
+ * Load all custom menu data.
+ *
+ * @return
+ *   Array of custom menu data.
+ */
+function menu_load_all() {
+  $custom_menus = &drupal_static(__FUNCTION__);
+  if (!isset($custom_menus)) {
+    if ($cached = cache_get('menu_custom', 'cache_menu')) {
+      $custom_menus = $cached->data;
+    }
+    else {
+      $custom_menus = db_query('SELECT * FROM {menu_custom}')->fetchAllAssoc('menu_name', PDO::FETCH_ASSOC);
+      cache_set('menu_custom', $custom_menus, 'cache_menu');
+    }
+  }
+  return $custom_menus;
 }
 
 /**
@@ -242,6 +265,7 @@ function menu_save($menu) {
       'description' => $menu['description'],
     ))
     ->execute();
+  menu_cache_clear_all();
 
   // Since custom menus are keyed by name and their machine-name cannot be
   // changed, there is no real differentiation between inserting and updating a
@@ -290,6 +314,7 @@ function menu_delete($menu) {
     ->condition('menu_name', $menu['menu_name'])
     ->execute();
 
+  menu_cache_clear_all();
   module_invoke_all('menu_delete', $menu);
 }
 
@@ -710,16 +735,14 @@ function menu_form_node_type_form_alter(
  *   titles as the values.
  */
 function menu_get_menus($all = TRUE) {
-  $system_menus = array_keys(menu_list_system_menus());
-  $query = db_select('menu_custom');
-  $query->addTag('translatable');
-  $query->addField('menu_custom', 'menu_name', 'menu_name');
-  $query->addField('menu_custom', 'title', 'title');
-  if (!$all) {
-    $query->condition('menu_name', $system_menus, 'NOT IN');
+  if ($custom_menus = menu_load_all()) {
+    if (!$all) {
+      $custom_menus = array_diff_key($custom_menus, menu_list_system_menus());
+    }
+    foreach ($custom_menus as $menu_name => $menu) {
+      $custom_menus[$menu_name] = t($menu['title']);
+    }
+    asort($custom_menus);
   }
-  $query->orderBy('title');
-
-  return $query->execute()->fetchAllKeyed();
+  return $custom_menus;
 }
-
Index: modules/user/user.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.module,v
retrieving revision 1.1107
diff -u -p -r1.1107 user.module
--- modules/user/user.module	13 Jan 2010 06:44:31 -0000	1.1107
+++ modules/user/user.module	13 Jan 2010 16:04:43 -0000
@@ -1346,16 +1346,43 @@ function user_register_access() {
   return user_is_anonymous() && variable_get('user_register', 1);
 }
 
+
+/**
+ * User view access callback.
+ *
+ * @param $account
+ *   Can either be a full user object or a $uid.
+ */
 function user_view_access($account) {
-  return $account && $account->uid &&
-    (
-      // Always let users view their own profile.
-      ($GLOBALS['user']->uid == $account->uid) ||
-      // Administrators can view all accounts.
-      user_access('administer users') ||
-      // The user is not blocked and logged in at least once.
-      ($account->access && $account->status && user_access('access user profiles'))
-    );
+  // If $account is FALSE, return early, since there is nothing else to check.
+  if (!$account) {
+    return FALSE;
+  }
+
+  // To avoid calling a full user_load() to check access on menu links,
+  // this function accepts either an int or an object. If an int is passed,
+  // most checks can be done with just that.
+  if (is_numeric($account)) {
+    $account = (object) array('uid' => $account);
+  }
+
+  // Never allow access to view the anonymous user account.
+  if ($account->uid) {
+    // Admins can view all, users can view own profiles at all times.
+    if ($GLOBALS['user']->uid == $account->uid || user_access('administer users')) {
+      return TRUE;
+    }
+    elseif (user_access('access user profiles')) {
+      // At this point, load the complete account object.
+      if (!isset($account->access)) {
+        $account = user_load($account->uid);
+      }
+      if ($account->access && $account->status) {
+        return TRUE;
+      }
+    }
+  }
+  return FALSE;
 }
 
 /**
@@ -1519,17 +1546,18 @@ function user_menu() {
     'weight' => -8,
   );
 
-  $items['user/%user_uid_optional'] = array(
+  // Use %user_uid_only_optional here to avoid loading the full user for
+  // basic access checks.
+  $items['user/%user_uid_only_optional'] = array(
     'title' => 'My account',
     'title callback' => 'user_page_title',
     'title arguments' => array(1),
-    'page callback' => 'user_view',
+    'page callback' => 'user_view_page',
     'page arguments' => array(1),
     'access callback' => 'user_view_access',
     'access arguments' => array(1),
     'weight' => -10,
     'menu_name' => 'user-menu',
-    'file' => 'user.pages.inc',
   );
 
   $items['user/%user/view'] = array(
@@ -1662,7 +1690,7 @@ function user_category_load($uid, &$map,
 }
 
 /**
- * Returns the user id of the currently logged in user.
+ * Returns the user id of the currently logged in user unless $arg is not %.
  */
 function user_uid_optional_to_arg($arg) {
   // Give back the current user uid when called from eg. tracker, aka.
@@ -1672,9 +1700,22 @@ function user_uid_optional_to_arg($arg) 
 }
 
 /**
+ * Returns the user id of the currently logged in user unless $arg is not %.
+ */
+function user_uid_only_optional_to_arg($arg) {
+  return user_uid_optional_to_arg($arg);
+}
+
+/**
  * Menu item title callback - use the user name.
  */
-function user_page_title($account) {
+function user_page_title($uid) {
+  if ($GLOBALS['user']->uid == $uid) {
+    $account = $GLOBALS['user'];
+  }
+  else {
+    $account = user_load($uid);
+  }
   return format_username($account);
 }
 
@@ -2107,6 +2148,13 @@ function _user_cancel($edit, $account, $
 }
 
 /**
+ * Page callback wrapper for user_view().
+ */
+function user_view_page($uid) {
+  return user_view(user_load($uid));
+}
+
+/**
  * Generate an array for rendering the given user.
  *
  * When viewing a user profile, the $page array contains: