Index: modules/user/user.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.module,v
retrieving revision 1.819
diff -u -p -r1.819 user.module
--- modules/user/user.module	11 Jul 2007 19:59:11 -0000	1.819
+++ modules/user/user.module	12 Jul 2007 00:32:33 -0000
@@ -526,7 +526,12 @@ function user_search($op = 'search', $ke
           }
         }
         else {
-          $result = pager_query("SELECT name, uid FROM {users} WHERE LOWER(name) LIKE LOWER('%%%s%%')", 15, 0, NULL, $keys);
+          // Exclude from the search blocked users and self-registered users who 
+          // have never logged in. These self-registered users are excluded to 
+          // to prevent link spam in the user profile from being visible.  However,
+          // we assume that administrator-created accounts should be shown even
+          // before the user logs in (e.g. the accounts for officers of an organization).
+          $result = pager_query("SELECT * FROM {users} WHERE status != 0 AND access != 0 AND LOWER(name) LIKE LOWER('%%%s%%')", 15, 0, NULL, $keys);
           while ($account = db_fetch_object($result)) {
             $find[] = array('title' => $account->name, 'link' => url('user/'. $account->uid, array('absolute' => TRUE)));
           }
@@ -1337,9 +1342,15 @@ function user_register() {
   $form = array_merge($form, user_edit_form($form_state, NULL, NULL, TRUE));
   if ($admin) {
     $form['account']['notify'] = array(
-     '#type' => 'checkbox',
-     '#title' => t('Notify user of new account')
+      '#type' => 'checkbox',
+      '#title' => t('Notify user of new account')
     );
+    // Access is set to -1 for administrator-created users in order to distinguish
+    // these from self-registered accounts where access == 0 until the user logs in.
+    $form['access'] = array(
+      '#type' => 'value',
+      '#value' => -1,
+    );  
     // Redirect back to page which initiated the create request; usually admin/user/user/create
     $form['destination'] = array('#type' => 'hidden', '#value' => $_GET['q']);
   }
@@ -2266,7 +2277,7 @@ function user_admin_account() {
     asort($users_roles);
     $form['roles'][$account->uid][0] = array('#value' => theme('item_list', $users_roles));
     $form['member_for'][$account->uid] = array('#value' => format_interval(time() - $account->created));
-    $form['last_access'][$account->uid] =  array('#value' => $account->access ? t('@time ago', array('@time' => format_interval(time() - $account->access))) : t('never'));
+    $form['last_access'][$account->uid] = array('#value' => $account->access > 0 ? t('@time ago', array('@time' => format_interval(time() - $account->access))) : t('never'));
     $form['operations'][$account->uid] = array('#value' => l(t('edit'), "user/$account->uid/edit", array('query' => $destination)));
   }
   $form['accounts'] = array(