Changes since DRUPAL-6--1-6:
- #607152 by hunmonk: ensure arrays before array operations.
- anonymous users shouldn't be able to access revalidation menu item.
- remove unnecessary db_query -- admins validating a user account shouldn't trigger an account login, either.
- better check for no password.
- rollback of #48438 due to core's change in #437930.
- #633386 by Dave Reid: Cleanup menu paths and arguments.
- switch to using user_pass_rehash() for validation hashes.
- #739978 by quicksketch: Remove the CVS version/revision from the settings page
- #745588 by quicksketch: hook_theme specifying arguments incorrectly.
- #739996 by quicksketch: Use 'Sentence case' for settings page
- #769900 by hunmonk, miro_dietiker: redirect on invalid email validation.
- #765994 by hunmonk: Non-authenticated role is hidden in user profile form even when 'Set password' is unchecked
- hide the auth user checkbox on the user edit screen if the user is in the pre-auth role -- reduces UI confusion.
- #797142 by hunmonk: fix session fixation vulnerability.
- remove dead menu caching code.