Security update

Fix CSRF vulnerability in switch links.

See security advisory: SA-CONTRIB-2012-116 - Subuser CSRF and Access Bypass

Fixes security issue: SA-CONTRIB-2012-117 - Location - Access Bypass.

Changes since 7.x-1.0-beta1 (2 commits):

Important location search change: For those using the location search sub-module, from now on users must have the "access content" permission and any relevant node access rights to see node based location search results and the "view user profiles" and "view all user locations" permissions to see user based location search results.

Fixes security issue: SA-CONTRIB-2012-117 - Location - Access Bypass.

Changes since 6.x-3.1 (49 commits):

Important location search change: For those using the location search sub-module, from now on users must have the "access content" permission and any relevant node access rights to see node based location search results and the "view user profiles" and "view all user locations" permissions to see user based location search results.

Security fix XSS vulnerability in galleryformatter.tpl.php. See SA-CONTRIB-2012-115 - Gallery formatter - Cross Site Scripting (XSS) for more details.

Bug fix: #1232802: Image ALT attribute not printed in tpl file by Manuel Garcia.

Fixes open redirect security vulnerability reported by Albert Martin. See SA-CONTRIB-2012-118 - Secure Login - Open Redirect for more detail.

The module did not sufficiently validate strings entered in the administration interface there by opening the possibility of XSS. This release fixes the issues.

See SA-CONTRIB-2012-114 - Campaign Monitor - Cross Site Scripting (XSS) for more details.