- Bugfix: the variable 'user_mail_welcome_approval_subject' was too long.
  Modified patch from Al; used 'user_mail_approval_subject' instead of
  'user_mail_welcome_approval_subj'.  Patch #11 by Al.  Fixes bug #1976.

- Improvement: fixed wrapping in code samples in user module so that admin help doesn't have a huge horizontal scrollbar.  Patch #13 by Al.

- Improvements: XHTML-ifications.  Patch by GmbH.

- Moved some CXX checks to a centralized place; less error-prone.

- Bugfix: small Xtemplate fixes.  Patch by Ax.  (Slightly modified.)

- Bugfix: block patch fix.  Patch by Gerhard.

- Bugfix: fixed broken URL in ping.  Patch by Gerhard.

  (This should fix the problems shown on http://www.blo.gs/info.php?id=1515.)

- Improvement: added better password generator.  Patch #1 by Al.  Fixes bug
  #1935.

- Improvement: performance improvement to the blog module.  Patch by Marco.

- Bugfix: when clean URLs are enabled, the cookie path was not always set correctly when the
user logged using the user block from within a subdirectory.  Patch by Ulf Rompe.

- Bugfix: fixed the CREATE FUNCTION in database.mssql as it needs to be prefixed with GO for some obscure reason.  Patch by Kjartan.

- Bugfix: fixed the defaults for blocks in database.mssql so the NOT NULL fields get values.  Patch by Kjartan.

- Bugfix: changed check_form() to use htmlspecialchars() instead of drupal_specialchars() as this caused Drupal to emit incorrect form items in presence of quotes.  Example:

  <input type="submit" class="form-submit" name="op" value="Submit "top nodes" block changes" />

  IMO, drupal_specialchars() is better called xmlspecialchars() to avoid confusion.

- Bugfix: when an anonymous user visits a site, they shouldn't see any content (except the login block, if it is enabled) unless they have the "access content" permissions.  Patch by Matt Westgate.

- Improvement: improved the error checking and the error messages in the profile module.  Updated the code to match the Drupal coding conventions.  Modified patch from Matt Westgate.

- Improvement: don't generate the <base href=""> tag in the base theme; it is already emitted by theme_head().  Patch by Kristjan.

- Improvement: don't execute any SQL queries when checking the permissions of user #1.  Patch by Kjartan.

- Improvement: made a scalable layout form that works in IE and that behaves better with narrow themes.  Part of patch #51 by Al.

- Improvement: removed some redundant print statements from the comment module.  Modified patch from Craig Courtney.

- Bugfix: in the user_admin_edit() function, the data array returned from the callback modules was not being merged into the edit array.

- Bugfix: added enctype="multipart/form-data" to the form tag so that we can update things like the avatar image in the admin interface.

- Bugfix: fixed approval e-mail and tidied up the e-mail handling.  Patch #43 by
  Al.  Fixes bug #1828.

- Bugfix: clicking the "Login" button after having created the first user
  redirected you to an incorrect page.  Patch by Moshe.

- Dropped check_input(); use check_query() instead.

- Made the statistics module use referer_uri() for security's sake.

  properly.  You couldn't use a username or passwords that had quotes.

- Bugfix: fixed the login problem due to incorrect use of drupal_goto().
  Gerhard's patch was not 100% correct and I found a better alternative.

- CSS improvements: use form functions wrapped in a <div> instead of
  hard-coded form elements.  Modified patch by Kristjan.

  I added some CSS to drupal.css to center the text and ordered the
  list of CSS tags alphabetically.

- Resized two textfields for UI consistentcy.  Patch by Stefan.

- Documentation fixes by Kjartan.

- Al's CSS patches.  This commit improves the themability of some core
  components such as lists, form items, removes an ugly hack from the
  archive module and should fix the poll problem (although it doesn't
  Opera/Konqueror).

- Michael Frankowski's excellent help text improvements!

- Undid my changes to user_access().

- Replaced some PHP_SELF's by request_uri()'s.  Patch by Gerhard.

- Small change that reduces the number of SQL queries when a certain role has
  no permissions set.

- Fixed a typo in the PostgreSQL database scheme.  Patch by Michael Frankowski.

- Fixed a typo in the MSSQL database scheme.  Patch by Michael Frankowski.

- Removed dependency on "register_globals = on"!  Patches by Michael Frankowski.

  Notes:

  + Updated the patches to use $foo["bar"] instead of $foo['bar'].
  + Updated the INSTALL and CHANGELOG files as well.

- Tiny improvement to the "./scripts/code-clean.sh" script.

- Applied  Michael Caerwyn's "%s -> %d" patch.

- Changed all occurences of '%d' to %d as suggested on the mailing list.

- Fixed the function prototypes of the newly introduced theme_user_list(),
  theme_node_list(), and theme_menu_list().  This will fix the excessive
  gap between lists and avoids generating empty <b></b> constructs.

- Committed Adrian's item patch.  It would be nice if one or more of the
  standard themes could be updated to demonstrate the possibilities.

- Fixed some PHP "notices".

- Renamed 'validate_email_address' to 'valid_email_address'.

- Added a 'form_radio' function.

    -    case t("whatever");
    +    case t("whatever"):

- Fixed some SQL query directives.

  in common.inc.  Modified patch from Gerhard.

- Another improvement to the e-mail address validation code.  Fixed Debian
  bug #185217.  Patch by Gerhard.

- Fixed glitch in e-mail verification code.  Patch by Gerhard.

- All LIMIT queries must go through the pager or through db_query_range().
  The syntax for db_query_range() was enhanced so it matches db_query(). So
  you may pass extra arguments of the SQL statement which are checked via
  check_query() and then substituted into the SQL statement. After these
  optional arguments, you always pass $from and $count parameters which
  define your range.  Most often, the $from is 0 and the count is the max
  number of records you want returned.  Patch by Moshe.

- The pager_query() function for PEAR was enhanced so that it adds  proper
  GROUP BY statement counting the number of records to be paged. Patch by
  James Arthur.

- MSSQL database scheme by Moshe.

- Fixed a CSS glitch.  Thanks Al.

- Removed extraneous %uri's.

- Fixed translation bug.

- Fixed broken queries: use 'AND' instead of '&&'.  Reported by Neil.

- Fixed broken URLs in e-mails.  Reported by Stefaan.