* Now an array to disable with granularity
* Fixed all CSRF tokens back to 1 min
* Added CSRF protection for unlock account
* Unified error message for all csrf tokens
* Fixed a few issues with last commit
moved sitewide into options portion of the config option
csrf protection for contact form under sitewide config option
changed register to 1 hour token
* Removed support page templates
* Changed navigation to contact
* Modified contact form behaviour on enable/disable events
This fixes#1300. It wasn't clear which templates needed to be edited
for the contact form to work.
