* [ADDED] Smarty acl_check function
* [ADDED] Optional default return value for getValue calls
* [UPDATE] ACL Checks in page controllers
* [UPDATE] Navigation template to use check_acl from Smarty
* [ADDED] New ACL options where needed
* [REMOVED] Disable pages from System Settings Tab
* [ADDED] Above removed pages into ACL Settings Tab
This will make usage of ACLs a bit easier and transparent.
Also fixes#1731 once merged.
The way this now works is, if csrf is enabled:
* Any new or existing template can have csrf protection by adding the hidden input ctoken that's in this batch to its form, removes any logic in templates
* Page controllers that already exist have been updated, new ones only require checking if csrf is enabled and valid
* Now an array to disable with granularity
* Fixed all CSRF tokens back to 1 min
* Added CSRF protection for unlock account
* Unified error message for all csrf tokens
* Fixed a few issues with last commit
moved sitewide into options portion of the config option
csrf protection for contact form under sitewide config option
changed register to 1 hour token
* Removed support page templates
* Changed navigation to contact
* Modified contact form behaviour on enable/disable events
This fixes#1300. It wasn't clear which templates needed to be edited
for the contact form to work.
