diff --git a/modules/displaytags/views/displaytags_block.html.php b/modules/displaytags/views/displaytags_block.html.php
index 21fe8d6e..a0b392f3 100644
--- a/modules/displaytags/views/displaytags_block.html.php
+++ b/modules/displaytags/views/displaytags_block.html.php
@@ -3,6 +3,6 @@
   <? $not_first = 0; ?>
   <? foreach ($tags as $tag): ?>
   <?= ($not_first++) ? "," : "" ?>
-  <a href="<?= url::site("tags/{$tag->name}") ?>"><?= html::clean($tag->name) ?></a>
+    <a href="<?= $tag->url() ?>"><?= html::clean($tag->name) ?></a>
   <? endforeach ?>
 </div>
diff --git a/modules/gwtorganise/controllers/json_album.php b/modules/gwtorganise/controllers/json_album.php
index 85cf1128..da36fd98 100644
--- a/modules/gwtorganise/controllers/json_album.php
+++ b/modules/gwtorganise/controllers/json_album.php
@@ -34,7 +34,7 @@ class Json_Album_Controller extends Controller {
     $item = ORM::factory("item", $item_id);
     access::required("view", $item);
 
-    $children = $item->children(null, 0, $where);
+    $children = $item->children(null, null, $where);
     $encoded = array();
     foreach ($children as $id => $child){
       $encoded[$id] = self::child_json_encode($child);
@@ -44,7 +44,7 @@ class Json_Album_Controller extends Controller {
   }
 
   function is_admin() {
-    if (user::active()->admin) {
+    if (identity::active_user()->admin) {
       print json_encode(array("result" => "success", "csrf" => access::csrf_token()));
       return;
     }
@@ -54,7 +54,7 @@ class Json_Album_Controller extends Controller {
 
   function albums($item_id) {
 
-    print $this->child_elements($item_id,array("type" => "album"));
+    print $this->child_elements($item_id, array(array("type", "=", "album")));
   }
 
   function children($item_id){
diff --git a/modules/ldap/helpers/ldap_installer.php b/modules/ldap/helpers/ldap_installer.php
index c68ac6b6..dbdfb048 100644
--- a/modules/ldap/helpers/ldap_installer.php
+++ b/modules/ldap/helpers/ldap_installer.php
@@ -18,15 +18,19 @@
  * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
  */
 class ldap_installer {
-  static function install() {
-    module::set_version("ldap", 1);
-    $root = item::root();
-    $ldap_provider = new IdentityProvider("ldap");
-    foreach ($ldap_provider->groups() as $group) {
-      module::event("group_created", $group);
-      access::allow($group, "view", $root);
-      access::allow($group, "view_full", $root);
+  static function can_activate() {
+    $messages = array();
+    if (array_search("ldap", get_loaded_extensions()) === false) {
+      $messages["error"][] =
+        t("Cannot install LDAP identity provider as the PHP LDAP extension module is not enabled.");
+    } else {
+      $messages["warn"][] = IdentityProvider::confirmation_message();
     }
+    return $messages;
+  }
+
+  static function install() {
+    IdentityProvider::change_provider("ldap");
   }
 
   static function uninstall() {
@@ -36,4 +40,14 @@ class ldap_installer {
       module::event("group_deleted", $group);
     }
   }
+
+  static function initialize() {
+    module::set_version("ldap", 1);
+    $root = item::root();
+    foreach (IdentityProvider::instance()->groups() as $group) {
+      module::event("group_created", $group);
+      access::allow($group, "view", $root);
+      access::allow($group, "view_full", $root);
+    }
+  }
 }
\ No newline at end of file
diff --git a/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php b/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php
index c3eb1dd1..69440199 100644
--- a/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php
+++ b/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php
@@ -239,9 +239,6 @@ class Ldap_User implements User_Definition {
     case "id":
       return $this->ldap_entry["uidnumber"][0];
 
-    case "groups":
-      return IdentityProvider_Ldap_Driver::groups_for($this);
-
     case "locale":  // @todo
       return null;
 
@@ -266,6 +263,10 @@ class Ldap_User implements User_Definition {
     }
   }
 
+  public function groups() {
+      return IdentityProvider_Ldap_Driver::groups_for($this);
+  }
+
   public function avatar_url($size=80, $default=null) {
     return sprintf("http://www.gravatar.com/avatar/%s.jpg?s=%d&r=pg%s",
                    md5($this->email), $size, $default ? "&d=" . urlencode($default) : "");
diff --git a/modules/ldap/module.info b/modules/ldap/module.info
index 1b7bef08..06fa311b 100644
--- a/modules/ldap/module.info
+++ b/modules/ldap/module.info
@@ -1,6 +1,3 @@
 name = "LDAP"
 description = "Use LDAP for authentication"
 version = 1
-
-; Don't show this module on the module administration screen
-no_module_admin = 1
diff --git a/modules/register/controllers/admin_register.php b/modules/register/controllers/admin_register.php
index d93d9ad1..6e1e4155 100755
--- a/modules/register/controllers/admin_register.php
+++ b/modules/register/controllers/admin_register.php
@@ -32,6 +32,9 @@ class Admin_register_Controller extends Admin_Controller {
     access::verify_csrf();
 
     $post = new Validation($_POST);
+    $post->add_rules("policy", "required");
+    $post->add_rules("group", array($this, "passthru"));
+    $post->add_rules("email_verification", array($this, "passthru"));
     $group_list = array();
     if ($post->validate()) {
       module::set_var("registration", "policy", $post->policy);
@@ -49,6 +52,12 @@ class Admin_register_Controller extends Admin_Controller {
     }
   }
 
+  // We need this validation callback in order to have the optional fields copied to
+  // validation array.
+  public function passthru($field) {
+    return true;
+  }
+
   public function activate() {
     access::verify_csrf();
 
diff --git a/modules/register/controllers/register.php b/modules/register/controllers/register.php
index 66d420c6..ec50d646 100755
--- a/modules/register/controllers/register.php
+++ b/modules/register/controllers/register.php
@@ -37,13 +37,13 @@ class register_Controller extends Controller {
       $policy = module::get_var("registration", "policy");
       if ($policy == "visitor") {
         if ($pending_user->state == 1) {
-          Session::instance()->set("registration_first_usage");
           $user = register::create_new_user($pending_user->id);
+          Session::instance()->set("registration_first_usage");
           auth::login($user);
           Session::instance()->set("registration_first_usage", true);
           $pending_user->delete();
         } else {
-          register::send_confirmation($pending_user);
+          $user = register::create_new_user($pending_user->id, true);
           message::success(t("A confirmation email has been sent to your email address."));
         }
       } else if ($pending_user->state == 1) {
diff --git a/modules/register/helpers/register.php b/modules/register/helpers/register.php
index 159f3237..d46b381c 100644
--- a/modules/register/helpers/register.php
+++ b/modules/register/helpers/register.php
@@ -21,8 +21,13 @@ class register_Core {
   private static $_states;
 
   static function format_registration_state($state) {
-    if (empty(self::$_state)) {
-      self::$_states = array(t("Unconfirmed"), t("Confirmed"), t("Activated"));
+    if (empty(self::$_states)) {
+      $policy = module::get_var("registration", "policy");
+      $email_verification = module::get_var("registration", "email_verification");
+      $pending = $policy == "admin_only" || ($policy == "admin_approval" && !$email_verification);
+      self::$_states = array(t("Unconfirmed"),
+                             $pending ? t("Pending")  : t("Confirmed"),
+                             t("Activated"));
     }
     return self::$_states[$state];
   }
@@ -37,10 +42,11 @@ class register_Core {
     return $user->loaded();
   }
 
-  static function send_user_created_confirmation($user) {
+  static function send_user_created_confirmation($user, $requires_first=false) {
     $message = new View("register_welcome.html");
     $message->user = $user;
-    $message->site_url = url::abs_site("register/first/{$user->hash}");
+    $message->site_url = $requires_first ? url::abs_site("register/first/{$user->hash}") :
+                                           url::abs_site("");
     self::_sendemail($user->email, t("Your userid has been created"), $message);
   }
 
diff --git a/modules/register/views/admin_register.html.php b/modules/register/views/admin_register.html.php
index 865a8e56..d624865c 100644
--- a/modules/register/views/admin_register.html.php
+++ b/modules/register/views/admin_register.html.php
@@ -31,6 +31,8 @@
           <? if (!empty($group_list)): ?>
           <label for="group" class="g-left"> <?= t("Default group: ") ?></label>
           <?= form::dropdown(array("name" => "group"), $group_list, $form["group"]) ?></label>
+          <? else: ?>
+          <?= form::hidden("group", $form["group"]) ?></label>
           <? endif ?>
         </li>
         <li>
diff --git a/modules/sso/helpers/sso_event.php b/modules/sso/helpers/sso_event.php
new file mode 100644
index 00000000..67d81a7e
--- /dev/null
+++ b/modules/sso/helpers/sso_event.php
@@ -0,0 +1,32 @@
+<?php defined("SYSPATH") or die("No direct script access.");/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2009 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+class sso_event {
+  static function gallery_ready() {
+    $sso_username = Input::instance()->server("REMOTE_USER");
+    $user = Session::instance()->get("user");
+    if (empty($user) || $user->name != $sso_username) {
+      try {
+        identity::set_active_user(identity::lookup_user_by_name($sso_username));
+      } catch (Exception $e) {
+        Kohana_Log::add("error", "Couldn't authenticate as $sso_username: " .
+                        $e->getMessage() . "\n" . $e->getTraceAsString());
+      }
+    }
+  }
+}
diff --git a/modules/sso/module.info b/modules/sso/module.info
new file mode 100644
index 00000000..53e235a8
--- /dev/null
+++ b/modules/sso/module.info
@@ -0,0 +1,3 @@
+name = "SSO"
+description = "Support single-signon authentication"
+version = 1
diff --git a/modules/tagfaces/controllers/tagfaces.php b/modules/tagfaces/controllers/tagfaces.php
index d202350d..26f1284e 100644
--- a/modules/tagfaces/controllers/tagfaces.php
+++ b/modules/tagfaces/controllers/tagfaces.php
@@ -85,8 +85,8 @@ class tagfaces_Controller extends Controller {
     $str_face_title = str_replace("'", "\'", Input::instance()->post("face_title"));
     $str_face_description = str_replace("'", "\'", Input::instance()->post("face_description"));
     $item_data = Input::instance()->post("item_id");
-    $str_x1 = Input::instance()->post("x");
-    $str_y1 = Input::instance()->post("y");
+    $str_x1 = Input::instance()->post("x1");
+    $str_y1 = Input::instance()->post("y1");
     $str_x2 = Input::instance()->post("x2");
     $str_y2 = Input::instance()->post("y2");
 
@@ -192,13 +192,17 @@ class tagfaces_Controller extends Controller {
     // Generate input boxes to hold the coordinates of the face.
     $coordinates_group = $form->group("FaceCoordinates")
                               ->label(t("Coordinates:"));
-    $coordinates_group->input("x")
+    $coordinates_group->input("x1")
+                      ->id('x1')
                       ->label(t("X1"));
-    $coordinates_group->input("y")
+    $coordinates_group->input("y1")
+                      ->id('y1')
                       ->label(t("Y1"));
     $coordinates_group->input("x2")
+                      ->id('x2')
                       ->label(t("X2"));
     $coordinates_group->input("y2")
+                      ->id('y2')
                       ->label(t("Y2"));
 
     // Add the id# of the photo and a save button to the form.
diff --git a/modules/tagfaces/views/drawfaces.html.php b/modules/tagfaces/views/drawfaces.html.php
index 68bb388b..161f717a 100644
--- a/modules/tagfaces/views/drawfaces.html.php
+++ b/modules/tagfaces/views/drawfaces.html.php
@@ -53,8 +53,8 @@
   // Our simple event handler, called from onChange and onSelect
   // event handlers, as per the Jcrop invocation above
   function showCoords(c) {
-    jQuery('#x').val(c.x);
-    jQuery('#y').val(c.y);
+    jQuery('#x1').val(c.x);
+    jQuery('#y1').val(c.y);
     jQuery('#x2').val(c.x2);
     jQuery('#y2').val(c.y2);
   };
@@ -87,10 +87,10 @@
 #face_description {
   width: 400px;
 }
-#x {
+#x1 {
   width: 40px;
 }
-#y {
+#y1 {
   width: 40px;
 }
 #x2 {
@@ -108,7 +108,7 @@ li {
 </style>
 
 <div id="g-coordinates">
-  <?= $form ?>
+  <?=$form ?>
 </div>
 
 <br/><br/><br/>
@@ -121,6 +121,12 @@ li {
 </div>
 </fieldset>
 
+
+
+
+
+
+
 <br/>
 
 <div id="g-exit-faces">
diff --git a/modules/tagfaces/views/drawfaces_highlight_block.html.php b/modules/tagfaces/views/drawfaces_highlight_block.html.php
index c8fc2eb5..26321461 100644
--- a/modules/tagfaces/views/drawfaces_highlight_block.html.php
+++ b/modules/tagfaces/views/drawfaces_highlight_block.html.php
@@ -83,7 +83,7 @@
     foreach ($existingFaces as $oneFace) {
       $oneTag = ORM::factory("tag", $oneFace->tag_id)
 ?>
-      <area shape="rect" coords="<?=$oneFace->x1 ?>,<?=$oneFace->y1 ?>,<?=$oneFace->x2 ?>,<?=$oneFace->y2 ?>" href="<?=url::site("tags/$oneFace->tag_id") ?>" title="<?=html::clean($oneTag->name); ?>" alt="<?=$oneTag->name; ?>" onMouseOver="highlightbox(<?=$oneFace->x1 ?>,<?=$oneFace->y1 ?>,<?=$oneFace->x2 ?>,<?=$oneFace->y2 ?>,'<?=html::clean($oneTag->name); ?>', '<?=html::clean($oneFace->description); ?>', '<?=url::site("tags/$oneFace->tag_id") ?>')" />
+      <area shape="rect" coords="<?=$oneFace->x1 ?>,<?=$oneFace->y1 ?>,<?=$oneFace->x2 ?>,<?=$oneFace->y2 ?>" href="<?=$oneTag->url() ?>" title="<?=html::clean($oneTag->name); ?>" alt="<?=$oneTag->name; ?>" onMouseOver="highlightbox(<?=$oneFace->x1 ?>,<?=$oneFace->y1 ?>,<?=$oneFace->x2 ?>,<?=$oneFace->y2 ?>,'<?=html::clean($oneTag->name); ?>', '<?=html::clean($oneFace->description); ?>', '<?=$oneTag->url() ?>')" />
 <? } ?>
 
 <?
diff --git a/modules/user_homes/helpers/user_homes_event.php b/modules/user_homes/helpers/user_homes_event.php
index 561666df..a866de52 100644
--- a/modules/user_homes/helpers/user_homes_event.php
+++ b/modules/user_homes/helpers/user_homes_event.php
@@ -161,4 +161,17 @@ class user_homes_event_Core {
     }
     return;
   }
+
+  static function show_user_profile($data) {
+    $home = ORM::factory("user_home")->where("id", "=", $data->user->id)->find();
+
+    if ($home->loaded()) {
+      $view = new View("user_profile_home.html");
+      $item = ORM::factory("item")->where("id", "=", $home->home)->find();
+      if ($item->loaded()) {
+        $view->item = $item;
+        $data->content[] = (object)array("title" => t("Home album"), "view" => $view);
+      }
+    }
+  }
 }
diff --git a/modules/user_homes/views/user_profile_home.html.php b/modules/user_homes/views/user_profile_home.html.php
new file mode 100644
index 00000000..33e8c5c2
--- /dev/null
+++ b/modules/user_homes/views/user_profile_home.html.php
@@ -0,0 +1,10 @@
+<?php defined("SYSPATH") or die("No direct script access.") ?>
+<div id="g-user-home-detail">
+<ul>
+  <li id="g-user_home-<?= $item->id ?>">
+    <a href="<?= $item->url() ?>">
+      <?= html::purify($item->title) ?>
+    </a>
+  </li>
+</ul>
+</div>