Fix #6986 several security issues. - CVE-2012-3442: Cross-site scripting in authentication views - CVE-2012-3443: Denial-of-service in image validation - CVE-2012-3444: Denial-of-service via get_image_dimensions()