alomst finished signup system, all the logic is there, just need to be made to look nice and the deplyment TODOs followed

signup system now generates ldifs, and adds members to the mailing lists, dont forget to remove the dev mods before deploying

UI and validation for the new signup system, actual backend functionality is started but mostly missing

Makes password check function in session class public

fix some more session weirdness by deleting loggedin cookies instead of piling them up on top of each other

timeout anonymous sessions earlier, to stop the session table getting massive. And fix the inevitable stupid bug which crept in

stop using temporary cookies for logged in users and set a timeout instead. Sessions should now timeout after 48 hours of inactivity, or 8 days since authenticating, whichever comes first. Also fix a bug where we tried to delete users sessions before actually figuring out who they were which stopped logout functioning correctly

- Begin to stop it being so logout happy for ordinary users who aren't doing anything particularly sensitive on the site by keeping track of when a user was last asked for credentials
- Don't continue to use the same session identifier once a user is logged in; it's likely been sent insecurely
- Mark session cookies as "SSL only" once logged in
- Automatically bump users from HTTP to HTTPS for all requests whilst they're logged in