Don,
I only made a few changes in the acs-subsite user pages. Most of the changes are HTML layout changes. The major change in the TCL/SQL code is the addition of a random token (and column to track it) to supplement the user email verification process. The reason I modified it was because the oid/rowid is a constant in the database and when people change their email addresses, there is no easy way to verify that the email address is still valid. So I added the random token and changed the basic-info-update page to check for a change in the email address. If it was changed, I toggle the user verified column (can't remember the exact column name) to false, log out the user, generate a secret token, and email the confirmation link. So a smart user cannot easily fool the email verification system. I also had to change the registration end too.
