Fixes a security flaw due to improper sanitation of usernames.  Usernames could be created containing macros and HTML, which could allow arbitrary javascript to be run by an administrator.

Changelog:

 - prevent HTML and Macro injection in usernames
 - fix: https and extra / in urls (perlDreamer Consulting, LLC.)
    http://www.webgui.org/bugs/tracker/https-and-extra-/-in-urls