--- a/includes/clientside/static/login.js	Sun Feb 24 12:50:52 2008 -0500
+++ b/includes/clientside/static/login.js	Sun Feb 24 12:52:07 2008 -0500
@@ -327,6 +327,10 @@
   }
   // Rid ourselves of any loading windows
   ajaxLoginSetStatus(AJAX_STATUS_DESTROY);
+  if ( IE )
+  {
+    alert('Login: got AJAX response');
+  }
   // Main mode switch
   switch ( response.mode )
   {
@@ -386,6 +390,10 @@
     ajaxLoginSubmitForm();
     return false;
   }
+  if ( IE )
+  {
+    form.style.marginTop = '-20px';
+  }
   
   // Using tables to wrap form elements because it results in a
   // more visually appealing form. Yes, tables suck. I don't really
@@ -473,22 +481,41 @@
   form.appendChild(table);
   
   // Field: enable Diffie Hellman
-  var lbl_dh = document.createElement('label');
-  lbl_dh.style.fontSize = 'smaller';
-  lbl_dh.style.display = 'block';
-  lbl_dh.style.textAlign = 'center';
-  var check_dh = document.createElement('input');
-  check_dh.type = 'checkbox';
-  // this onclick attribute changes the cookie whenever the checkbox or label is clicked
-  check_dh.setAttribute('onclick', 'var ck = ( this.checked ) ? "enable" : "disable"; createCookie("diffiehellman_login", ck, 3650);');
-  if ( readCookie('diffiehellman_login') != 'disable' )
-    check_dh.setAttribute('checked', 'checked');
-  check_dh.id = 'ajax_login_field_dh';
-  lbl_dh.appendChild(check_dh);
-  lbl_dh.innerHTML += $lang.get('user_login_ajax_check_dh');
-  form.appendChild(lbl_dh);
+  if ( IE )
+  {
+    var lbl_dh = document.createElement('span');
+    lbl_dh.style.fontSize = 'smaller';
+    lbl_dh.style.display = 'block';
+    lbl_dh.style.textAlign = 'center';
+    lbl_dh.innerHTML = $lang.get('user_login_ajax_check_dh_ie');
+    form.appendChild(lbl_dh);
+  }
+  else
+  {
+    var lbl_dh = document.createElement('label');
+    lbl_dh.style.fontSize = 'smaller';
+    lbl_dh.style.display = 'block';
+    lbl_dh.style.textAlign = 'center';
+    var check_dh = document.createElement('input');
+    check_dh.type = 'checkbox';
+    // this onclick attribute changes the cookie whenever the checkbox or label is clicked
+    check_dh.setAttribute('onclick', 'var ck = ( this.checked ) ? "enable" : "disable"; createCookie("diffiehellman_login", ck, 3650);');
+    if ( readCookie('diffiehellman_login') != 'disable' )
+      check_dh.setAttribute('checked', 'checked');
+    check_dh.id = 'ajax_login_field_dh';
+    lbl_dh.appendChild(check_dh);
+    lbl_dh.innerHTML += $lang.get('user_login_ajax_check_dh');
+    form.appendChild(lbl_dh);
+  }
   
-  div.appendChild(form);
+  if ( IE )
+  {
+    div.innerHTML += form.outerHTML;
+  }
+  else
+  {
+    div.appendChild(form);
+  }
   
   // Diagnostic / help links
   // (only displayed in login, not in re-auth)
@@ -513,10 +540,24 @@
   logindata.mb_inner.appendChild(div);
   
   // Post operations: field focus
-  if ( data.username )
-    f_password.focus();
+  if ( IE )
+  {
+    setTimeout(
+      function()
+      {
+        if ( logindata.loggedin_username )
+          document.getElementById('ajax_login_field_password').focus();
+        else
+          document.getElementById('ajax_login_field_username').focus();
+      }, 200);        
+  }
   else
-    f_username.focus();
+  {
+    if ( data.username )
+      f_password.focus();
+    else
+      f_username.focus();
+  }
   
   // Post operations: show captcha window
   if ( show_captcha )
@@ -526,6 +567,7 @@
   logindata.key_aes = data.aes_key;
   logindata.key_dh = data.dh_public_key;
   logindata.captcha_hash = show_captcha;
+  logindata.loggedin_username = data.username
   
   // Are we locked out? If so simulate an error and disable the controls
   if ( data.lockout_info.lockout_policy == 'lockout' && data.locked_out )
@@ -573,8 +615,20 @@
   }
   else
   {
-    // The user probably clicked ok when the form wasn't in there.
-    return false;
+    if ( IE )
+    {
+      // IE doesn't have this control, continue silently IF the rest
+      // of the login form is there
+      if ( !document.getElementById('ajax_login_field_username') )
+      {
+        return false;
+      }
+    }
+    else
+    {
+      // The user probably clicked ok when the form wasn't in there.
+      return false;
+    }
   }
   if ( !username )
   {

--- a/includes/clientside/static/pwstrength.js	Sun Feb 24 12:50:52 2008 -0500
+++ b/includes/clientside/static/pwstrength.js	Sun Feb 24 12:52:07 2008 -0500
@@ -200,11 +200,11 @@
       language_onload();
     }
     else
-    {
+    {      
       return {
-        color: '#000000',
-        fgcolor: '#666666',
-        str: 'Language init failed',
+        'color' : '#000000',
+        'fgcolor' : '#666666',
+        'str' : 'Language init failed'
       };
     }
   }

--- a/includes/sessions.php	Sun Feb 24 12:50:52 2008 -0500
+++ b/includes/sessions.php	Sun Feb 24 12:52:07 2008 -0500
@@ -2864,7 +2864,6 @@
     $q = $this->sql('SELECT code_id, code FROM ' . table_prefix . "captcha WHERE session_id = '$hash' AND source_ip = '{$_SERVER['REMOTE_ADDR']}';");
     if ( $db->numrows() < 1 )
     {
-      die("session manager: no rows for captcha_code $hash");
       return false;
     }
     

--- a/includes/wikiformat.php	Sun Feb 24 12:50:52 2008 -0500
+++ b/includes/wikiformat.php	Sun Feb 24 12:52:07 2008 -0500
@@ -150,8 +150,8 @@
         chdir(ENANO_ROOT);
         
         $class = 'Text_Wiki_' . $parser;
-        $c2 = '._includes_wikiengine_' . $parser;
-        $file = str_replace('_', '/', $c2).'.php';
+        $c2 = $parser;
+        $file = ENANO_ROOT . '/includes/wikiengine/' . str_replace('_', '/', $c2).'.php';
         if (!class_exists($class)) {
             $fp = @fopen($file, 'r', true);
             if ($fp === false) {

--- a/language/english/user.json	Sun Feb 24 12:50:52 2008 -0500
+++ b/language/english/user.json	Sun Feb 24 12:52:07 2008 -0500
@@ -68,6 +68,7 @@
       login_ajax_loggingin: 'Logging in...',
       login_ajax_msg_used_temp_pass: 'You have logged in using a temporary password. Before you can log in, you must finish resetting your password. Do you want to reset your real password now?',
       login_ajax_check_dh: 'Enable strong encryption during logon? <a href="http://docs.enanocms.org/Help:Appendix_B#dh" onclick="window.open(this.href); return false;">Learn more</a>',
+      login_ajax_check_dh_ie: 'Use a standards-compliant browser to help protect your password. <a href="http://docs.enanocms.org/Help:Appendix_B#dh" onclick="window.open(this.href); return false;">Learn more</a>',
       
       err_key_not_found: 'Enano couldn\'t look up the encryption key used to encrypt your password. This most often happens if a cache rotation occurred during your login attempt, or if you refreshed the login page.',
       err_key_not_found_cleared: 'It seems that the list of encryption keys used for login information has reached its maximum length, thus preventing new keys from being inserted. The list has been automatically cleared. Please try logging in again; if you are still unable to log in, please contact the site administration.',

--- a/themes/oxygen/footer.tpl	Sun Feb 24 12:50:52 2008 -0500
+++ b/themes/oxygen/footer.tpl	Sun Feb 24 12:52:07 2008 -0500
@@ -55,7 +55,9 @@
       // This initializes the Javascript runtime when the DOM is ready - not when the page is
       // done loading, because enano-lib-basic still has to load some 15 other script files
       // check for the init function - this is a KHTML fix
-      if ( typeof ( enano_init ) == 'function' )
+      // This doesn't seem to work properly in IE in 1.1.x - there are some problems with
+      // tinyMCE and l10n.
+      if ( typeof ( enano_init ) == 'function' && !IE )
       {
         enano_init();
         window.onload = function(e) {  };