Finish migration to safe queries

Migrate more code to safe query abstraction

Getting closer to done...

Move more queries to safe abstraction

Add a Query class to assemble queries by parts, and ?int placeholder
which is needed for LIMIT clauses.

Add safe(r) query abstraction

Add db_query_safe that accepts parameters separately. Use it in
some places.

Don't handle full_special_chars default.filter

default.filter on this server is set to magic_quotes, so remove
the handling for the full_special_chars case.

Replace uses of escape() with appropriate functions

For queries, use real_clean(), for html use hsrc().

A bit of PHP 7.4/8.0 cleanup

Refactor long array() syntax to short []

Since app is using PHP 5.4+ already, the longer `array()` syntax can be
refactored to shorter `[]`.

show user notes in unapproved users table

Also replaced old-school <script language="php"> tags with <?php tags in
users.php

Don't display a link to people.php.net for unapproved accounts as they do not exists there

Add CSRF checks here

This could easily have been used to target admins and automatically
delete all users - or worse - inject SSH keys to anyones account

This is always an update, you can't add people here

Move function to include/fuctions.inc

Get rid of rest of MQ+SM leftovers and improve markup

Link the username to people

Readded unapproved/approved filter and improved links
Also more MQ/SM killing

Order by asc/desc

Simplify user listing - and kill dead register globals & magic quotes

Move functions from users.php to functions.inc

I don't remmeber if this link has ever worked, besides - people are supposed to fille out
the request form, not go through back channels

Refactor approval/reject/delete mail templates

Kill 'noclose'... No autoclosing of the window.. Avoids accidental clicks

This link is in the header already

Use only one table for listing users.. and remove inline styles

Move searchbox from the page itself, into the header