I just installed GeekLog and I'd like to make some suggestions. First of all, I think geeklog shouldn't need register_globals=On. It may not be a security flaw for geeklog itself and there is a way to activate register_globals only for geeklog (at least with apache). However PHP future versions will not support register_globals=On, since it's been deprecated for a while.
Secondly, I think user should have to repeat his password when changing it on Account Information to avoid mistakes and unnecessary password recovering.
And that's all I have on my mind about geeklog. Keep up the good work!
I've read that before and I keep my opinion, since a server with register_globals=On will still support a php written considering register_globals=Off and not vice-versa. Also, it is considered deprecated by the PHP developers.