some of the security methods.

1. Some browsers don't understand attribute values in single quotes,
   so always use double quotes.

2. An undefined variable was referenced in the error reporting code in
   parseSubstitution().  (The error reporting cannot be reached unless
   _subst_re is changed -- but it is still a bug. :-)

the tracker.

mode opcodes.

Fix check_code_short_endtags(), which should have used <img /> since
the previous batch of changes.

- that the TALcode version of the macro is the same as that of the
  main program;

- that the mode (html or xml) of the macro is the same as that of the
  main program.

If either of these tests fails, raise METALError().

Added three new inquiries for TALcode programs: isCurrentVersion(),
getProgramVersion(), and getProgramMode().

generating HTML, and "/>" for XML, instead of always using "/>".

This is necessary for proper XHTML generation.

self.endsep to the proper value there.

this fixes the Windows crashes?

checkSimpleTransactionalUndo(): Modify tests to check zombification
and subsequent re-birth of objects via transactionalUndo().

works by writing a metadata record which contains a special lrevid
(pickle pointer).  Upon loading a zombified object, naive applications
will get a KeyError as would be expected for loading a non-existant
object.

The actual exception though is ObjectDoesNotExist -- derived from
KeyError -- which contains a `revid' attribute pointing to the
revision of the object which zombified it.  Thus, by undoing this
revid, the object can be reborn to its initial state.

Specifically,

ObjectDoesNotExist: New exception, derived from KeyError.

load(): If an object's metadata has an lrevid with the special `dne'
value (64-bits full of 1's), the object is a zombie and
ObjectDoesNotExist is raised.

transactionalUndo(): If prevrevid for the revision we're undoing is
zero, it means that we're undoing the object's creation.  Instead of
raising an UndoError, write a new metadata record containing the
original record, but with lrevid == dne, and prevrevid == tid.

This change also contains initial (untested) support for pack(),
specifically,

_zaprevision(): pack doesn't happen in a transaction, so remove the
txn argument.  Add the referencesf argument, passed from the pack()
call.

pack(): Initial implementation.  Seems fairly simple really (too
simple? ;)

XMLParserTestCase.check_bad_nesting():
    Use self.fail() instead of naming AssertionError directly; how PyUnit
    deals with the error is it's problem, not ours.  ;-)