diff --git a/html/inc/bootstrap.inc b/html/inc/bootstrap.inc
index 8239919bc2..0098373b63 100644
--- a/html/inc/bootstrap.inc
+++ b/html/inc/bootstrap.inc
@@ -273,12 +273,18 @@ function grid($top_func, $left_func, $right_func, $left_width=6) {
     ';
 }
 
-function form_start($action, $method='get') {
+// to upload files:
+//  use method = POST and extra=ENCTYPE="multipart/form-data"
+// to have initial focus on input field foo:
+//      use extra = "name=x"
+//      call forum_focus(x, foo) after defining the field
+//
+function form_start($action, $method='get', $extra='') {
     echo sprintf(
-        '<div class="container">
-        <form class="form-horizontal" method="%s" action="%s">'
+        '<div class="container-fluid">
+        <form class="form-horizontal" method="%s" action="%s" %s>'
         ,
-        $method, $action
+        $method, $action, $extra
     );
 }
 
@@ -287,27 +293,47 @@ function form_input_hidden($name, $value) {
     ';
 }
 
+function form_focus($form_name, $field_name) {
+    echo "<script>document.$form_name.$field_name.focus()</script>\n";
+
+}
+
 function form_end() {
     echo '</form>
         </div>
     ';
 }
 
-define('FORM_LEFT_CLASS', 'col-sm-4');
-define('FORM_LEFT_OFFSET', 'col-sm-offset-4');
-define('FORM_RIGHT_CLASS', 'col-sm-8');
+define('FORM_LEFT_CLASS', 'col-sm-3');
+define('FORM_LEFT_OFFSET', 'col-sm-offset-3');
+define('FORM_RIGHT_CLASS', 'col-sm-9');
 
-function form_input_text($label, $name, $value='', $type='text', $attrs='', $extra='') {
+// just the input field
+//
+function form_input_text_field(
+    $name, $value='', $type='text', $attrs='', $extra=''
+) {
+    return sprintf(
+        '<input %s type="%s" class="form-control" name="%s" value="%s">%s',
+        $attrs, $type, $name, $value, $extra
+    );
+}
+
+// the whole row
+//
+function form_input_text(
+    $label, $name, $value='', $type='text', $attrs='', $extra=''
+) {
     echo sprintf('
         <div class="form-group">
-            <label class="control-label %s">%s</label>
+            <label align=right class="%s">%s</label>
             <div class="%s">
-                <input %s type="%s" class="form-control" name="%s" value="%s">%s
+                %s
             </div>
         </div>
         ',
         FORM_LEFT_CLASS, $label, FORM_RIGHT_CLASS,
-        $attrs, $type, $name, $value, $extra
+        form_input_text_field($name, $value, $type, $attrs, $extra)
     );
 }
 
@@ -324,16 +350,17 @@ function form_attr($name, $value) {
     );
 }
 
-function form_input_textarea($label, $name, $value='') {
+function form_input_textarea($label, $name, $value='', $nrows=4) {
     echo sprintf('
         <div class="form-group">
-            <label class="control-label %s" for="%s">%s</label>
+            <label align=right class="%s" for="%s">%s</label>
             <div class="%s">
-                <textarea rows="6" class="form-control" id="%s" name="%s">%s</textarea>
+                <textarea rows="%d" class="form-control" id="%s" name="%s">%s</textarea>
             </div>
         </div>
         ',
-        FORM_LEFT_CLASS, $name, $label, FORM_RIGHT_CLASS, $name, $name, $value
+        FORM_LEFT_CLASS, $name, $label, FORM_RIGHT_CLASS,
+        $nrows, $name, $name, $value
     );
 }
 
@@ -342,7 +369,7 @@ function form_input_textarea($label, $name, $value='') {
 function form_select($label, $name, $items) {
     echo sprintf('
         <div class="form-group">
-            <label class="control-label %s" for="%s">%s</label>
+            <label align=right class="%s" for="%s">%s</label>
             <div class="%s">
                 <select class="form-control" id="%s" name="%s">
         ',
@@ -365,7 +392,7 @@ function form_select($label, $name, $items) {
 function form_select_multiple($label, $name, $items, $flags) {
     echo sprintf('
         <div class="form-group">
-            <label class="control-label %s" for="%s">%s</label>
+            <label align=right class="%s" for="%s">%s</label>
             <div class="%s">
                 <select multiple class="form-control" id="%s" name="%s[]">
         ',
@@ -381,28 +408,31 @@ function form_select_multiple($label, $name, $items, $flags) {
     echo "</select></div></div>\n";
 }
 
+// return a list of string for checkbox items
+//
+function checkbox_item_strings($items, $attrs='') {
+    $x = [];
+    foreach ($items as $i) {
+        $x[] = sprintf('<input %s type="checkbox" name="%s" %s> %s
+            ',
+            $attrs, $i[0], $i[2]?"checked":"", $i[1]
+        );
+    }
+    return $x;
+}
+
 // $items is list of (name, label, checked)
 //
 function form_checkboxes($label, $items, $attrs='') {
     echo sprintf('
         <div class="form-group">
-            <label class="control-label %s">%s</label>
+            <label align=right class="%s">%s</label>
             <div class="%s">
         ',
         FORM_LEFT_CLASS, $label, FORM_RIGHT_CLASS
     );
-    $first = true;
-    foreach ($items as $i) {
-        if ($first) {
-            $first = false;
-        } else {
-            echo "<br>\n";
-        }
-        echo sprintf('<input %s type="checkbox" name="%s" %s> %s
-            ',
-            $attrs, $i[0], $i[2]?"checked":"", $i[1]
-        );
-    }
+    $x = checkbox_item_strings($items, $attrs);
+    echo implode($x, '<br>');
     echo '</div>
         </div>
     ';
@@ -413,7 +443,7 @@ function form_checkboxes($label, $items, $attrs='') {
 function form_radio_buttons($label, $name, $items, $selected) {
     echo sprintf('
         <div class="form-group">
-            <label class="control-label %s">%s</label>
+            <label align=right class="%s">%s</label>
             <div class="%s">
         ',
         FORM_LEFT_CLASS, $label, FORM_RIGHT_CLASS
@@ -436,7 +466,7 @@ function form_general($label, $item) {
     ';
     if (strlen($label)) {
         echo sprintf(
-'           <label class="control-label %s">%s</label>
+'           <label align=right class="%s">%s</label>
             <div class="%s">%s</div>
         ',
             FORM_LEFT_CLASS, $label, FORM_RIGHT_CLASS, $item
diff --git a/html/inc/forum_db.inc b/html/inc/forum_db.inc
index ff0b72d649..bae78387c3 100644
--- a/html/inc/forum_db.inc
+++ b/html/inc/forum_db.inc
@@ -320,6 +320,10 @@ class BoincNotify {
         $db = BoincDb::get();
         return $db->enum_general('BoincNotify', $query);
     }
+    function update($clause) {
+        $db = BoincDb::get();
+        return $db->update($this, 'notify', $clause);
+    }
 }
 
 define ('NOTIFY_FRIEND_REQ', 1);
diff --git a/html/inc/keywords.inc b/html/inc/keywords.inc
index 85e2b2562a..695f1641a1 100644
--- a/html/inc/keywords.inc
+++ b/html/inc/keywords.inc
@@ -89,6 +89,7 @@ define('KW_CHEMISTRY',      62);
 define('KW_GAMES',          63);
 define('KW_VIRUS',          64);
 define('KW_FRANCE',         65);
+define('KW_CANADA',         66);
 
 $job_keywords = array();
 
@@ -266,6 +267,9 @@ keyword('KW_OCEANIA', KW_CATEGORY_LOC, 0, 0,
 keyword('KW_AMERICAS', KW_CATEGORY_LOC, 0, 0,
     'Americas'
 );
+    keyword('KW_CANADA', KW_CATEGORY_LOC, 1, KW_AMERICAS,
+        'Canada'
+    );
     keyword('KW_US', KW_CATEGORY_LOC, 1, KW_AMERICAS,
         'United States'
     );
diff --git a/html/inc/util.inc b/html/inc/util.inc
index 3759c53a2a..eaa8e0faab 100644
--- a/html/inc/util.inc
+++ b/html/inc/util.inc
@@ -182,8 +182,8 @@ function get_logged_in_user($must_be_logged_in=true) {
     $authenticator = null;
     if (isset($_COOKIE['auth'])) $authenticator = $_COOKIE['auth'];
 
-    $authenticator = BoincDb::escape_string($authenticator);
     if ($authenticator) {
+        $authenticator = BoincDb::escape_string($authenticator);
         $g_logged_in_user = BoincUser::lookup("authenticator='$authenticator'");
     }
     if ($must_be_logged_in && !$g_logged_in_user) {
@@ -904,7 +904,7 @@ function button_text($url, $text, $desc=null, $class="btn-success btn-sm") {
 }
 
 function show_button($url, $text, $desc=null, $class="btn-success btn-sm") {
-    echo button_text($url, $text, $desc=null, $class);
+    echo button_text($url, $text, $desc, $class);
 }
 
 // for places with a bunch of buttons, like forum posts
diff --git a/html/project.sample/project.inc b/html/project.sample/project.inc
index d39f1b7313..5588d8e331 100644
--- a/html/project.sample/project.inc
+++ b/html/project.sample/project.inc
@@ -133,7 +133,7 @@ function project_footer($show_return, $show_date, $prefix) {
     // If you include any links, prepend URL with $prefix
     //
     echo '<br>
-        <a class="brand boinc-logo" href="http://boinc.berkeley.edu/"><img class="img-responsive center-block" src="'.secure_url_base().'img/pb_boinc.gif" alt="Powered by BOINC"></a>
+        <a class="brand boinc-logo" href="https://boinc.berkeley.edu/"><img class="img-responsive center-block" src="'.secure_url_base().'img/pb_boinc.gif" alt="Powered by BOINC"></a>
         <div class="form-group"></div>
         <p class="text-center"> &copy;'.gmdate("Y ").COPYRIGHT_HOLDER.'</p>
     ';
diff --git a/html/user/login_action.php b/html/user/login_action.php
index 633936799f..92380072a7 100644
--- a/html/user/login_action.php
+++ b/html/user/login_action.php
@@ -102,7 +102,7 @@ function login_via_link($id, $t, $h) {
 
     // Intercept next_url if consent has not yet been given
     //
-    $next_url = intercept_login($user, true, "home.php");
+    $next_url = intercept_login($user, true, USER_HOME);
     Header("Location: ".url_base()."$next_url");
 }
 
diff --git a/html/user/mail_passwd.php b/html/user/mail_passwd.php
index fa0fb71455..e3afb36be5 100644
--- a/html/user/mail_passwd.php
+++ b/html/user/mail_passwd.php
@@ -32,11 +32,10 @@ function email_sent_message($email_addr) {
 
     page_head("Email sent");
     echo "
+        <p>
         Instructions for resetting your password have been emailed to $email_addr.
         <p>
-        If the email doesn't arrive in a few minutes,
-        your ISP may be blocking it as spam.
-        In this case please ask your ISP to not block email from $email_from.
+        If the email doesn't arrive in a few minutes, check your spam folder.
     ";
 }