Session variables, flash messages, performance improvements and more

This update (c47d0e4) brings with it the following improvements:

New features

Session variables can now be used to store information for anonymous users. Only pre-approved variables can be used, and they have very limited size.
Whenever you perform an activity that stores some kind of information, you will now get a flash message about what happened when the page redirects. This message was not displayed earlier. Flash messages can have three severities: info, warning and error.
Anonymous users can now set their language preference using the manage_language() template function. This is not available in the default template, but sites can choose to use this feature as required. All three language settings can be set.

Session authentication and information is now stored in a Redis database that should allow much higher concurrency than our old solution.
Avoid logging a lot of event information that is never displayed anywhere. Also removed 34 million old events which are no longer needed.

The session ID is no longer logged with the login event, which could be used by certain privileged users to hijack sessions. This is no longer possible.
The online request handler now shows the IP addresses associated with the sessions if you're logged in as a global administrator. Guests are also displayed in the table.

Whenever you hide or show the left/right panels or the message of the day, this is now stored in a session variable instead of a cookie.
The user panel (right side of the screen) now stores in a session variable which section is open on page refresh.
When you close the file browser, the last folder you were in is stored in a session variable and the next time you open it without a specific location you should be back where you were.
Whenever the message of the day is added or changed the users that have hidden it will see it again.
Flash messages are now used on CEFR sites to inform about report sent. This allows users to return to the report after sending it.
When storing an object using JSON response mode, the serialized object is now returned to the caller.

Fix a partially hidden logout button issue in Google Chrome.
Fix a bug where the value 0 is not considered a valid label.
Make multi-select in the inbox and outbox more consistent with normal UI behavior.

The old time log request handler which was replaced with the page views report has now finally been removed. It's not been usable since February 2014.