Depending on server configuration this may be used in a Denial Of Service attack by tying up all webserver workers with large POST bodies.

Fixes a bug in Memcache.php that would cause every fetch to also
result in a push if multiple memcache servers were being used.

If multiple memcache servers are in use, the code needs to check
if they aren't out of sync. If they are, the most recent data needs
to be pushed to all mirrors.

The original code compared the parsed data structures using ===,
but that always fails because that just does a pointer comparison
and not a deep comparison.

Changed the code to compare the original unparsed values instead.
Also added a few debug-level log statements.

add testing for php 5.6 and hhvm (allow failures)

Avoid the friendly names in attribute definitions to end up in the PHP generated metadata, as it creates trouble for the AttributeLimit filter and others.

Sort IdP's in alphabetical order in dropdown.

Only show languagebar when there's something to choose.

If you configure language.available to just one language, e.g. "en",
you get a language bar with just the unclickable word "English" which
is rather unuseful.

`preg_match` returns `0` if no matches are found, `FALSE` only on error. This means that with the previous check unmatching certificates would not be identified, only when the preg_match itself would error.

Remove extra URL validation as normalizeURL() will have done that already. Return an empty string if the input URL is empty (disregarding its type). This should make the checkURLAllowed() function transparent and avoid it returning the current URL (normalized) when input is empty. Fixes #99.

Avoid calling SimpleSAML_Utilities::normalizeURL() twice when we are redirecting and need to check if the URL is trusted.

Add NameIDFormats to output of getMetadata20IdP()

Fixes a notice on page load.