enforce access-question on anonymous page edits

[pwnage101]

enforce access-question on anonymous page edits

This commit causes an access-question form field to appear on the edit page
for anonymous (logged out) users when require-authentication = none and
the access-question variables are non-empty. If the field is present,
and if the wrong answer is provided by the user, then the user is
returned to the edit page with an error message "Access code is
invalid.".

This new form field behaves in the same way as the access-question form
field on the unauthenticated registration page.

---

I tested the following cases using the following settings:

require-authentication: none
access-question: hello
access-question-answers: world

1. logged out, click edit, type incorrect access answer, type a random change description, submit -> error
2. logged out, click edit, type correct access answer "world", type a random change description, submit -> success
3. logged in, click edit, type a random change description, submit -> success

...and again with the following settings:

require-authentication: none
access-question:
access-question-answers:

1. logged out, click edit, type a random change description, submit -> success
2. logged in, click edit, type a random change description, submit -> success

Look carefully, at the diff, I've never written a line of haskell before this!

Resolves #595

[pwnage101]

I just updated the commit message for clarity.

[pwnage101]

updated code to have more consistent order of patterns and more consistent indentation.

[pwnage101]

I made more changes:

• Updated comments in data/default.conf to reflect current behavior.
• Removed tabindex attribute from the access question field on the edit page, it simply did not belong there.

[pwnage101]

I found more docs to update. This time I updated README.markdown which is also the Gitit User Guide.

[pwnage101]

@jgm please take a look when you have the chance.