Index: modules/user/user.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.module,v
retrieving revision 1.877
diff -u -r1.877 user.module
--- modules/user/user.module	20 Dec 2007 21:59:17 -0000	1.877
+++ modules/user/user.module	21 Dec 2007 17:08:56 -0000
@@ -1245,15 +1245,32 @@
  * A FAPI validate handler. Sets an error is supplied username has been blocked or denied access.
  */
 function user_login_name_validate($form, &$form_state) {
-  if (isset($form_state['values']['name'])) {
-    if (user_is_blocked($form_state['values']['name'])) {
-      // blocked in user administration
-      form_set_error('name', t('The username %name has not been activated or is blocked.', array('%name' => $form_state['values']['name'])));
-    }
-    else if (drupal_is_denied('user', $form_state['values']['name'])) {
-      // denied by access controls
-      form_set_error('name', t('The name %name is a reserved username.', array('%name' => $form_state['values']['name'])));
+  $name = $form_state['values']['name'];
+  if (isset($name)) {
+
+    // blocked in user administration
+    if (user_is_blocked($name)) {
+      form_set_error('name', t('Login failed: User %name has not been activated or is blocked.', array('%name' => $name)));
+      watchdog('user', 'Login attempt failed: User %name blocked.', array('%name' => $name));
+    }
+
+    // denied by an access rule
+    else if (drupal_is_denied('user', $name)) {
+      $user_one = db_result(db_query('SELECT name FROM {users} WHERE uid = 1'));
+      if ($name == $user_one) {
+        // always allow access to uid 1
+        drupal_set_message(t('An access rule tried to deny access to %name.<br />' .
+          'As this is the site administrator\'s user account, this rule has been overridden.<br />' .
+          'However you might want to check the <a href="@link">Access rules configuration</a>.',
+          array('%name' => $name, '@link' => '/admin/user/rules')), 'warning');
+      }
+      else {
+        // otherwise deny access
+        form_set_error('name', t('Login failed: %name is a reserved username.', array('%name' => $name)));
+        watchdog('user', 'Login attempt failed: Username %name denied by access rule.', array('%name' => $name));
+      }
     }
+
   }
 }
 
@@ -1272,8 +1289,9 @@
 function user_login_final_validate($form, &$form_state) {
   global $user;
   if (!$user->uid) {
-    form_set_error('name', t('Sorry, unrecognized username or password. <a href="@password">Have you forgotten your password?</a>', array('@password' => url('user/password'))));
-    watchdog('user', 'Login attempt failed for %user.', array('%user' => $form_state['values']['name']));
+    $name = $form_state['values']['name'];
+    form_set_error('name', t('Login failed: Sorry, unrecognized username %name or wrong password. <a href="@link">Have you forgotten your password?</a>', array('%name' => $name, '@link' => url('user/password'))));
+    watchdog('user', 'Login attempt failed: unrecognized username %name or wrong password.', array('%name' => $name));
   }
 }