Well I just made a site. Its an icon/avatar site which probally doesnt interest most of you guys, but it has a nifty little program for creating avatars and animating them and such. Its a cool program you might wanna check out.
Honestly, I saw Zac Effron(sp?) on the front page and turned tail and ran.
However, I went back. Just off the top, the first thing I noticed... your registration form does some error checking, which is good, but if it catches an error, all my old input vanishes. So I can't review what I entered and change it, I have to fill the form out again entirely.
Another thing you may want to block if you plan on adding forums or any inter-user communication of any sort - I just signed up for an account with the name "admin". If you had forums, or a private message system, etc, I could now very easily social engineer information out of other users. You should consider a list of banned usernames.
Third thing, I signed up with an invalid email address. I don't mean one that doesn't exist, I mean it didn't even conform to firstname.lastname@example.org guidelines. May want to add another check in there for that.
Design wise, I like blue, so all good there. ;) Sorry to be critical on your user authentication, but you did ask for a review.
Ah, some good points! The email thing however I didnt put the validate the email@example.com thing in there mainly cause I was -going- to imply the user had to be verified to do anything (comment, add icons, icon-tron) but later thought it would be better for traffic reasons to not do that, possibly just ban a few small things, or put the user profile page its not verified. If it were to block everything it would force people to use a verified account doing so would make an account with "firstname.lastname@example.org" as there email not work at all since they cant verify it. After that decision I forgot to go back and edit the register page... ah who knows im stop babbering about it.
Anywho, ill go back and see what I can fix up for now
as for the zac efron icon, I got a user to make startup icons for the site... and im not entirely sure why he chose that but he did haha
I cant find a ban list anywhere on google.. maybe make my own? ill probally miss one or two that way...
For one, you can't tell what the page is about. It looks like a repository for AIM avatars used by Middle Schoolers. (I say this because my little sister uses AIM all the time and half the avatars from thre are used on her friends accounts.)
You need to give people a sense of direction. I went on your page and had no idea what to do. A little register button way out of my view doesn't help me.
Also, when I inspected your table-infested layout in IE6, it, as expected, broke.
And for my final harsh critique: Your logo doesn't have a link to the main page.
Aside from that, your security is good, and the design looks great. You didn't forget a Favicon, which is awesome.
Signatures are nothing but incriminating.