Allow renaming of admin folder for better security. #369

[cmroanirgo]

As part of general website security, these changes can be incorporated as part of #369.

Despite a lot of file changes, most simply change the hard-coded 'admin' folder to use a new global constant 'ADMIN'. This ADMIN constant is automatically calculated when using the backend interface (see admin/index.php), and should be manually added to defines.php if needed for user management in the front end.

The only issues beyond this were:

1. The constant THEMES_ADMIN is problematic, so code in plugins/box/themes.plugin.php detects a default THEMES_ADMIN value and quietly ignores it. This ensures existing installs won't break without change.
2. Using the 'members area' login/logout in the frontend, definitively requires the ADMIN constant to be defined. In case an existing install does not define ADMIN in defines.php, it is detected in Monstra::loadDefines() and defined there, so that things won't crash (but may cause 404's)

The Information > Security tab has been updated to describe the actions an admininstrator needs to take (rename admin folder and add ADMIN to defines.php). See screenshot below