Default expiry, notice/warning prevention, key collision bug fix

[mintindeed]

Hey Mark,

Awesome plugin. We've started using this class on our WordPress VIP-hosted sites to take the place of a similar method that used a custom database table, and it's working like a charm. During testing we made some changes that I'd like to share:

• Simplifying the update lock generation
• Changing default transient expiry to 5 minutes. This solves an issue where sites using the default transient system (e.g., $_wp_using_ext_object_cache == false) would set an instantly-expiring transient, and thus tlc_transient() would never cache.
• Introducing TLC_TRANSIENT_TTL_DEFAULT constant (defaults to 5 minutes). Setting transient expiry to $expiration + TLC_TRANSIENT_TTL_DEFAULT to give the transient a grace period, so that the transient doesn't expire before its stored TTL.
• Ensuring all expected $_POST data is present before trying to interact with it.
• Hashing the transient key to prevent key collisions when long keys are used. Since we're using an MD5 hash for the key, we know the POSTed "key" value in TLC_Transient_Update_Server::init() will be 32 characters long, so this lets us do additional validation to make sure we're getting a valid request before trying to cache it.

More changes to TLC_Transient_Update_Server::init() --

• checking ( isset( $update[0] ) ) instead of just ( $update ) to verify that $update != false and is_array($update) at the same time, before trying to interact with it.
• verifying the information stored in the array is what's expected.
• calling tlc_transient( $key, 'nohash' ) when setting the transient data to prevent double-hashing the key.

[markjaquith]

Cherry-picked: 415b1d820f8f708331bffa995e124e8f80b38a0e and 665afdaa0d0358bb65b30fd2752b0750069f0983

[markjaquith]

Alternate solution for avoiding key collisions: f2b88b56237caf8512a546ae5e93272feecfa2d1