scripts global scope (as opposed to js.global which is the instance global
scope), and having exit() define exit_code in js.scope instead of js.global.

This also sets exit_code in js.scope to null when preparing to execute a new
script.  If a new script starts in the same scope as an old one, the old
exit_code value will be destroyed.

This should only impact scripts where js.global != js.scope (bbs.exec()ed,
and mailsrvr)

logged in via FTP. This affected: posts_today, emails_today, free_credits,
timeon_today, and extra time values (e.g. posts_today would contnue to
accumulate potentially affecting the users ability to post via FTP-uploaded REP
packet). getuserdat() does the necessary value resets, we just needed to write
the entire user record back to disk upon successfull login, rather than just
updating specific fields in the user record on disk. The HTTP server looks like
it might have the same/similar bug.

clients, timeouts, etc.) into the various *srvr.h files and use them instead of
hard-coded constants sprinkled through-out the .c files.
If the web server "max_clients" key isn't specified in the sbbs.ini file,
use 0 (unlimited) for the max_clients value.

  obvious)

FTP passive port range, and all ports would fail to bind, the logged error
would report failure for the last port+1 I(rather thant the last port).

related crashes (mainly due to null pointer dereferences of scfg_t members
freed in cleanup()).
Use of new protected_int_value()  for extra paranoia (but can't use it on
destroyed protected-int's).

*before* calling _beginthread().
The active_clients is exactly perfect here either (since it's incrementing in
the ctrl_thread), todo later, but shouldn't cause a crash like the above issue.

I've likely broken something though, so if you see weird behaviour with
extended ASCII, let me know please.

active_clients (protected integer) could be 0 at the time of recycle because
there can be delay at the beginning of the FTP ctrl thread (e.g. looking up
filtered IPs/hostnames) before the active_clients is incremented which could
be during/after it was destroyed by the cleanup() function. Now tracking
number of threads using protected integer which increments immediately upon
child thread creation and is not destroyed until the main thread terminates.
There is currently *not* timeout while waiting for child threads to terminate
upon shutdown/recycle, so this could result in a hung server thread if a child
thread is indefinitely hung - consider using a timeout.

Per RFC3659, the correct response for "Good command, but no size for you" is
550, not 500 or 501 (these indicate an inability to parse the command).

This works with Chrome.

This is *likely* to break the Win32 build and even when the macros are
specified in xpdev, I doubt Microsoft has added support for the 'z' size
specifier used in smblib/smbadd.c we'll likely need a SIZE_T_SIZE macro
that is "z" on C99 systems and "ll" or "64" or whatever it is on Win32.

Or maybe a whole slew of complete SIZE_T macros since the 32/64 but thing
and the max file size thing may actually need the full format specification
to be in the macro... "zu" on C99 platforms and whatever magic Microsoft
needs there.

and leave it rooted until the script is done or the context is destroyed.

This should clean up crashes before a script starts (ie: While creating
common objects)

has its own functional "too much recursion" detection.
Replaced "branch callback" stuff with "operational callback".
JavaScriptBranchLimit has been replaced with JavaScriptTimeLimit
(default value: 24 hours)

all exported functions and data types using a 32-bit time_t (time32_t).

Only js_ValueToStringBytes() still leaks.

(Everything still broken)

      on the floor of Deuce's computer room
Cyan: Rob's on his way
* Deuce throws his coffee on it.

Converted active client counter to a protected (thread-safe) integer.

The attempt list can be view with sbbscon->'a' command or sbbsctrl->view->Login
Attempt List...
Delay/throttle/hacklog/and auto-filter values/thresholds are now configurable
in sbbs.ini.

recent), and automatically filter IPs of obvious hackers
(100 consecutive unique failed login attempts).

from the same host (but not necessarily the same connection).
No login retry is allowed for suspected hackers (one authentication attempt per
connection).
New-connections from suspected hack hosts are now delayed increasingly with
the number of failed login attempts.

from the same host (but not necessarily the same connection).
No login retry is allowed for suspected hackers (one authentication attempt per
connection).
Other FTP hack.log entries contain a little more detail about the type of
suspected hack attempt (e.g. "FTP BOUNCE").

of configured upload requirements) and exceed the "max files" settings per dir.

commonly modified by multiple threads, potentially simultaneously, resulting in
bad values (e.g. active_clients = -1).
Updated copyright date to 2011.
Fixed Win32 compile bug in main.cpp introduced in last commit.
Eliminated some unused variables and updated some times (e.g. ulong in place
fo uint32_t).

warning C4018: '!=' : signed/unsigned mismatch

ftp://yourbbs.com/00index.txt (or .html) - implemented EPSV (and EPRT) commands
and SIZE command no longer fails with error 500 on dynamic files (reports size
of 0 bytes instead).