Update newuserdefaults() to use the new sysop-configured Chat and QWK new user settings/values (commit 56b8fd86).

Use newuserdefaults() in newuser.cpp and makeuser.c, eliminating a lot of copy/pasta.

If login by number is supported and a client attempts login with an invalid usernumber, don't log an error, e.g.
mail 3264 SMTPS [46.148.x.x] !ERROR -2 getting data on user (6123)

But rather treat it as an invalid login attempt.

Also change lastuser() and total_users() to return int instead of uint. 2 billion users should be plenty.

I noticed that the node status displayed by load/presence_lib.js (e.g. used
by exec/nodelist.js) would have (N) for node-message waiting instead of (M)
as is reported in other places (e.g. the node utility, umonitor, sbbsctrl).
So this commit commonizes this behavior.

Now, it's crazy that there are (at least) 3 places that this node status
display is implemented and more things should just use nodestatus() to get
that string, but I'm not solving that copy/pasta issue in this commit.

Not as flexible with regards to formatting as xpDateTime_to_isoDateTimeStr()
but simpler to use (with a time_t source).

This fixes issue #495.

A blank download protocol field in a user.dat, when parsed, sets the 'prot' field
of user_t to 0. When writing the record back to the user.dat, this would prematurely
truncate all other fields off the user record (since strings in C are NUL terminated
and we're using sprintf() to format the record and %c specifier for that field).

The fix is to write a ' ' character instead of '\0' if the user_t.prot is '\0'.
As part of this fix, I'm writing a '?' if a user_t.sex is '\0' (not sure if this
is actually possible, but just as insurance). Those are the only 2 single-character
user properties/fields today.

Bug reported/debugged by Al of The Rusty Mailbox (1:153/757.2) - thank you!

Previously, many servers and services didn't support login by real name
(e.g. issue #469) even if the sysop had that option enabled in SCFG.

Move login control settings from node.ini to system (main.ini -> login)

The 3 node toggle options:
- Allow Login by User Number
- Allow Login by Real Name
- Always Prompt for Password

... have been now moved from SCFG->Nodes->Node x->Toggle Options to
SCFG-System->Toggle Options.

If you upgraded to v3.20a before now, you'll want to double-check these
settings to make sure they're how you want them set. New upgraders that run
upgrade_to_v320.js (e.g. via 'jsexec update') will get these settings migrated
automatically.

Added some error detection/logging to upgrade_to_v320.js when failing to open
.cnf files.

Constified some more user/login related function args and return types.

This addresses issue #459 (Synchronet never allowed SSH-auth via real name)

Also, localize the "valid real name" checking logic into a single new function:
check_realname()

Upload and Download ARS must be matched *and* the directory's upload and download ARS.

Operator and Exemption ARS must be matched *or* the directory's operator and exemption ARS.

Now, if the BOOL argument value is FALSE, then the .ini file is opened read-only (and thus only read permissions are needed, resolving issue #455).

If the BOOL argument value is TRUE, create-if-not-exist is implied. There are no use cases where we would want to open an .ini file for writing only if it already existed.

was always returning 0 (oops), so user.tab searches for specific string values
(usually user's real name) did not work.

putuserdatetime() needed to take a time32_t argument to be compatible with
Borland C++ Builder. Eventually, when we stop using that tool, we can move
to just 64-bit time_t's everywhere.

parseuserdat() now accepts and optional array of field pointers to populate
for each user field (for use with the new UserEditor.exe).

... for proper error reporting, at least in the terminal server.

Also define/use a macro for the user base filename (now user.tab, not user.dat).

instead of USER_RECORD_LINE_LEN

and then unlocking again. So... make readuserdat() optionally leave the
record locked, reducing a lot of unnecessary lock/unlocking in here.

Move the user field index definitions to userfields.h

Also resolved some 32 vs 64-bit 'long' issues/ambiguities that have long-remained. :-)

This commit also removes logon.lst file support.

There's a TODO block remaining in js_user.c for setting portions of a user's birthdate (e.g. just the year or month or day).

Initial support for read user records from user.tab
Add verification phase to upgrade program

long is the one type that a different size between the supported 32-bit and 64-bit platforms, avoid its use.

Also, don't match against deleted (blank) usernames in name.dat
(e.g. when 'name' value consists of a single ETX character).

I just wanted to reuse findstr() in vdmodem.c and I fell down this hole :-)

findstr.* is new (findstr() related functions moved from str_util)
getctrl.* is now finally the real home of get_ctrl_dir(), moved from str_util
trashcan* functions moved from str_util to scfglib
other scfg_t dependent functions moved from str_util to scfglib

net_addr() appears to be a function that was never created/used (?)

This will definitely break the *nix build, for now.

If a non-'T' exempt user had already used more time today than their security level allows, their timeleft would be computed as a negative value due to integer underflow. Since the return value of this function is assigned to a ulong (timeleft), this becomes a large positive number. Cap the floor of the computed time left at 0.

Also fix the potential for underflow that could occur if the system clock changes while a user is online and 'now' becomes greater than 'starttime'.

Might add some other statistic for these relayed posts at some point.

*/dsts.dab (daily statistics and running totals) -> */dsts.ini
*/csts.dab (cumulative statistics / log) -> */csts.tab

* dsts.ini now has both daily and total stats for all fields (not just timeon and logons).
* dsts.ini is now an easily modifiable text file - no longer need dstsedit (here-by deprecated and soon to be deleted)
* dsts.ini and csts.tab support 64-bit upload/download byte stats and are very extensible for future fields to be added or extended > 32-bit (this was the main inspiration for this overhaul, but it was overdue and already designed for v4, pretty much)
* csts.tab is a tab-delimited fixed length record format suitable for easy import to a spreadsheet program or parsing with scripts. Each day is a 128-character LF-delimited record with tab-delimited fields of plain ASCII text.
* All fields except timeon in dsts.ini files are updated immediately and by more non-terminal servers (e.g. post statistics from web UI scripts).
* New user stats are tracked more than just for "today".

The upgrade of these files is automatic and built-into SBBS.

Still to do: overhaul the slog utility to support the new csts.tab file format.

Credits and daily free credits are accurate to the byte up to (a maximum) of 18446744073709551615 (that's 18 Exbibytes - 1).

User's upload and download byte stats are now similarly extended in maximum range, but the accuracy is only "to the byte" for values less than 10,000,000,000. Beyond that value, the accuracy declines, but is generally pretty damn accurate (to 4 decimal places beyond the nearest multiple of a power of 1024), so I don't expect that to be an issue. This method of storing upload/download byte stats allowed me to use the same 10-character user record fields in the user.dat file.

As a side-effect of this enhancements:
* User and file credit values are now expressed in multiples of powers of 1024 (e.g. 4.0G rather than 4,294,967,296).
* Free credits per day per security level has now been extended from 32 to 64-bits (to accommodate values >= 4GB).
* adjustuserrec() now longer takes the record length since we can easily determine that automatically and don't need more "sources of truth" that can be out-of-sync (e.g. the U_CDT field length going from 10 to 20 chars with this change).
* setting the stage for locale-dependent thousands-separators (e.g. space instead of comma) - currently still hard-coded to comma
* more/better support for files > 4GB in size (e.g. in the batch download queue)
* user_t ulong fields changed to either uint32_t or uint64_t - I didn't realize how many long/ulong's remained in the code (which are sometmies 32-bit, sometimes 64-bit) - ugh
* Steve's ultoac() function renamed to u32toac() and created a C++ wrapper that still uses the old name, for homage

By setting sbbs.ini [web] FileIndexScript to an SSJS or XJS script filename, that script (by default, from your exec directory) will be executed when a file area/base listing has been http[s]-requested. File area/base requests are of the form <vpath_prefix> (for the list of libraries), <vpath_prefix>/<lib-name>/ (for list of directories of a library) or <vpath_prefix>/<lib-name>/<dir-code-suffix>/ (for a list of files in a directory). The new http_request "lib" and "dir" properties indicate that a library or directory listing was requested (if neither are defined, that's a request for the root / list of libs). The same configured script is executed to handle all 3 types of index/list requests.

A sample script (webfileindex.ssj) will be committed soon.

Authentication (via HTTP-AUTH) will be required if user #0 does not have access to all libraries or all directories within a required library.

file_area.lib[].link has been changed from "/<vdir>/" to just "<vdir>" (no slashes) and renamed to "vdir".

file_area.dir[].link has been changed from "/<vpath>/" to "<vpath>/" (no leading slash) and renamed to "vpath".

Added file_area.dir[].vdir property that contains just the directory's virtual directory name.

I don't think anyone was using these "link" properties since the dynamic FTP HTML index scripting feature is no longer supported.

Added can_user_access_lib() to insure that the user has access to at least one directory of a library before allowing access to the library (e.g. via JS). Something similar should be created for message groups.

Could use more long->off_t conversions, but this is a start.

CID 349724

Tired of being reminded that you were "awarded 0 credits"  for free downloads? I know I am, so I created another text.dat string (reusing Unused300), for notification of free-download files where no credits are awarded to the uploader. Also updated the default colors of the existing DownloadUserMsg string to have a little more variety.

Not sure why ftpsrvr.c isn't using user_downloaded_file(). That copy/pasta should be eliminated later.

This should address issue (feature request) #196.

The last 20 sets of displayed messages are stored as data/msgs/<user-num>.last.#.msg. This number is currently hard-coded, but could be configurable in the future. I say "sets" because messages are batched-up and displayed together normally, unless a user is actively polling for new users (e.g. while at the Ctrl-P/PrivateMsg prompt).

This involved getting rid of some copy/pasta in sbbs_t:getsmsg() as well by creating/using/reusing readsmsg().