This is a "forever bug". I guess at one time I stored each file's extended
description in a separate file? I don't know, but this remove() call is
clearly wrong.

Also optimization of spinning cursor: don't call strlen() for each spin

Inspired by the cool progress cursor displayed by 'git-size', the spinning
cursors in the Synchronet terminal server are now configurable via text.dat
strings (SpinningCursor0 - 9), no maximum length.
Increased the cursor "spin" rate from 4 to 5 times per second.
The first character of the spin pattern is chosen at random between 0 and 4
but the direction of increment is also from left to right.

- as requested (and insured) by Nelgin

One can't have too many semicolons.

Rather than introduce yet-another-external-program/config flag to enable
the "new JS run-time/context" per invocation of any particular JS command,
I'm using the XTRN/EX_SH ("Use Shell") option as it had no function for
JavaScript command-lines and the concept is similar.

So if you want to invoke a JS external program/timed-event in its own
"sandbox", enable the "Use Shell / New Context" option for that
program/command in SCFG. There may be performance penalties when running
JS mods in this way, but you get the benefit of isolating one JS module
from all others, if/when necessary.

So revert the order back to the way it was in aa2bcd61
(don't you love these git references?).

Also, the previous fix for js_execfile() calls for global hot-key events also
fixed the EX_JS_CX feature I was working on (js_execmodule)!

Add another "get cryptlib error string" (at least, that's what I assume GCES
stands for) that allows the log level to be specified, rather than derived
from Cryptlib thinks the log level should be. Do this rather than adding one
(lowering the severity) of every cryptlib log message as I did in the previous
commit to this file.

As reported by Ragnarok and The Lizard Master, invoking a JS global
hot-key handler (e.g. hitting Ctrl-U or Ctrl-P with the privatemsg
or nodelist modules installed as handlers) would lead to the global
object being cleared/corrupted so other scripts would then fail to
run correctly (e.g. Error: can't open sbbsdefs.js: No such file or directory)

This probably explains the JS_GC/JS_ENDREQUEST change needed when
the hotkey-specific JS runtime/context/scope was introduced last year.
Should revisit that too.

(e.g. errors become warnings) - I'm tired of seeing this in my
error.log every day:
SEND/TLS ... ERROR 'Received TLS alert message: Handshake failure' (-15) setting session active

Fix problem introduced in
b1ecd9b6 (August 8, 2019)

When sbbs_t::printfile() is used to display a file that is < 2MB in size
and the P_OPENCLOSE mode flag was not specified, the file is read and
displayed one line at a time. This allows for the quick display of very
large files. This was accomlished by calling sbbs_t::putmsg() for each
line. Unfortunately, putmsg() would save and restore console mode flags
like the auto-screen pause control flags stored in sbbs_t::sys_misc
so this would render some features like the POFF @-code, inoperable.
This problem was reported by WitNik with files displayed from
Bulleeye! Bulletins.

Other issues were discovered with the WORDWRAP/WRAPOFF @-codes.

Fixed with the addition of sbbs_t::putmsgfrag() which is used by
printfile() to display a message fragment (one line) without
saving/restoring console state flags.

Also replaced some unsafe str function calls with safe(r) ones.

gtkmonitor.c:156:79: warning: iteration 9 invokes undefined behavior [-Waggressive-loop-optimizations]
   sprintf(str,"%-2d  SL: %-2d  F1: %s",i,cfg.val_level[i],ltoaf(cfg.val_flags1[i],flags));
                                                                 ~~~~~~~~~~~~~~^~~
gtkmonitor.c:151:2: note: within this loop
  for(i=1; i<=10; i++) {
  ^~~

If jsexec is used for a CGI script and the SBBSCTRL env var was not
set, a warning would be printed (to stderr), even if the -c option
was used to specify the path to the ctrl dir.

get_ctrl_dir() now accepts a boolean argument to specify whether to
print a warning when the default value ("/sbbs/ctrl") is used.
Pass FALSE for jsexec, TRUE for other callers (currently).

Added "can_access" property to message areas and file areas for a quick/easy way for a script to check if the current user has access or not.

the JS User.downloaded_file() method (used by ecWeb's file download stuff).
Thanks Coz.

Try that, Nelgin.

More file existence/length checks, with only a WARNING log level (not error) since some QWKnet nodes apparently like to start concurrent QWK packet downloads and inevitably one finishes first, deleting the file, and the second transfer logs and error. Examples:
  8/14  08:10:06p  2296 <EPHRAM> downloading QWK packet (1320 bytes) in passive mode
  8/14  08:10:06p  3792 <EPHRAM> downloading QWK packet (1320 bytes) in passive mode
  8/14  08:10:06p  2296 <EPHRAM> DATA Transfer successful: 1320 bytes sent in 0 seconds (2640 cps)
  8/14  08:10:06p  3792 <EPHRAM> !DATA ERROR 2 (No such file or directory) line 1376 opening s:\sbbs\data\file/0888.qwk
  8/14  11:28:55p  2576 <POTOGOLD> downloading QWK packet (27129 bytes) in passive mode
  8/14  11:28:55p  2576 <POTOGOLD> DATA Transfer successful: 27129 bytes sent in 0 seconds (54258 cps)
  8/14  11:28:55p  1924 <POTOGOLD> downloading QWK packet (4294967295 bytes) in passive mode
  8/14  11:28:56p  1924 <POTOGOLD> !DATA ERROR 2 (No such file or directory) line 1376 opening s:\sbbs\data\file/0168.qwk

Also some more 64-bit file length support (flength returns an off_t now, not a ulong).
And ftell() returns a long (not a ulong).

the Amstrad NC100. Someone make a YouTube video, using one of these as a BBS
client to logon and use a Synchronet BBS! That'd be awesome.

property with bit 31 set would result in a user.setting value of 0xffffffff which means the user is both deleted and inactive (all bits are set).
JS_ValueToInt32() does "bad things" when bit-31 is set in the value being converted, use JS_ValueToECMAInt32 or JS_ValueToECMAUint32 instead.

filter incoming messages, including vote/poll messages. This should address Nightfox's bug report that polls posted by twit-listed users were still imported/posted on his BBS.

Insure Socket.connect() sets the "error" property to a representative error value when the connection fails.
Previously (on Windows), the "error" property would be set to 0 upon a connection failure.