Right now, the only preference is reverse mail listings (oldest first
or newest first). These settings are only used when reading "your mail",
not any other kind of mail reading.

bbs.read_mail() now returns the user-adjusted loadmail_mode value and
this allows us to determine the user's preferences and save them after
this function/method is called. A readmail_mod can now return a number
(other than 0) and that will be used as the return value of this method.

sbbs_t::readmail() now does the adjustment of the passed lm_mode before
calling any installed readmail_mod, so if for example, deleted message
viewing is enabled by the sysop, those LM_* flags might be set now in
the argument to the readmail_mod, wherase they never would before.

There is not yet any way for the sysop to set a new user's default
mail_settings, they'll just default to 0 for now.

email_sec.js will get some adjustments to use/store the
user.mail_settings next.

Will track the user's last succsesful file-download transfer rate
in characters (bytes) per second.

I'm not calculating or storing this rate yet, but will be soon. This
will make the file download ETAs more realistic and no longer
hard-coded to 3000 cps (which now defaults to 10000 cps, to keep up
with the times).

New field added to user.tab placed adjacent to the other File xfer stats,
which means the leech attempt counter (likely always 0) was moved to the end
of the user record.

Also resolved some 32 vs 64-bit 'long' issues/ambiguities that have long-remained. :-)

This commit also removes logon.lst file support.

There's a TODO block remaining in js_user.c for setting portions of a user's birthdate (e.g. just the year or month or day).

This can be used to force a close of the user.dat file, if open. Rather than
waiting for an out of scope User to get garbage-collected, this method could
be used to force a close of the user.dat file, if it's open.

Likely fix for the user.dat open file descriptor leak:
If js_CreateUserObject(cx,parent,cfg,"name",...) is called multiple times
(e.g. before login and after login), the successive calls will reuse the
previously allocated JS object and allocated private data memory. However, the
private data memory (which includes the descriptor of an open user.dat file,
if it has been opened), was always zeroed, even if it was being reused. This
would leak open file descriptor.

So any (pre)login scripts or web scripts that use the "user" object (which
is all zeroed-out before login) and then allows a user to subsequently login,
would leak a file descriptor.

When the 'number' property of an instance of User was incremented beyond the last user, the call to fgetuserdat() on subsequent property 'get' operation would fail and zero-out the user structure (including the user number). This resulted in an infinite loop in load/birthdays.js where the user number would go from lastuser to 1 in one operation (u.number++).

Reported by DesotoFireflite (VALHALLA)

Credits and daily free credits are accurate to the byte up to (a maximum) of 18446744073709551615 (that's 18 Exbibytes - 1).

User's upload and download byte stats are now similarly extended in maximum range, but the accuracy is only "to the byte" for values less than 10,000,000,000. Beyond that value, the accuracy declines, but is generally pretty damn accurate (to 4 decimal places beyond the nearest multiple of a power of 1024), so I don't expect that to be an issue. This method of storing upload/download byte stats allowed me to use the same 10-character user record fields in the user.dat file.

As a side-effect of this enhancements:
* User and file credit values are now expressed in multiples of powers of 1024 (e.g. 4.0G rather than 4,294,967,296).
* Free credits per day per security level has now been extended from 32 to 64-bits (to accommodate values >= 4GB).
* adjustuserrec() now longer takes the record length since we can easily determine that automatically and don't need more "sources of truth" that can be out-of-sync (e.g. the U_CDT field length going from 10 to 20 chars with this change).
* setting the stage for locale-dependent thousands-separators (e.g. space instead of comma) - currently still hard-coded to comma
* more/better support for files > 4GB in size (e.g. in the batch download queue)
* user_t ulong fields changed to either uint32_t or uint64_t - I didn't realize how many long/ulong's remained in the code (which are sometmies 32-bit, sometimes 64-bit) - ugh
* Steve's ultoac() function renamed to u32toac() and created a C++ wrapper that still uses the old name, for homage

Users with the 'O' restriction (automatically set if a new user has the same "real name" as another account, and that's allowed by the sysop) will send netmail from their alias and not their real name to prevent impersonation of another user.

It bothered Deuce having a web server setting in scfg_t/SCFG->File Options, so I moved this setting to [web_]startup_t and the sbbs.ini file.

The downside is that file_area.web_file_prefix is no longer available to JS environments outside of the web server and terminal server, but meh, probably not going to use it elsewhere anyway? I can imagine use cases for JSexec scripts to want to generate URLs to filebase files. If that ends up being a need, they'll have to find and parse the "right" sbbs.ini file to determine the vpath prefix. 

This macro has expanded to nothing for a while now and even before, the usage was misguided and unnecessary as explained in this video: https://www.youtube.com/watch?v=cjotPqQxxAY

This won't impact Synchronet as it has a separate signal handling
thread, but we still need to behave properly for processes that
don't.  I'm also saying that ENOMEM does not indicate a disconnection,
though it may be better to pretend it was disconnected...

New JS User.stats properties:
- read_mail_waiting
- unread_mail_waiting
- spam_waiting

New @-codes:
- MAILR (read mail waiting)
- MAILU (unread mail waiting)

And the corresponding MAILR# and MAILU# codes (for non-current user's stats).

Addresses feature request #191.

The default terminal columns (still 0/auto) can be overridden with the 'L' command from the user defaults menu. 

Also increased maximum manual terminal rows setting from 99 to 999 - this involved moving the record in user.dat, though the old record value is auto-migrated.

These allow the easy reading or writing of these sub-field values of the
user.birthdate property. When migrating from the legacy formats (e.g. MM/DD/YY
or DD/MM/YY), it's required to write all 3 properties to get a correct
birthdate/age. Otherwise, "13/31/69" could become "19691/69" (for example)
which isn't going to parse correctly.

property with bit 31 set would result in a user.setting value of 0xffffffff which means the user is both deleted and inactive (all bits are set).
JS_ValueToInt32() does "bad things" when bit-31 is set in the value being converted, use JS_ValueToECMAInt32 or JS_ValueToECMAUint32 instead.

SCFG for Win32 is linked against a load_cfg lib that builds withOUT SCFG defined, so these compiled AR elements were allocated and then many SCFG operations (e.g. copy/paste, create new) would copy the allocated ARs to another configuration and then be subjected to double-free upon exit/clean-up (resulting in exception or crash).
Just get rid of this cruft and some other related RAM-byte-saving hold-overs from the MS-DOS days.

after a file has been successfully (partially or fully) downloaded by a user:
- arguments are [dir-code] [file path or name] [bytes] [count]
Technically, all the argumnets are optional, but if only a bytes or file count
is provided, the old behavior of the method is invoked (just increments
statistics).

This is intended for use by ecWeb's http-based file downloader thing. :-)

'=': conversion from 'time_t' to 'unsigned long', possible loss of data

bbs.get_time_left() instead.

INT32_MAX.

Setting user.security.flags[1-4], exemptions, or restrictions to a string value
would result in unexpected modified values:

1. The exiting flags were all based on the current value of flags1 (copy/paste
    error it appears)
2. The set/removed/added flags were all "off-by-one" because str_to_bits()
    treats 'A' as bit-1, not bit-0.

emailval.js is now using this feature and PSI-Jack reported the "interesting"
behavior. :-)

declaration

Use this in place of JS_GetPrivate() in native class methods that need the
class instance's private data pointer and will do bad things if that pointer
points to something other than what is expected. mcmlxxix (matt) discovered
that using Object.apply(), you can invoke class methods where the 'this'
instance is a different class. This would result in
"Internal Error: No Private Data." or a crash.
So now, gracefully detect this condition and report a meaningful error:
"'<class-name>' instance: No Private Data or Class Mismatch"

Also, important to note: if the method uses JS_THIS_OBJECT to get the JSObject*
to pass to JS_Get*Private, then it must do this *before* it calls JS_SET_RVAL.

From jsapi.h:
 * NB: there is an anti-dependency between JS_CALLEE and JS_SET_RVAL: native
 * methods that may inspect their callee must defer setting their return value
 * until after any such possible inspection. Otherwise the return value will be
 * inspected instead of the callee function object.

The js_crypt*.c files still need this treatment.

of the user record is going to fail anyway. *this* explains a lot of
instances of the user.dat file being open concurrently, at least one per
active thread with a JS context.

user data is thusly cached - set the 'cached' property member to TRUE. This
prevents an unnecessary re-read of the user file and the leaving the user file
(user.dat) open, at least for JS contexts that contain a "user" object. I don't
think this explains the "too many open files" errors, but it explains at least
*some* number of the user.dat open file descriptors.

user.dat file open (for read operations only). Writing still opens and
closes the user.dat for each property/field modification.

HANDLE_PENDING() contains a return, so it's theoretically possible that the
memory allocated by the previous JSVALUE/STRING_TO_... allocation could
be leaked. So now we pass an optional pointer to HANDLE_PENDING() which will
call free() on it if it's not NULL, and then sets it to NULL for good measure.

Server via the new 'V' command from the Reading Mail prompt allows you to
toggle between all mail (including SPAM, the default), SPAM only, or HAM only.
Also added a new '/' (search text) command from the reading mail prompts.
Mail imported before the mailsrvr added support (recently) for the MSG_SPAM
attribute flag will not be counted/filtered as SPAM.
SBBSecho will have a commit (next) to support the new loadmail() usage, it
will not compile until then.

New Features:
- Multiple bindings for each service
  Use comma-separated interfaces on Interface= lines in the ini file.
  Default is now "0.0.0.0,::"
- IPv6 support
- TLS support for the webserver and (non-static) services
  New TLS option in services.ini (ie: Options=TLS)
- Decrease LEN_SCAN_CMD to 35 chars, increase the CID field to 45 chars,
  and rename the MAIL_CMD string to IPADDR.  I think this frees up the
  note field for SysOp use.