This resolve long delays (while searching for files) without any indication of progress.

Keep new-scan progress interval at 10 dirs however (they're fast).

We can't (apparently) only rely on the return value of start_tls(), we have to check the value of the crypt session too.
This fix the possibility of this happening:
Jun  7 18:07:26 sbbs synchronet: ftp  0058 TLS ERROR 'No permiss.to perform this operation' (-21) opening keyset
Jun  7 18:07:26 sbbs synchronet: ftp  0058 <192.168.1.25> initialized TLS successfully

Instead, we'll detect the failure and disable FTPS support, logging "failed to initialize TLS successfully".

Skip any prepended white-space in the passed name to find.
Use better variable names (and length) for the character strings.
Use matchusername() instead of strcmp(); matchusername() follows the liberal user-id/alias/name matching algorithm.
Use strcasestr() instead of strstr(), so no copy/modification (upper-casing) of passed name is now required.
When 'Q'uitting the search, set the SS_ABORT flag.

Don't need no stinking pre/appended white-space in our filenames!

For info, see:
https://docs.microsoft.com/en-us/windows/win32/fileio/naming-a-file

5 options:
- Safest Subset
- Most ASCII, Excluding Spaces (the default)
- Most ASCII, Including Spaces
- Most CP437, Excluding Spaces
- Most CP437, Including Spaces

Fix FreeBSD build error:
dirwrap.c:760:13: error: use of undeclared identifier 'GLOB_PERIOD'
Not sure how glob() on FreeBSD treats "dot files" or how to control that.

sbbs_t::checkfname() now checks the file.can too.
new filedat.c functions:
- safest_filename() - not currently used
- illegal_filename() - returns true for a highly-suspicious (e.g. hack attempt) filename
- allowed_filename() - returns true if the filename is good for upload (assumed to be already checked to be legal as well).

Importantly, filenames beginning or ending in a '.' are now unallowed:
- 'dot files' are hidden (by default) on *nix
- files ending in a '.' are problematic on Windows

(prints the bad filename)
- also, checkfname() is going to do the file.can (trashcan) checking, so no need here

The BadFilename text.dat is now a format string (prints the bad filename).
Use the nice progress() display status while searching for duplicate filenames.

glob() by default, doesn't include 'dot files', so include the GLOB_PERIOD
flag so that when deleting all files in a directory (e.g. node1/temp/*), any
files starting with a dot will be deleted too.

This fixes an issue in TypeClass lookups (such as used by reverse())

The command to delete and remove all messages is changed from 'd' to 'D'.
This operation is not reversable.

New commands are 'd' (flag all msgs for deletion) and 'u' (undelete all msgs).

This fixes issue #269 (NTFS Alternate Data Stream vulnerability) and other
potential pathname issues on Windows involving colons.

There are other illegal filename characters on Windows (e.g. <>|"?*), but
filenames with these characters aren't expected to pass the later stat() test,
so should fail with a 404 error.

The requested path was being URL-decoded with unescape(), but that function does a '+' to ' ' (space) conversion.
The '+' to space decoding is supposed to occur for the "query" portion of the URL only, not the "path" portion.
Use the new hex_decode() function instead of unescape() for "path" decoding.

These functions can be used for "percent encode/decode" or any other 2-hex-digit encoding/decoding with a single escape character.

1) setfont() after loading fonts
2) In X11 mode, don't translate ASCII characters from unicode...
   this was causing non-ASCII characters to be translated twice.

The previous tests to detect RGB8 appear to have been insufficient.
This may have resulted in various artifacts such as transparency with
some drivers on some hardware in X11 mode.

Fixes sourceforce issue number 60.

Reported by WitNik (Thanks!)

- Don't read/load extended descriptions
- Don't query each file size (use file cost from database)

Cosmetic only.

msgs.ssjs line 6: TypeError: msgbase is undefined

Instead, just display an error to the user/browser (assuming there is one).

"msg.ssjs line 42: Error: Error -1 reading user number"

Fixed an errant semicolon in the process. (15 year old minor bug)