The default value is the same as the previously hard-coded value: 15 minutes.

Increase this value to prompt the sysop for the system password less frequently, decrease for more frequent.

This fixes issue #407.

The security-related options were really spread around and this menu was
getting very overloaded (the list of Toggle Options had grown huge), so now
most of the content is actually under the new "Security Options" sub-menu.

This does make a bunch of previous instructions/docs slightly out of sync
(e.g. SCFG->System->Security Level Values should now be
SCFG->System->Security Options->Security Level Values), but I think sysops
will still find stuff just fine.

This re-org will allow me to add more options that I've wanted to but needed
better organization and structuring to do so logically and clearly.

Using the memcmp() trick to detect changes in the configuration.

No new settings/option were added in this commit.

Off-by-one bug caused the comparison of only the first 3 chars of the proposed password against "QWE", "ASD", and "!@#" rather than the 4 character pattern match as intended.

These lines should be removed anyway since this can be easily achieved via password.can (as intended), but I couldn't help myself but to fix this ancient bug.

... not before. This explains why FTP-uploaded actions had a (null) filename.

Insert an optional boolean argument to enable a search through deleted and
inactive user records (in addition to active user records). This is part of
the solution to the problem described in issue #513 where the UEDIT sysop
command did not go to a specified user (by alias) automatically, presumably
because the user record was marked as deleted.

Fix issue #508

<Deuce> So the [previous] change doesn't work with relative paths?

So... support relative UDS paths in this manner (without the "unix:" prefix)

We don't really need the "unix:" prefix now, but just leave that support in
for backward compatibility.

According to
https://devblogs.microsoft.com/commandline/af_unix-comes-to-windows/
it is possible, but I think I'm using an WinSDK that's too old, so let's just
not support this feature on Windows just yet. Define UDS_SUPPORT when
supported.

Resolves a long-standing todo comment and has made wiki.synchro.net page
rendering even faster.

PHP-FPM defaults to creating/listening on UNIX domain sockets.

This resolves gitlab issue #507

Elevate the log level back to ERROR (from WARNING), as this is not an expected
condition and the sysop (me) should be alerted right away. This had previously
be lowered (along with some other log messages) from ERROR to WARNING.

When php-fpm is updated (on Debian, anyway), e.g. from 8.1 to 8.2, a new
etc/php configuration (pool.d) directory was used which set me back to a
default www.conf file that uses Unix domain sockets instead of TCP sockets.

This is just extra paranoia now since the reading of file.ini enforces the value range
8 <-> 65535 now.

Upgrading fromm v3.19 can result in a setting of filename_maxlen=0 in file.ini, so let's
put a special check in place to insure this can't happen (thus preventing any file
uploads). I chose '8' as a kind of arbitrary minimum maximum value (MS-DOS filenames
maxed out at 12 characters), but at least 0 won't be possibly any longer.

As reported on DOVE-Net by Codefenix and confirmed by xbit.

Move kbincom() to an sbbs_t method.

No functional change here, just getting ready to support input translation for stdio
external programs as an option.

Since v3.19 (the new filebases), when a user FTP-downloaded a file, we failed
to properly find/load that file's record from the filebase (searching for the
file's full path, rather than just the filename), so the code the increments
the file's download counter, notifies the uploader, awards credits, etc. did
not ever execute. This means that FTP-downloads for all files downloaded via
FTP were effectively "free" (and nobody noticed). No error was logged either.

I discovered this while debugging the case of "(null)" filenames in the
action/download MQTT topic messages being published by the FTP server. So
that issue is fixed as part of this commit as well.

Oh, and if this code had executed before, it would have memory-leaked the
file information, so that's fixed too (added call to smb_freefilemem). Ugh.

Be sure to let them select a node even when no nodes are technically "in use".
As requested by Nelgin in IRC (what, no gitlab issue?)

Looks like just a confluence of search/replace errors over the past 19 years,
starting with commit 9ef382e5.

A sysop can, and may want to, chat with a user before they succesfully login.

On the node options popup menu, these options weren't visible/available unless
there was a user logged-in, but they're usable and useful even when there
is not a user logged-in.

e.g. "action/hack/smtp login" -> "smtp_login", best practices and all.

e.g. 20230130T171211-480	0	<unknown user>	76.89.231.66	<no name>

the user number name actually *are* known at this stage

This was a bug if the user had set their terminal to swap Delete and Backspace keys while not using a PETSCII terminal.

- Most published messages (besides log entries) have a timestamp (in ISO8601 format) prepended and tab-separated
- The order and number of elements in client messages (list and activities) has been updated, now includes user number
- Server client lists are now published to .../SERVER/client/list
- Server client activities (connect, disconnect, update) are now published to .../SERVER/client/action/#
- Server client count is now published to .../SERVER/client (with the maximum client count, if applicable)
- Server states are now just represented by name (e.g. initializing, ready, stopping, stopped) and not number
- BBS errors are logged to sbbs/BBS/action/error/LEVEL (where LEVEL is the log level name, e.g. "critical" or "error')
- All server hack-attempts, SPAM attempts, logins, logouts, uploads, downloads, are published to sbbs/BBS/action/ACTION/*
- Chat pages are published to sbbs/BBS/action/page/node/#
- New users (on the terminal server) are published to sbbs/BBS/action/newuser
- Posted messages and executed external programs (on the terminal server) are published to sbbs/BBS/action/ACTION/CODE topic
- The event thread started/stopped status is published to .../SERVER/event

Yeah, the wiki will get updated soon to reflect/document all these changes

I noticed that the node status displayed by load/presence_lib.js (e.g. used
by exec/nodelist.js) would have (N) for node-message waiting instead of (M)
as is reported in other places (e.g. the node utility, umonitor, sbbsctrl).
So this commit commonizes this behavior.

Now, it's crazy that there are (at least) 3 places that this node status
display is implemented and more things should just use nodestatus() to get
that string, but I'm not solving that copy/pasta issue in this commit.

The interactive prompting for terminal capabilities worked fine,
but the default configuration menu settings did not reflect the
user's previous choices and changes they made (e.g. toggle mouse
support or BS/DEL key swap) were not reflected in the menu. Once
logged in, the normal user defaults menu worked as expected. This
is all because term_supports() keyed off of SS_USERON which isn't
set during new user sign-up, so let's key off SS_USERON|SS_NEWUSER
now.

Resolves CID 434888, not sure why this one didn't show up before.

In a fresh v3.20 install, the legacy stats files don't exist, so don't try
to convert/upgrade them and log errors about it.

malloc(0) returns a usable/freeable pointer on all supported platforms.

This change insures that the scfg_t dynamically allocated arrays are all valid
non-NULL pointers, even if/when the array length is 0. This should resolve
a lot of new(ish) CIDs. Or not. We'll see. :-/

Not as flexible with regards to formatting as xpDateTime_to_isoDateTimeStr()
but simpler to use (with a time_t source).

This fixes issue #495.