Merge pull request #41 from divinity76/patch-1

warning about Delphi 10.4 Community being incompatible

.gitignore

@@ -3,11 +3,13 @@ __history/
 __recovery/
 win32/
 .vscode/
+.idea/
 *.vfs
 *.dcu
 *.exe
 *.map
 *.tmp
+*.dll
 *.bak
 *.*-
 *.corrupted

README.md

@@ -1,5 +1,26 @@
+# Obsolete
+This is the repository of the old HFS.
+
+I'm working on HFS 3 on another repository. Check it out! 
+https://github.com/rejetto/hfs
+
+## Introduction
 You can use HFS (HTTP File Server) to send and receive files.
 It's different from classic file sharing because it uses web technology.
 It also differs from classic web servers because it's very easy to use and runs "right out-of-the box".
 
 The virtual file system will allow you to easily share even one single file.
+
+## Dev notes
+Initially developed in 2002 with Delphi 6, now with Delphi 10.3.3 (Community Edition).
+Icons are generated at http://fontello.com/ . Use fontello.json for further modifications.
+
+For the default template we are targeting compatibility with Chrome 49 as it's the latest version running on Windows XP.
+
+Warning: Delphi Community Edition 10.4 removed support for command-line compilation, and is thus unable to compile JEDI Code Library, and is thus unable to compile HFS2, ref [Community Edition no longer includes the command-line compilers](https://blogs.embarcadero.com/delphi-cbuilder-community-editions-now-available-in-version-10-4-2/#comment-1339) - meaning the last version of Community Edition cabale of compiling HFS2 is Delphi 10.3.x
+
+## Libs used
+- [ICS v8.64](http://www.overbyte.be) by François PIETTE 
+- [TRegExpr v0.952b](https://github.com/andgineer/TRegExpr/releases) by Andrey V. Sorokin
+- [JEDI Code Library v2.7](https://github.com/project-jedi/jcl)
+- [Kryvich's Delphi Localizer v4.1](http://sites.google.com/site/kryvich)

classesLib.pas

@@ -1,5 +1,5 @@
 {
-Copyright (C) 2002-2012  Massimo Melina (www.rejetto.com)
+Copyright (C) 2002-2020  Massimo Melina (www.rejetto.com)
 
 This file is part of HFS ~ HTTP File Server.
 
@@ -23,9 +23,20 @@ unit classesLib;
 interface
 
 uses
-  iniFiles, types, hslib, strUtils, sysUtils, classes, math, system.Generics.Collections;
+  iniFiles, types, hslib, strUtils, sysUtils, classes, math, system.Generics.Collections,
+  OverbyteIcsWSocket, OverbyteIcshttpProt;
 
 type
+  TantiDos = class
+  protected
+    accepted: boolean;
+    Paddress: string;
+  public
+    constructor create;
+    destructor Destroy; override;
+    function accept(conn:ThttpConn; address:string=''):boolean;
+    end;
+
   TfastStringAppend = class
   protected
     buff: string;
@@ -88,6 +99,7 @@ type
     constructor create;
     destructor Destroy; override;
     function addFile(src:string; dst:string=''; data:Tobject=NIL):boolean; virtual;
+    function contains(src:string):boolean;
     function count():integer;
     procedure reset(); virtual;
     property totalSize:int64 read getTotal;
@@ -138,7 +150,7 @@ type
   PtplSection = ^TtplSection;
   TtplSection = record
     name, txt: string;
-    nolog, nourl, cache: boolean;
+    nolog, public, noList, cache: boolean;
     ts: Tdatetime;
     end;
 
@@ -189,6 +201,12 @@ type
     destructor Destroy; override;
     end;
 
+  ThttpClient = class(TSslHttpCli)
+    constructor Create(AOwner: TComponent); override;
+    destructor Destroy; override;
+    class function createURL(url:string):ThttpClient;
+    end;
+
   Ttlv = class
   protected
     cur, bound: integer;
@@ -214,6 +232,94 @@ implementation
 uses
   utilLib, main, windows, dateUtils, forms;
 
+const folderConcurrents: integer = 0;
+const MAX_CONCURRENTS = 3;
+const ip2availability: Tdictionary<string,Tdatetime> = NIL;
+
+constructor TantiDos.create();
+begin
+accepted:=FALSE;
+end;
+
+function TantiDos.accept(conn:ThttpConn; address:string=''):boolean;
+
+  procedure reject();
+  resourcestring
+    MSG_ANTIDOS_REPLY = 'Please wait, server busy';
+  begin
+  conn.reply.mode:=HRM_OVERLOAD;
+  conn.addHeader(ansistring('Refresh: '+intToStr(1+random(2)))); // random for less collisions
+  conn.reply.body:=UTF8Encode(MSG_ANTIDOS_REPLY);
+  end;
+
+begin
+if address= '' then
+  address:=conn.address;
+if ip2availability = NIL then
+  ip2availability:=Tdictionary<string,Tdatetime>.create();
+try
+  if ip2availability[address] > now() then // this specific address has to wait?
+    begin
+    reject();
+    exit(FALSE);
+    end;
+except
+  end;
+if folderConcurrents >= MAX_CONCURRENTS then   // max number of concurrent folder loading, others are postponed
+  begin
+  reject();
+  exit(FALSE);
+  end;
+inc(folderConcurrents);
+Paddress:=address;
+ip2availability.AddOrSetValue(address, now()+1/HOURS);
+accepted:=TRUE;
+Result:=TRUE;
+end;
+
+destructor TantiDos.Destroy;
+var
+  pair: Tpair<string,Tdatetime>;
+  t: Tdatetime;
+begin
+if not accepted then
+  exit;
+t:=now();
+if folderConcurrents = MAX_CONCURRENTS then // serving multiple addresses at max capacity, let's give a grace period for others
+  ip2availability[Paddress]:=t + 1/SECONDS
+else
+  ip2availability.Remove(Paddress);
+dec(folderConcurrents);
+// purge leftovers
+ for pair in ip2availability do
+  if pair.Value < t then
+    ip2availability.Remove(pair.Key);
+end;
+
+class function ThttpClient.createURL(url:string):ThttpClient;
+begin
+if startsText('https://', url)
+and not httpsCanWork() then
+  exit(NIL);
+result:=ThttpClient.Create(NIL);
+result.URL:=url;
+end;
+
+constructor ThttpClient.create(AOwner: TComponent);
+begin
+inherited;
+followRelocation:=TRUE;
+agent:=HFS_HTTP_AGENT;
+SslContext := TSslContext.Create(NIL);
+end; // create
+
+destructor ThttpClient.Destroy;
+begin
+SslContext.free;
+SslContext:=NIl;
+inherited destroy;
+end;
+
 constructor TperIp.create();
 begin
 limiter:=TspeedLimiter.create();
@@ -419,6 +525,16 @@ if cachedTotal < 0 then calculate();
 result:=cachedTotal;
 end; // getTotal
 
+function TarchiveStream.contains(src:string):boolean;
+var
+  i: integer;
+begin
+for i:=0 to Length(flist)-1 do
+  if flist[i].src = src then
+    exit(TRUE);
+result:=FALSE;
+end;
+
 function TarchiveStream.addFile(src:string; dst:string=''; data:Tobject=NIL):boolean;
 
   function getMtime(fh:Thandle):int64;
@@ -504,10 +620,7 @@ end; // reset
 function TtarStream.fsInit():boolean;
 begin
 if assigned(fs) and (fs.FileName = flist[cur].src) then
-  begin
-  result:=TRUE;
-  exit;
-  end;
+  exit(TRUE);
 result:=FALSE;
 try
   freeAndNIL(fs);
@@ -746,10 +859,12 @@ var
 
 var
   i, posBak: int64;
+  n: integer;
 begin
 posBak:=pos;
 p:=@buffer;
-while (count > 0) and (cur < length(flist)) do
+n:=length(flist);
+while (count > 0) and (cur < n) do
   case where of
     TW_HEADER:
       begin
@@ -913,7 +1028,7 @@ if sections.containsKey(section) then
   result:=sections[section]
 else
   result:=NIL;
-if inherit and assigned(over) and ((result = NIL) or (trim(result.txt) = '')) then
+if inherit and assigned(over) and (result = NIL) then
   result:=over.getSection(section);
 end; // getSection
 
@@ -928,7 +1043,7 @@ else
 end; // getTxt
 
 function Ttpl.getTxtByExt(fileExt:string):string;
-begin result:=getTxt('file.'+fileExt) end;
+begin result:=getTxt('file'+fileExt) end;
 
 procedure Ttpl.fromString(txt:string);
 var
@@ -978,12 +1093,52 @@ var
 
   procedure saveInSection();
   var
-    ss: TStringDynArray;
-    s: string;
-    i: integer;
     base: TtplSection;
+
+    function parseFlagsAndAcceptSection(flags:TStringDynArray):boolean;
+    var
+      f, k, v, s: string;
+      i: integer;
+    begin
+    for f in flags do
+      begin
+      i:=pos('=',f);
+      if i = 0 then
+        begin
+        if f='no log' then
+          base.nolog:=TRUE
+        else if f='public' then
+          base.public:=TRUE
+        else if f='no list' then
+          base.noList:=TRUE
+        else if f='cache' then
+          base.cache:=TRUE;
+        Continue;
+        end;
+      k:=copy(f,1,i-1);
+      v:=copy(f,i+1,MAXINT);
+      if k = 'build' then
+        begin
+        s:=chop('-',v);
+        if (v > '') and (VERSION_BUILD > v) // max
+        or (s > '') and (VERSION_BUILD < s) then // min
+          exit(FALSE);
+        end
+      else if k = 'ver' then
+        if fileMatch(v, VERSION) then continue
+        else exit(FALSE)
+      else if k = 'template' then
+        if fileMatch(v, getTill(#13,getTxt('template id'))) then continue
+        else exit(FALSE)
+      end;
+    result:=TRUE;
+    end;
+
+  var
+    ss: TStringDynArray;
+    s, si: string;
     till: pchar;
-    append: boolean;
+    append, prepend, add: boolean;
     sect, from: PtplSection;
   begin
   till:=pred(bos);
@@ -991,44 +1146,49 @@ var
   if till^ = #10 then dec(till);
   if till^ = #13 then dec(till);
 
+  base:=default(TtplSection);
   base.txt:=getStr(ptxt, till);
-  // there may be flags after |
-  s:=cur_section;
-  cur_section:=chop('|', s);
-  base.nolog:=ansiPos('no log', s) > 0;
-  base.nourl:=ansiPos('private', s) > 0;
-  base.cache:=ansiPos('cache', s) > 0;
   base.ts:=now();
+  ss:=split('|',cur_section);
+  cur_section:=popString(ss);
+  if not parseFlagsAndAcceptSection(ss) then
+    exit;
 
-  s:=cur_section;
-  append:=ansiStartsStr('+', s);
-  if append then
-    delete(s,1,1);
+  prepend:=startsStr('^', cur_section);
+  append:=startsStr('+', cur_section);
+  add:=prepend or append;
+  if add then
+    delete(cur_section,1,1);
 
   // there may be several section names separated by =
-  ss:=split('=', s);
+  ss:=split('=', cur_section);
   // handle the main section specific case
-  if ss = NIL then addString('', ss);
+  if ss = NIL then
+    addString('', ss);
   // assign to every name the same txt
-  for i:=0 to length(ss)-1 do
+  for si in ss do
     begin
-    s:=trim(ss[i]);
+    s:=trim(si);
     sect:=getSection(s, FALSE);
     from:=NIL;
     if sect = NIL then // not found
       begin
-      if append then
+      if add then
         from:=getSection(s);
       sect:=newSection(s);
       end
     else
-      if append then
+      if add then
         from:=sect;
     if from<>NIL then
       begin // inherit from it
-      sect.txt:=from.txt+base.txt;
+      if append then
+        sect.txt:=from.txt+base.txt
+      else
+        sect.txt:=base.txt+CRLF+from.txt;
       sect.nolog:=from.nolog or base.nolog;
-      sect.nourl:=from.nourl or base.nourl;
+      sect.public:=from.public or base.public;
+      sect.noList:=from.noList or base.noList;
       continue;
       end;
     sect^:=base;
@@ -1037,13 +1197,12 @@ var
   end; // saveInSection
 
 const
-  BOM = #$EF#$BB#$BF;
+  UTF8_BOM = #$EF#$BB#$BF;
 var
   first: boolean;
 begin
-// this is used by some unicode files. at the moment we just ignore it.
-if ansiStartsStr(BOM, txt) then
-  delete(txt, 1, length(BOM));
+if ansiStartsStr(UTF8_BOM, txt) then
+  delete(txt, 1, length(UTF8_BOM));
 
 if txt = '' then exit;
 src:=src+txt;
@@ -1089,8 +1248,8 @@ function Ttlv.pop(var value:string; var raw:ansistring):integer;
 var
   n: integer;
 begin
-result:=-1;
-if isOver() then exit; // finished
+if isOver() then 
+  exit(-1); // finished
 result:=integer((@whole[cur])^);
 n:=Pinteger(@whole[cur+4])^;
 raw:=copy(whole, cur+8, n);
@@ -1109,10 +1268,7 @@ function Ttlv.down():boolean;
 begin
 // do we have anything to recur on?
 if (cur = 1) then
-  begin
-  result:=false;
-  exit;
-  end;
+  exit(FALSE);
 // push into the stack
 if (stackTop = length(stack)) then // space over
   setLength(stack, stackTop+10); // make space
@@ -1129,10 +1285,7 @@ end; // down
 function Ttlv.up():boolean;
 begin
 if stackTop = 0 then
-  begin
-  result:=false;
-  exit;
-  end;
+  exit(FALSE);
 dec(stackTop);
 bound:=stack[stackTop];
 dec(stackTop);

country.cache

@@ -1 +0,0 @@
-127.0.0.1=(Private Address) (XX)

data.rc

@@ -1,10 +1,7 @@
 1 24 "WindowsXP.manifest"
 defaultTpl TEXT default.tpl
 dmBrowserTpl TEXT dmBrowser.tpl
-invertban TEXT invertban.txt
 filelistTpl TEXT filelist.tpl
-uploadDisabled TEXT upload_disabled.txt
-uploadHowTo TEXT upload_how.txt
 alias TEXT alias.txt
 IPservices TEXT ipservices.txt
 jquery TEXT jquery.min.js

defs.inc

@@ -1,3 +1,5 @@
+{$A+,B-,C+,E-,F-,G+,H+,I-,J+,K-,L+,M-,N+,O+,P+,Q-,R-,S-,T-,U-,V+,X+,Y+,Z1}
+
 {$DEFINE NOT STABLE }
 {$IFDEF STABLE }
   {$ASSERTIONS OFF}

developer notes.txt

@@ -1,9 +0,0 @@
-Initially developed with Delphi 6, now with Delphi 10.3.3
-
-Icons are generated at http://fontello.com/ . Use fontello.json for further modifications.
-
-=== LIBS USED
-ICS v8.63 by François PIETTE http://www.overbyte.be
-TRegExpr v0.952 by Andrey V. Sorokin http://www.regexpstudio.com/TRegExpr/TRegExpr.html
-JEDI Code Library v2.7 https://github.com/project-jedi/jcl
-Kryvich's Delphi Localizer v4.1 http://sites.google.com/site/kryvich

hfs.dof

@@ -1,133 +0,0 @@
-[FileVersion]
-Version=6.0
-[Compiler]
-A=8
-B=0
-C=1
-D=1
-E=0
-F=0
-G=1
-H=1
-I=1
-J=0
-K=0
-L=1
-M=0
-N=1
-O=1
-P=1
-Q=0
-R=0
-S=0
-T=0
-U=0
-V=1
-W=1
-X=1
-Y=2
-Z=1
-ShowHints=1
-ShowWarnings=1
-UnitAliases=WinTypes=Windows;WinProcs=Windows;DbiTypes=BDE;DbiProcs=BDE;DbiErrs=BDE;
-[Linker]
-MapFile=3
-OutputObjs=0
-ConsoleApp=1
-DebugInfo=0
-RemoteSymbols=0
-MinStackSize=16384
-MaxStackSize=1048576
-ImageBase=4194304
-ExeDescription=Http File Server - www.rejetto.com/hfs
-[Directories]
-OutputDir=
-UnitOutputDir=
-PackageDLLOutputDir=
-PackageDCPOutputDir=
-SearchPath=$(DELPHI)\Lib\Debug;C:\code\other\compiled
-Packages=vcl;rtl;vclx;VclSmp;DJCL60;IcsDel60
-Conditionals=
-DebugSourceDirs=C:\code\other\ics\Delphi\Vc32\
-UsePackages=0
-[Parameters]
-RunParams=
-HostApplication=
-Launcher=
-UseLauncher=0
-DebugCWD=
-[Version Info]
-IncludeVerInfo=0
-AutoIncBuild=0
-MajorVer=1
-MinorVer=6
-Release=0
-Build=0
-Debug=0
-PreRelease=0
-Special=0
-Private=0
-DLL=0
-Locale=1040
-CodePage=1252
-[Version Info Keys]
-CompanyName=rejetto
-FileDescription=
-FileVersion=1.6.0.0
-InternalName=HFS
-LegalCopyright=Copyright (C) 2002-2004  Massimo Melina (www.rejetto.com)
-LegalTrademarks=
-OriginalFilename=hfs.exe
-ProductName=Http File Server
-ProductVersion=1.0.0.0
-Comments=
-[Excluded Packages]
-c:\programmi\borland\delphi6\Bin\dclshlctrls60.bpl=Shell Control Property and Component Editors
-c:\programmi\borland\delphi6\Projects\Bpl\dclusr60.bpl=Borland User Components
-C:\PROGRA~1\Borland\Delphi6\Projects\Bpl\JclBaseExpertD60.bpl=JCL Package containing common units for JCL Experts
-C:\PROGRA~1\Borland\Delphi6\Projects\Bpl\JclDebugExpertD60.bpl=JCL Debug IDE extension
-C:\PROGRA~1\Borland\Delphi6\Projects\Bpl\JclProjectAnalysisExpertD60.bpl=JCL Project Analyzer
-C:\PROGRA~1\Borland\Delphi6\Projects\Bpl\JclFavoriteFoldersExpertD60.bpl=JCL Open and Save IDE dialogs with favorite folders
-C:\PROGRA~1\Borland\Delphi6\Projects\Bpl\JclThreadNameExpertD60.bpl=JCL Thread Name IDE expert
-C:\PROGRA~1\Borland\Delphi6\Projects\Bpl\JclUsesExpertD60.bpl=JCL Uses Wizard
-C:\PROGRA~1\Borland\Delphi6\Projects\Bpl\JclSIMDViewExpertD60.bpl=JCL Debug Window of XMM registers
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvAppFrmD6D.bpl=JVCL Application and Form Components
-C:\PROGRA~1\Borland\Delphi6\Projects\Bpl\JvCoreD6D.bpl=JVCL Core Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvBandsD6D.bpl=JVCL Band Objects
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvCmpD6D.bpl=JVCL Non-Visual Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvCryptD6D.bpl=JVCL Encryption and Compression Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvCtrlsD6D.bpl=JVCL Visual Controls
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvCustomD6D.bpl=JVCL Custom Controls
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvDlgsD6D.bpl=JVCL Dialog Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvDockingD6D.bpl=JVCL Docking Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvDotNetCtrlsD6D.bpl=JVCL DotNet Controls
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvGlobusD6D.bpl=JVCL Globus Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvHMID6D.bpl=JVCL HMI Controls design time unit
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvInterpreterD6D.bpl=JVCL Interpreter Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvJansD6D.bpl=JVCL Jans Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvManagedThreadsD6D.bpl=JVCL Managed Threads
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvMMD6D.bpl=JVCL Multimedia and Image Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvNetD6D.bpl=JVCL Network Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvPageCompsD6D.bpl=JVCL Page Style Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvPluginD6D.bpl=JVCL Plugin Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvPrintPreviewD6D.bpl=JVCL Print Preview Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvRuntimeDesignD6D.bpl=JVCL Runtime Design Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvStdCtrlsD6D.bpl=JVCL Standard Controls
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvSystemD6D.bpl=JVCL System Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvTimeFrameworkD6D.bpl=JVCL Time Framework
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvUIBD6D.bpl=JVCL Unified Interbase Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvValidatorsD6D.bpl=JVCL Validators and Error Provider Components
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvWizardD6D.bpl=JVCL Wizard Design Time Package
-C:\Programmi\Borland\Delphi6\Projects\Bpl\JvXPCtrlsD6D.bpl=JVCL XP Controls
-C:\PROGRAMMI\BORLAND\DELPHI6\Bin\PDIFac60.bpl=Interface for ProDelphi viewer
-c:\programmi\borland\delphi6\Bin\dcl31w60.bpl=Delphi 1.0 Compatibility Components
-c:\programmi\borland\delphi6\Projects\Bpl\VirtualTreesD6D.bpl=Virtual Treeview
-[HistoryLists\hlDebugSourcePath]
-Count=1
-Item0=C:\code\other\ics\Delphi\Vc32\
-[HistoryLists\hlUnitAliases]
-Count=1
-Item0=WinTypes=Windows;WinProcs=Windows;DbiTypes=BDE;DbiProcs=BDE;DbiErrs=BDE;
-[HistoryLists\hlSearchPath]
-Count=1
-Item0=$(DELPHI)\Lib\Debug;C:\code\other\compiled

hfs.dproj

@@ -206,31 +206,31 @@
             </Platforms>
             <ModelSupport>False</ModelSupport>
             <Deployment Version="3">
+                <DeployFile LocalName="hfs.dpr" Configuration="Release" Class="ProjectFile">
+                    <Platform Name="Win32">
+                        <RemoteDir>.\</RemoteDir>
+                        <Enabled>false</Enabled>
+                        <Overwrite>true</Overwrite>
+                    </Platform>
+                </DeployFile>
                 <DeployFile LocalName="hfs.exe" Configuration="Debug" Class="ProjectOutput">
                     <Platform Name="Win32">
                         <RemoteName>hfs.exe</RemoteName>
                         <Overwrite>true</Overwrite>
                     </Platform>
                 </DeployFile>
+                <DeployFile LocalName="hfs.exe" Configuration="Release" Class="ProjectOutput">
+                    <Platform Name="Win32">
+                        <RemoteName>hfs.exe</RemoteName>
+                        <Overwrite>true</Overwrite>
+                    </Platform>
+                </DeployFile>
                 <DeployFile LocalName="hfs.dpr" Configuration="Debug" Class="ProjectFile">
                     <Platform Name="Win32">
                         <RemoteDir>.\</RemoteDir>
                         <Overwrite>true</Overwrite>
                     </Platform>
                 </DeployFile>
-                <DeployFile LocalName="hfs.dpr" Configuration="Release" Class="ProjectFile">
-                    <Platform Name="Win32">
-                        <RemoteDir>.\</RemoteDir>
-                        <Enabled>false</Enabled>
-                        <Overwrite>true</Overwrite>
-                    </Platform>
-                </DeployFile>
-                <DeployFile LocalName="hfs.exe" Configuration="Release" Class="ProjectOutput">
-                    <Platform Name="Win32">
-                        <RemoteName>hfs.exe</RemoteName>
-                        <Overwrite>true</Overwrite>
-                    </Platform>
-                </DeployFile>
                 <DeployClass Name="AdditionalDebugSymbols">
                     <Platform Name="OSX32">
                         <Operation>1</Operation>

hfs.dsk

@@ -1,185 +0,0 @@
-[Closed Files]
-File_0=SourceModule,'C:\code\mine\hfs\whatsnew.txt',0,1,13,28,45,0,0
-File_1=SourceModule,'C:\code\mine\hslib\hslib.pas',0,1,901,26,924,0,0
-File_2=SourceModule,'C:\code\mine\hfs\utillib.pas',0,1,46,1,80,0,0
-File_3=SourceModule,'C:\code\mine\hfs\todo.txt',0,1,1,1,1,0,0
-File_4=SourceModule,'C:\code\other\ics\Delphi\Vc32\WSocket.pas',0,1,2948,36,2957,0,0
-File_5=SourceModule,'C:\code\other\ics\Delphi\Vc32\WSocketS.pas',0,1,48,46,265,0,0
-File_6=SourceModule,'C:\code\other\ics\Delphi\Vc32\UUEncode.pas',0,1,64,21,82,0,0
-File_7=SourceModule,'C:\code\mine\andrq\utilLib.pas',0,1,3737,25,3767,0,0
-File_8=SourceModule,'C:\code\mine\andrq\prefDlg.pas',0,1,570,27,590,1,0
-
-[Modules]
-Module0=C:\code\mine\hfs\main.pas
-Count=1
-EditWindowCount=1
-
-[C:\code\mine\hfs\main.pas]
-ModuleType=SourceModule
-FormState=1
-FormOnTop=0
-
-[C:\Programmi\Borland\Delphi6\Projects\ProjectGroup1.bpg]
-FormState=0
-FormOnTop=0
-
-[C:\code\mine\hfs\hfs.dpr]
-FormState=0
-FormOnTop=0
-
-[EditWindow0]
-ViewCount=1
-CurrentView=0
-View0=0
-MessageView=MessageView@EditWindow0
-Create=1
-Visible=1
-State=0
-Left=190
-Top=101
-Width=834
-Height=639
-MaxLeft=-4
-MaxTop=97
-ClientWidth=826
-ClientHeight=612
-LeftPanelSize=0
-RightPanelSize=0
-BottomPanelSize=0
-BottomPanelClients=MessageView@EditWindow0
-BottomPanelData=00000400010000000B0000004D6573736167655669657700000000000000000000000000000000000100000000000000000B0000004D65737361676556696577FFFFFFFF
-
-[View0]
-Module=C:\code\mine\hfs\main.pas
-CursorX=33
-CursorY=63
-TopLine=41
-LeftCol=1
-
-[Watches]
-Count=1
-Watch0='h',256,0,18,1,0
-
-[Breakpoints]
-Count=0
-
-[AddressBreakpoints]
-Count=0
-
-[Main Window]
-Create=1
-Visible=1
-State=2
-Left=0
-Top=0
-Width=1024
-Height=105
-MaxLeft=-4
-MaxTop=-4
-MaxWidth=1032
-MaxHeight=105
-ClientWidth=1024
-ClientHeight=78
-
-[ProjectManager]
-Create=1
-Visible=0
-State=0
-Left=369
-Top=372
-Width=438
-Height=303
-MaxLeft=-1
-MaxTop=-1
-ClientWidth=430
-ClientHeight=279
-TBDockHeight=303
-LRDockWidth=438
-Dockable=1
-
-[CPUWindow]
-Create=1
-Visible=0
-State=0
-Left=245
-Top=207
-Width=533
-Height=353
-MaxLeft=-1
-MaxTop=-1
-ClientWidth=525
-ClientHeight=326
-DumpPane=79
-DisassemblyPane=187
-RegisterPane=231
-FlagPane=64
-
-[AlignmentPalette]
-Create=1
-Visible=0
-State=0
-Left=200
-Top=107
-Width=156
-Height=82
-MaxLeft=-1
-MaxTop=-1
-ClientWidth=150
-ClientHeight=60
-
-[PropertyInspector]
-Create=1
-Visible=1
-State=0
-Left=0
-Top=119
-Width=190
-Height=621
-MaxLeft=-1
-MaxTop=-1
-ClientWidth=182
-ClientHeight=597
-TBDockHeight=621
-LRDockWidth=190
-Dockable=1
-SplitPos=85
-ArrangeBy=Name
-SelectedItem=Caption
-ExpandedItems=
-HiddenCategories=
-
-[ObjectTree]
-Create=1
-Visible=1
-State=0
-Left=1
-Top=99
-Width=190
-Height=252
-MaxLeft=-1
-MaxTop=-1
-ClientWidth=182
-ClientHeight=228
-TBDockHeight=252
-LRDockWidth=190
-Dockable=1
-
-[MessageView@EditWindow0]
-Create=1
-Visible=0
-State=0
-Left=12
-Top=0
-Width=814
-Height=52
-MaxLeft=-1
-MaxTop=-1
-ClientWidth=814
-ClientHeight=52
-TBDockHeight=52
-LRDockWidth=443
-Dockable=1
-
-[DockHosts]
-DockHostCount=0
-

hfs.events

@@ -1,3 +0,0 @@
-[+download]
-{.remove header|ETag.}
-{.remove header|Set-cookie.}

hfs.lng

@@ -1,5 +1,5 @@
 ; Kryvich's Delphi Localizer Language File.
-; Generated by K.D.L. Scanner, 24/05/2020 20:02:17
+; Generated by K.D.L. Scanner, 02/08/2020 18:30:32
 
 Humanize=1
 HumanizedCR=\^
@@ -120,6 +120,8 @@ filemenu.Editresource1.Caption=Edit resource...
 filemenu.CopyURL1.Caption=Copy URL address
 filemenu.CopyURL1.Hint=just double click!
 filemenu.CopyURLwithpassword1.Caption=Copy URL with password
+filemenu.CopyURLwithdifferentaddress1.Caption=Copy URL with different host address
+filemenu.CopyURLwithfingerprint1.Caption=Copy URL with fingerprint
 filemenu.Browseit1.Caption=Browse it
 filemenu.SetURL1.Caption=Set URL...
 filemenu.Openit1.Caption=Open it
@@ -127,8 +129,6 @@ filemenu.Flagasnew1.Caption=Flag as new
 filemenu.Resetnewflag1.Caption=Reset <new> flag
 filemenu.Setuserpass1.Caption=Set user/pass...
 filemenu.Resetuserpass1.Caption=Reset user/pass
-filemenu.CopyURLwithdifferentaddress1.Caption=Copy URL with different host address
-filemenu.CopyURLwithfingerprint1.Caption=Copy URL with fingerprint
 filemenu.Purge1.Caption=Purge...
 filemenu.Switchtovirtual1.Caption=Change to virtual-folder
 filemenu.Switchtorealfolder1.Caption=Change to real-folder
@@ -282,7 +282,6 @@ menu.Debug1.dumpTrafficChk.Caption=Dump traffic
 menu.Debug1.Showcustomizedoptions1.Caption=Show customized options...
 menu.Debug1.highSpeedChk.Caption=Experimental high speed handling
 menu.Debug1.macrosLogChk.Caption=Enable macros.log
-menu.Debug1.Appendmacroslog1.Caption=Append macros.log
 menu.Debug1.Runscript1.Caption=Run script...
 menu.Debug1.showMemUsageChk.Caption=Show memory usage
 menu.Debug1.noContentdispositionChk.Caption=No Content-disposition
@@ -397,7 +396,7 @@ pageCtrl.accountsPage.accountpropGrp.Label8.Caption=Notes
 pageCtrl.accountsPage.accountpropGrp.accountenabledChk.Caption=&Enabled
 pageCtrl.accountsPage.accountpropGrp.ignoreLimitsChk.Caption=&Ignore limits
 pageCtrl.accountsPage.accountpropGrp.pwdBox.EditLabel.Caption=&Password
-pageCtrl.accountsPage.accountpropGrp.redirBox.EditLabel.Caption=After ~login, redirect to
+pageCtrl.accountsPage.accountpropGrp.redirBox.EditLabel.Caption{1}=After login, redirect to
 pageCtrl.accountsPage.accountpropGrp.accountLinkBox.EditLabel.Caption=Member of
 pageCtrl.accountsPage.accountpropGrp.groupChk.Caption=&Group
 pageCtrl.accountsPage.accountpropGrp.groupsBtn.Caption=Choose...
@@ -452,141 +451,283 @@ Panel1.Button1.Caption=&Yes
 Panel1.Button2.Caption=&No
 
 [ResourceStrings]
-64820_main_MSG{1}=The current template is using macros.\^Do you want to cancel this action?
-64801_main_REMOVE_SHELL=Remove from shell context menu
-64802_main_S_OFF=Switch OFF
-64803_main_S_ON{1}=Switch ON
-64804_main_LOG=Log
-64820_main_MSG=You are invited to re-insert your No-IP configuration, otherwise the updater won't work as expected.
-64820_main_MSG{1}=Max simultaneous addresses.
-64809_main_MSG2=In this moment there are %d different addresses
-64820_main_MSG{1}=Max simultaneous addresses downloading.
-64809_main_MSG2{1}=In this moment there are %d different addresses downloading
-64820_main_MSG{1}=Max lines on screen
-64820_main_MSG{1}=Here you can specify how to format the log file complying Apache standard.\^Leave blank to get bare copy of screen on file.\^\^Example:\^   %h %l %u %t "%r" %>s %b
-64820_main_MSG{1}=This option creates an .md5 file for every new calculated fingerprint.\^Use with care to get not your disk invaded by these files.
-64820_main_MSG{1}=When you add files and no fingerprint is found, it is calculated.\^To avoid long waitings, set a limit to file size (in KiloBytes).\^Leave empty to disable, and have no fingerprint created.
-64820_main_MSG{1}=Specify your addresses, each per line
-64820_main_MSG{1}=Can't find external address\^( %s )
-64820_main_MSG{1}=This option makes pointless the option "Find external address at startup", which has now been disabled for your convenience.
-64820_main_MSG{1}=Enter URL for updating.\^%ip% will be translated to your external IP.
-64820_main_MSG{1}=The upload will fail if your disk has less than the specified amount of free MegaBytes.
-64820_main_MSG{1}=This string will be appended to the filename.\^\^If you need more control, enter a string with %name% in it, and this symbol will be replaced by the original filename.
-64822_main_MSG_BEFORE=Here you can test if your server does work on the Internet.\^If you are not interested in serving files over the Internet, this is NOT for you.\^\^We'll now perform a test involving network activity.\^In order to complete this test, you may need to allow HFS's activity in your firewall, by clicking Allow on the warning prompt.\^\^WARNING: for the duration of the test, all ban rules and limits on the number of connections won't apply.
-64823_main_MSG_OK=The test is successful. The server should be working fine.
-64824_main_MSG_OK_PORT=Port %s is not working, but another working port has been found and set: %s.
-64825_main_MSG_3=You may be behind a router or firewall.
-64826_main_MSG_6=You are behind a router.\^Ensure it is configured to forward port %s to your computer.
-64827_main_MSG_7=You may be behind a firewall.\^Ensure nothing is blocking HFS.
-64820_main_MSG{1}="Suggest" the browser to open directly the specified files.\^Other files should pop up a save dialog.
-64820_main_MSG{1}=You should not use this option unless you really know its meaning.\^Continue?
-64830_main_HELP=For help on how to use this file please refer http://www.rejetto.com/wiki/?title=HFS:_Event_scripts
-64831_main_CAPTION=Edit resource
-64832_main_MSG_CORRUPTED=This file does not contain valid data.
-64833_main_MSG_MACROS_FOUND=!!!!!!!!! DANGER !!!!!!!!!\^This file contains macros.\^Don't accept macros from people you don't trust.\^\^Trust this file?
-64834_main_MSG_INFO=Last stable version: %s\^\^Last untested version: %s\^
-64835_main_MSG_NEWER=There's a new version available online: %s
-64836_main_ARE_EXPERT{1}=You are in Expert mode
-64837_main_ARE_EASY=You are in Easy mode
-64838_main_SW2EXPERT=Switch to Expert mode
-64839_main_SW2EASY=Switch to Easy mode
-64820_main_MSG{1}=Enter the number of MINUTES with no download after which the program automatically shuts down.\^Leave blank to get no timeout.
-64820_main_MSG{1}=This function does not save any previous information to the log file.\^Instead, it saves all information that appears in the log box in real-time (from when you click "OK", below).\^Specify a filename for the log.\^If you leave the filename blank, no log file is saved.\^\^Here are some symbols you can use in the filename to split the log:\^  %d% -- day of the month (1..31)\^  %m% -- month (1..12)\^  %y% -- year (2000..)\^  %dow% -- day of the week (0..6)\^  %w% -- week of the year (1..53)\^  %user% -- username surrounded by parenthesis
-64820_main_MSG{1}=Please insert an URL for the link\^\^Do not forget to specify http:// or whatever.\^%%ip%% will be translated to your address
-64820_main_MSG{1}=The realm string is shown on the user/pass dialog of the browser.\^Here you can customize the realm for the login button
-64820_main_MSG{1}=The connection is kicked after a timeout.\^Specify in seconds.\^Leave blank to get no timeout.
-64820_main_MSG{1}=All changes will be lost\^Continue?
-64820_main_MSG{1}=Enter the number of MINUTES files stay flagged from their addition.\^Leave blank to disable.
-64820_main_MSG{1}=Any event from the following IP address mask will be not logged.
-64876_main_LIMIT{1}=Speed limit
-64849_main_MSG_MAX_BW_1=Max bandwidth for single address (KB/s).
-64850_main_LIMIT1=Speed limit for single address
-64851_main_NODL=No downloads timeout: 
-64820_main_MSG{1}=Graph refresh rate: %d (tenths of second)
-64820_main_MSG{1}=Max simultaneous connections to serve.\^Most people don't know this function well, and have problems. If you are unsure, please use the "Max simultaneous downloads".
-64809_main_MSG2{1}=In this moment there are %d active connections
-64820_main_MSG{1}=Max simultaneous downloads.
-64809_main_MSG2{1}=In this moment there are %d active downloads
-64820_main_MSG{1}=Max simultaneous connections to accept from a single IP address.\^Most people don't know this function well, and have problems. If you are unsure, please use the "Max simultaneous downloads from a single IP address".
-64820_main_MSG{1}=Max simultaneous downloads from a single IP address.
-64859_main_MSG_TITLE=Loading VFS
-64860_main_MSG_OLD=This file is old and uses different settings.\^The "let browse" folder option will be reset.\^Re-saving the file will update its format.
-64861_main_MSG_UNK_FK=This file has been created with a newer version.\^Some data was discarded because unknown.\^If you save the file now, the discarded data will NOT be saved.
-64862_main_MSG_VIS_ONLY_ANON=This VFS file uses the "Visible only to anonymous users" feature.\^This feature is not available anymore.\^You can achieve similar results by restricting access to @anonymous,\^then enabling "List protected items only for allowed users".
-64863_main_MSG_AUTO_DISABLED=Because of the problems encountered in loading,\^automatic saving has been disabled\^until you save manually or load another one.
-64864_main_IN_SPEED=In: %.1f KB/s
-64865_main_BANS=Ban rules: %d
-64866_main_MEMORY=Mem
-64867_main_CUSTOMIZED=Customized template
-64868_main_ITEMS=VFS: %d items
-64869_main_MSG1=%s item(s) already exists:\^%s\^\^Continue?
-64820_main_MSG{1}=Leave empty to disable this feature.\^Here you can specify a mask.\^When a file is requested, if the mask doesn't match the "Referer" HTTP field, the request is rejected.
-64871_main_MSG_BETTERSTOP=\^Going on may lead to problems.\^It is adviced to stop loading.\^Stop?
-64872_main_MSG_BADCRC=This file is corrupted (CRC).
-64835_main_MSG_NEWER{1}=This file has been created with a newer and incompatible version.
-64874_main_MSG_ZLIB=This file is corrupted (ZLIB).
-64875_main_MSG_BAKAVAILABLE=This file is corrupted but a backup is available.\^Continue with backup?
-64876_main_LIMIT=Limit
-64877_main_TOP_SPEED=Top speed
-64878_main_MSG_MAX_BW=Max bandwidth (KB/s).
-64879_main_ZEROMSG=Zero is an effective limit.\^To disable instead, leave empty.
-64880_main_AUTOSAVE=Auto save every: 
-64820_main_MSG{1}=Auto-save %s.\^Specify in seconds.\^Leave blank to disable.
-64882_main_MSG_MIN=We don't accept less than %d
-64883_main_MSG_BAN=Your ban configuration may have been screwed up.\^Please verify it.
-64820_main_MSG{1}=Can't save options there.\^Should I try to save to user registry?
-64885_main_MSG_SAVE_ERROR=Cannot save the update
-64886_main_MSG_LIMITED=The auto-update feature cannot work because it requires the "Only 1 instance" option enabled.\^\^Your browser will now be pointed to the update, so you can install it manually.
-64887_main_MSG_UPDATE=You are invited to use the new version.\^\^Update now?
-64888_main_MSG_FROMDISK=Update info has been read from local file.\^To resume normal operation of the updater, delete the file hfs.updateinfo.txt from the HFS program folder.
-64889_main_COPY=Copy to clipboard
-64890_main_ALREADY=Already in clipboard
-64891_main_NOSPACE=Out of space
-64892_main_CONN=Connections: %d
-64893_main_TOT_IN=Total In: %s
-64894_main_TOT_OUT{1}=Total Out: %s
-64895_main_OUT_SPEED=Out: %.1f KB/s
-64896_main_MSG_DDNS_notdonator=an option specified requires payment
-64897_main_MSG_DDNS_badagent=banned client
-64820_main_MSG{1}=There are %d open connections from this address.\^Do you want to kick them all now?
-64809_main_MSG2{1}=You can edit the address.\^Masks and ranges are allowed.
-64820_main_MSG{1}=This option is NOT compatible with "dynamic dns updater".\^Continue?
-64809_main_MSG2{1}=There are %d connections open.\^Do you want to close them now?
-64902_main_FAILED=Login failed
-64876_main_LIMIT{1}=Max simultaneous addresses: %s ...
-64876_main_LIMIT{1}=Max simultaneous addresses downloading: %s ...
-64876_main_LIMIT{1}=Max connections: %s ...
-64876_main_LIMIT{1}=Max connections from single address: %s ...
-64876_main_LIMIT{1}=Max simultaneous downloads: %s ...
-64876_main_LIMIT{1}=Max simultaneous downloads from single address: %s ...
-64909_main_FINGERPRINT=Create fingerprint on addition under %d KB
-64910_main_NO_FINGERPRINT=Create fingerprint on addition: disabled
-64820_main_MSG{1}=Please insert a comment for "%s".\^You should use HTML: <br> for break line.
-64912_main_MSG_EMPTY_NO_LIMIT=Leave blank to get no limits.
-64913_main_MSG_ADDRESSES_EXCEED=The following addresses exceed the limit:\^%s
-64914_main_MSG_NO_TEMP=Cannot save temporary file
-64915_main_MSG_ERROR_REGISTRY=Can't write to registry.\^You may lack necessary rights.
-64916_main_MSG_MANY_ITEMS=You are putting many files.\^Try using real folders instead of virtual folders.\^Read documentation or ask on the forum for help.
-64917_main_MSG_ADD_TO_HFS="Add to HFS" has been added to your Window's Explorer right-click menu.
-64918_main_MSG_SINGLE_INSTANCE=Sorry, this feature only works with the "Only 1 instance" option enabled.\^\^You can find this option under Menu -> Start/Exit\^(only in expert mode)
-64919_main_MSG_COMM_ERROR=Network error. Request failed.
-64920_main_MSG_DDNS_badauth=invalid user/password
-64921_main_MSG_DDNS_notfqdn=incomplete hostname, required form aaa.bbb.com
-64922_main_MSG_DDNS_nohost=specified hostname does not exist
-64923_main_MSG_DDNS_notyours=specified hostname belongs to another username
-64924_main_MSG_DDNS_numhost=too many or too few hosts found
-64925_main_MSG_DDNS_abuse=specified hostname is blocked for update abuse
-64926_main_MSG_DDNS_dnserr=server error
-64927_main_MSG_DDNS_911=server error
-64935_main_S_PORT_LABEL=Port: %s
-64936_main_S_PORT_ANY=any
-64937_main_DISABLED=disabled
-64938_main_MSG_UNPROTECTED_LINKS=Links are NOT actually protected.\^The feature is there to be used with the "list protected items only..." option.\^Continue?
-64939_main_MSG_SAME_NAME=An item with the same name is already present in this folder.\^Continue?
-64940_main_MSG_OPTIONS_SAVED=Options saved
-64941_main_MSG_SOME_LOCKED=Some items were not affected because locked
-64942_main_MSG_ITEM_LOCKED=The item is locked
-64943_main_MSG_INVALID_VALUE=Invalid value
+64656_main_MSG_NUM_ADDR=In this moment there are %d different addresses
+64657_main_MSG_NUM_ADDR_DL=In this moment there are %d different addresses downloading
+64658_main_MSG_MAX_LINES=Max lines on screen.
+64659_main_MSG_APACHE_LOG_FMT=Apache log file format
+64660_main_MSG_APACHE_LOG_FMT_LONG=Here you can specify how to format the log file complying Apache standard.\^Leave blank to get bare copy of screen on file.\^\^Example:\^   %h %l %u %t "%r" %>s %b
+64661_main_MSG_ICONS_ADDED=%d new icons added
+64662_main_MSG_DDNS_DISABLED=Dynamic DNS updater disabled
+64663_main_MSG_MD5_WARN=This option creates an .md5 file for every new calculated fingerprint.\^Use with care to get not your disk invaded by these files.
+64664_main_MSG_AUTO_MD5=Auto fingerprint
+64665_main_MSG_AUTO_MD5_LONG=When you add files and no fingerprint is found, it is calculated.\^To avoid long waitings, set a limit to file size (in KiloBytes).\^Leave empty to disable, and have no fingerprint created.
+64666_main_MSG_UPL_HOWTO=1. Add a folder (choose "real folder")\^\^You should now see a RED folder in your virtual file sytem, inside HFS\^\^2. Right click on this folder\^3. Properties -> Permissions -> Upload\^4. Check on "Anyone"\^5. Ok\^\^Now anyone who has access to your HFS server can upload files to you.
+64672_main_MSG_EVENTS_HLP=For help on how to use this file please refer http://www.rejetto.com/wiki/?title=HFS:_Event_scripts
+64673_main_MSG_EDIT_RES=Edit resource
+64674_main_MSG_TPL_USE_MACROS=The current template is using macros.\^Do you want to cancel this action?
+64675_main_REMOVE_SHELL=Remove from shell context menu
+64676_main_S_OFF=Switch OFF
+64677_main_S_ON{1}=Switch ON
+64678_main_LOG=Log
+64679_main_MSG_RE_NOIP=You are invited to re-insert your No-IP configuration, otherwise the updater won't work as expected.
+64680_main_MSG_TRAY_DEF=%ip%\^Uptime: %uptime%\^Downloads: %downloads%
+64681_main_MSG_CLEAN_START=Clean start
+64682_main_MSG_RESTORE_BAK=A file system backup has been created for a system shutdown.\^Do you want to restore this backup?
+64683_main_MSG_EXT_ADDR_FAIL=Search for external address failed
+64684_main_MSG_TO_EXPERT=Switch to expert mode.
+64685_main_MSG_DONT_LOG_HINT=Select the files/folder you don't want to be logged,\^then right click and select "Don't log".
+64686_main_MSG_DL_PERC=Downloading %d%%
+64687_main_MSG_UNINSTALL_WARN=Delete HFS and all settings?
+64688_main_MSG_SELF_3=You may be behind a router or firewall.
+64689_main_MSG_SELF_6=You are behind a router.\^Ensure it is configured to forward port %s to your computer.
+64690_main_MSG_SELF_7=You may be behind a firewall.\^Ensure nothing is blocking HFS.
+64691_main_MSG_RET_EXT=Retrieving external address...
+64692_main_MSG_SELF_CANT_ON=Unable to switch the server on
+64693_main_MSG_SELF_CANT_LIST=Self test cannot be performed because HFS was configured to accept connections only on 127.0.0.1
+64694_main_MSG_SELF_CANT_S=Self test doesn't support HTTPS.\^It's likely it won't work.
+64695_main_MSG_SELF_ING=Self testing...
+64696_main_MSG_TEST_CANC=Test cancelled
+64697_main_MSG_TEST_INET=Testing internet connection...
+64698_main_MSG_SELF_UNAV=Sorry, the test is unavailable at the moment
+64699_main_MSG_SELF_NO_INET=Your internet connection does not work
+64700_main_MSG_SELF_NO_ANSWER=The test failed: server does not answer.
+64701_main_MSG_OPEN_BROW=Open directly in browser
+64702_main_MSG_OPEN_BROW_LONG="Suggest" the browser to open directly the specified files.\^Other files should pop up a save dialog.
+64703_main_MSG_HIDE_PORT=You should not use this option unless you really know its meaning.\^Continue?
+64704_main_MSG_RESET_TOT=Do you want to reset total in/out?
+64705_main_MSG_DISAB_FIND_EXT=This option makes pointless the option "Find external address at startup", which has now been disabled for your convenience.
+64706_main_MSG_ENT_URL=Enter URL
+64707_main_MSG_ENT_URL_LONG=Enter URL for updating.\^%ip% will be translated to your external IP.
+64708_main_MSG_ENT_USR=Enter user
+64709_main_MSG_ENT_PWD=Enter password
+64710_main_MSG_ENT_HOST=Enter host
+64711_main_MSG_ENT_HOST_LONG=Enter domain (full form!)
+64712_main_MSG_HOST_FORM=Please, enter it in the FULL form, with dots
+64713_main_MSG_MIN_SPACE=Min disk space
+64714_main_MSG_MIN_SPACE_LONG=The upload will fail if your disk has less than the specified amount of free MegaBytes.
+64715_main_MSG_REN_PART=Rename partial uploads
+64716_main_MSG_REN_PART_LONG=This string will be appended to the filename.\^\^If you need more control, enter a string with %name% in it, and this symbol will be replaced by the original filename.
+64717_main_MSG_SELF_BEFORE=Here you can test if your server does work on the Internet.\^If you are not interested in serving files over the Internet, this is NOT for you.\^\^We'll now perform a test involving network activity.\^In order to complete this test, you may need to allow HFS's activity in your firewall, by clicking Allow on the warning prompt.\^\^WARNING: for the duration of the test, all ban rules and limits on the number of connections won't apply.
+64718_main_MSG_SELF_OK=The test is successful. The server should be working fine.
+64719_main_MSG_SELF_OK_PORT=Port %s is not working, but another working port has been found and set: %s.
+64720_main_MSG_LOG_FILE=Log file
+64721_main_MSG_LOG_FILE_LONG=This function does not save any previous information to the log file.\^Instead, it saves all information that appears in the log box in real-time (from when you click "OK", below).\^Specify a filename for the log.\^If you leave the filename blank, no log file is saved.\^\^Here are some symbols you can use in the filename to split the log:\^  %d% -- day of the month (1..31)\^  %m% -- month (1..12)\^  %y% -- year (2000..)\^  %dow% -- day of the week (0..6)\^  %w% -- week of the year (1..53)\^  %user% -- username surrounded by parenthesis
+64722_main_MSG_SET_URL=Set URL
+64723_main_MSG_SET_URL_LONG=Please insert an URL for the link\^\^Do not forget to specify http:// or whatever.\^%%ip%% will be translated to your address
+64724_main_MSG_REALM=Login realm
+64725_main_MSG_REALM_LONG=The realm string is shown on the user/pass dialog of the browser.\^Here you can customize the realm for the login button
+64726_main_MSG_INACT_TIMEOUT=Connection inactivity timeout
+64727_main_MSG_INACT_TIMEOUT_LONG=The connection is kicked after a timeout.\^Specify in seconds.\^Leave blank to get no timeout.
+64728_main_MSG_CHANGES_LOST=All changes will be lost\^Continue?
+64729_main_MSG_FLAG_NEW=Flag new files
+64730_main_MSG_FLAG_NEW_LONG=Enter the number of MINUTES files stay flagged from their addition.\^Leave blank to disable.
+64731_main_MSG_DONT_LOG_MASK=Do not log address
+64732_main_MSG_DONT_LOG_MASK_LONG=Any event from the following IP address mask will be not logged.
+64733_main_MSG_CUST_IP=Custom IP addresses
+64734_main_MSG_CUST_IP_LONG=Specify your addresses, each per line
+64735_main_MSG_NO_EXT_IP=Can't find external address\^( %s )
+64736_main_MSG_TENTH_SEC=Tenths of second
+64737_main_MSG_LOADING_VFS=Loading VFS
+64738_main_MSG_VFS_OLD=This file is old and uses different settings.\^The "let browse" folder option will be reset.\^Re-saving the file will update its format.
+64739_main_MSG_UNK_FK=This file has been created with a newer version.\^Some data was discarded because unknown.\^If you save the file now, the discarded data will NOT be saved.
+64740_main_MSG_VIS_ONLY_ANON=This VFS file uses the "Visible only to anonymous users" feature.\^This feature is not available anymore.\^You can achieve similar results by restricting access to @anonymous,\^then enabling "List protected items only for allowed users".
+64741_main_MSG_AUTO_DISABLED=Because of the problems encountered in loading,\^automatic saving has been disabled\^until you save manually or load another one.
+64742_main_MSG_CORRUPTED=This file does not contain valid data.
+64743_main_MSG_MACROS_FOUND=!!!!!!!!! DANGER !!!!!!!!!\^This file contains macros.\^Don't accept macros from people you don't trust.\^\^Trust this file?
+64744_main_MSG_UPD_INFO=Last stable version: %s\^\^Last untested version: %s\^
+64745_main_MSG_NEWER=There's a new version available online: %s
+64746_main_MSG_SRC_UPD=Searching for updates...
+64747_main_ARE_EXPERT{1}=You are in Expert mode
+64748_main_ARE_EASY=You are in Easy mode
+64749_main_SW2EXPERT=Switch to Expert mode
+64750_main_SW2EASY=Switch to Easy mode
+64751_main_MSG_DL_TIMEOUT_LONG=Enter the number of MINUTES with no download after which the program automatically shuts down.\^Leave blank to get no timeout.
+64752_main_MSG_NEWER_INCOMP=This file has been created with a newer and incompatible version.
+64753_main_MSG_ZLIB=This file is corrupted (ZLIB).
+64754_main_MSG_BAKAVAILABLE=This file is corrupted but a backup is available.\^Continue with backup?
+64755_main_MSG_CANT_LOAD_SAVE=Cannot load or save while adding files
+64756_main_MSG_OPEN_VFS=Open VFS file
+64757_main_LIMIT{2}=Limit
+64758_main_TOP_SPEED=Top speed
+64759_main_MSG_MAX_BW=Max bandwidth (KB/s).
+64760_main_MSG_LIM0=Zero is an effective limit.\^To disable instead, leave empty.
+64761_main_MSG_MAX_BW_1=Max bandwidth for single address (KB/s).
+64762_main_MSG_GRAPH_RATE_MENU=Graph refresh rate: %d (tenths of second)
+64763_main_MSG_MAX_CON_LONG=Max simultaneous connections to serve.\^Most people don't know this function well, and have problems. If you are unsure, please use the "Max simultaneous downloads".
+64764_main_MSG_WARN_CONN=In this moment there are %d active connections
+64765_main_MSG_WARN_ACT_DL=In this moment there are %d active downloads
+64766_main_MSG_MAX_CON_SING_LONG=Max simultaneous connections to accept from a single IP address.\^Most people don't know this function well, and have problems. If you are unsure, please use the "Max simultaneous downloads from a single IP address".
+64767_main_MSG_GRAPH_RATE{1}=Graph refresh rate
+64768_main_MSG_VFS_DONT_CONS_DL_MASK=Don't consider as download (mask): %s
+64769_main_MSG_VFS_INHERITED= [inherited]
+64770_main_MSG_VFS_EXTERNAL= [external]
+64771_main_MSG_CON_HINT=Connection time: %s\^Last request time: %s\^Agent: %s
+64772_main_MSG_CON_STATE_IDLE=idle
+64773_main_MSG_CON_STATE_REQ=requesting
+64774_main_MSG_CON_STATE_RCV=receiving
+64775_main_MSG_CON_STATE_THINK=thinking
+64776_main_MSG_CON_STATE_REP=replying
+64777_main_MSG_CON_STATE_SEND=sending
+64778_main_MSG_CON_STATE_DISC=disconnected
+64779_main_MSG_TPL_RESET=The template has been reset
+64780_main_MSG_ALLO_REF=Allowed referer
+64781_main_MSG_ALLO_REF_LONG=Leave empty to disable this feature.\^Here you can specify a mask.\^When a file is requested, if the mask doesn't match the "Referer" HTTP field, the request is rejected.
+64782_main_MSG_BETTERSTOP=\^Going on may lead to problems.\^It is adviced to stop loading.\^Stop?
+64783_main_MSG_BADCRC=This file is corrupted (CRC).
+64784_main_MSG_VFS_HIDE_EMPTY=Hidden if empty
+64785_main_MSG_VFS_NOT_BROW=Not browsable
+64786_main_MSG_VFS_HIDE_EMPTY_FLD=Hide empty folders
+64787_main_MSG_VFS_HIDE_EXT=Hide extention
+64788_main_MSG_VFS_ARCABLE=Archivable
+64789_main_MSG_VFS_DEF_MASK=Default file mask: %s
+64790_main_MSG_VFS_ACCESS=Access for
+64791_main_MSG_VFS_UPLOAD=Upload allowed for
+64792_main_MSG_VFS_DELETE=Delete allowed for
+64793_main_MSG_VFS_COMMENT=Comment: %s
+64794_main_MSG_VFS_REALM=Realm: %s
+64795_main_MSG_VFS_DIFF_TPL=Diff template: %s
+64796_main_MSG_VFS_FILES_FLT=Files filter: %s
+64797_main_MSG_VFS_FLD_FLT=Folders filter: %s
+64798_main_MSG_VFS_UPL_FLT=Upload filter: %s
+64799_main_MSG_VFS_DONT_CONS_DL=Don't consider as download
+64800_main_IN_SPEED=In: %.1f KB/s
+64801_main_BANS=Ban rules: %d
+64802_main_MEMORY=Mem
+64803_main_CUST_TPL=Customized template
+64804_main_VFS_ITEMS=VFS: %d items
+64805_main_MSG_ITEM_EXISTS=%s item(s) already exists:\^%s\^\^Continue?
+64806_main_MSG_INSTALL_TPL=Install this template?
+64807_main_MSG_FOLDER_UPLOAD=Do you want ANYONE to be able to upload to this folder?
+64808_main_MSG_VFS_DRAG_INVIT=Drag your files here
+64809_main_MSG_VFS_URL=URL: %s
+64810_main_MSG_VFS_PATH=Path: %s
+64811_main_MSG_VFS_SIZE=Size: %s
+64812_main_MSG_VFS_DLS=Downloads: %s
+64813_main_MSG_VFS_INVISIBLE=Invisible
+64814_main_MSG_VFS_DL_FORB=Download forbidden
+64815_main_MSG_VFS_DONT_LOG=Don't log
+64816_main_MSG_UPD_DL=Downloading new version...
+64817_main_MSG_UPDATE=You are invited to use the new version.\^\^Update now?
+64818_main_MSG_REQUESTING=Requesting...
+64819_main_MSG_CHK_UPD=Checking for updates
+64820_main_MSG_CHK_UPD_FAIL=Check update: failed
+64821_main_MSG_CHK_UPD_HEAD=Check update: 
+64822_main_MSG_CHK_UPD_VER=new version found: %s
+64823_main_MSG_CHK_UPD_VER_EXT=Build #%s (current is #%s)
+64824_main_MSG_CHK_UPD_NONE=no new version
+64825_main_TO_CLIP=Copy to clipboard
+64826_main_ALREADY_CLIP=Already in clipboard
+64827_main_MSG_NO_SPACE=Out of space
+64828_main_CONN=Connections: %d
+64829_main_TOT_IN=Total In: %s
+64830_main_TOT_OUT{1}=Total Out: %s
+64831_main_OUT_SPEED=Out: %.1f KB/s
+64832_main_MSG_FILE_ADD_ABORT=File addition was aborted.\^The list of files is incomplete.
+64833_main_MSG_ADDING=Adding item #%d
+64834_main_MSG_INV_FILENAME=Invalid filename
+64835_main_MSG_DELETE=Delete?
+64836_main_AUTOSAVE=Auto save every: 
+64837_main_SECONDS=%d seconds
+64838_main_MSG_SPD_LIMIT_SING=Speed limit for single address
+64839_main_MSG_SPD_LIMIT=Speed limit
+64840_main_MSG_AUTO_SAVE=Auto-save %s
+64841_main_MSG_AUTO_SAVE_LONG=Auto-save %s.\^Specify in seconds.\^Leave blank to disable.
+64842_main_MSG_MIN=We don't accept less than %d
+64843_main_MSG_BAN=Your ban configuration may have been screwed up.\^Please verify it.
+64844_main_MSG_CANT_SAVE_OPT=Can't save options there.\^Should I try to save to user registry?
+64845_main_MSG_UPD_SAVE_ERROR=Cannot save the update
+64846_main_MSG_UPD_REQ_ONLY1=The auto-update feature cannot work because it requires the "Only 1 instance" option enabled.\^\^Your browser will now be pointed to the update, so you can install it manually.
+64847_main_MSG_UPD_WAIT=Waiting for last requests to be served, then we'll update
+64848_main_MSG_LOG_HEAD=Served head
+64849_main_MSG_LOG_NOT_MOD=Not modified, use cache
+64850_main_MSG_LOG_REDIR=Redirected to %s
+64851_main_MSG_LOG_NOT_SERVED=Not served: %d - %s
+64852_main_MSG_LOG_UPL=Uploading %s
+64853_main_MSG_LOG_UPLOADED=Fully uploaded %s - %s @ %sB/s
+64854_main_MSG_LOG_UPL_FAIL=Upload failed %s
+64855_main_MSG_LOG_DL=Fully downloaded - %s @ %sB/s - %s
+64856_main_MSG_LOGIN_FAILED=Login failed
+64857_main_MSG_MIN_DISK_REACHED=Minimum disk space reached.
+64858_main_MSG_UPL_NAME_FORB=File name or extension forbidden.
+64859_main_MSG_UPL_CANT_CREATE=Error creating file.
+64860_main_FINGERPRINT=Create fingerprint on addition under %d KB
+64861_main_NO_FINGERPRINT=Create fingerprint on addition: disabled
+64862_main_MSG_SAVE_VFS=Your current file system is not saved.\^Save it?
+64863_main_MSG_INP_COMMENT=Please insert a comment for "%s".\^You should use HTML: <br> for break line.
+64864_main_MSG_BAN_CMT=Ban comment
+64865_main_MSG_BAN_CMT_LONG=A comment for this ban...
+64866_main_MSG_BREAK_DYN_DNS=This option is NOT compatible with "dynamic dns updater".\^Continue?
+64867_main_MSG_CANT_OPEN_PORT=Cannot open port.
+64868_main_MSG_PORT_USED_BY=It is already used by %s
+64869_main_MSG_PORT_BLOCKED=Something is blocking, maybe your system firewall.
+64870_main_MSG_KICK_ALL=There are %d connections open.\^Do you want to close them now?
+64871_main_MSG_TPL_INCOMPATIBLE=The template you are trying to load is not compatible with current HFS version.\^HFS will now use default template.\^Ask on the forum if you need further help.
+64872_main_MSG_LOG_SERVER_START=Server start
+64873_main_MSG_LOG_SERVER_STOP=Server stop
+64874_main_MSG_LOG_CONNECTED=Connected
+64875_main_MSG_LOG_DISC_SRV=Disconnected by server
+64876_main_MSG_LOG_DISC=Disconnected
+64877_main_MSG_LOG_GOT=Got %d bytes
+64878_main_MSG_LOG_BYTES_SENT=%s bytes sent
+64879_main_MSG_LOG_SERVED=Served %s
+64880_main_MSG_DDNS_FAIL=DNS update failed: %s\^User intervention is required.
+64881_main_MSG_DDNS_REPLY_SIZE=%d bytes reply
+64882_main_MSG_DDNS_badauth=invalid user/password
+64883_main_MSG_DDNS_notfqdn=incomplete hostname, required form aaa.bbb.com
+64884_main_MSG_DDNS_nohost=specified hostname does not exist
+64885_main_MSG_DDNS_notyours=specified hostname belongs to another username
+64886_main_MSG_DDNS_numhost=too many or too few hosts found
+64887_main_MSG_DDNS_abuse=specified hostname is blocked for update abuse
+64888_main_MSG_DDNS_dnserr=server error
+64889_main_MSG_DDNS_911=server error
+64890_main_MSG_DDNS_notdonator=an option specified requires payment
+64891_main_MSG_DDNS_badagent=banned client
+64892_main_MSG_BAN_MASK=Ban IP mask
+64893_main_MSG_IP_MASK_LONG=You can edit the address.\^Masks and ranges are allowed.
+64894_main_MSG_KICK_ADDR=There are %d open connections from this address.\^Do you want to kick them all now?
+64895_main_MSG_BAN_ALREADY=This IP address is already banned
+64896_main_MSG_ADDRESSES_EXCEED=The following addresses exceed the limit:\^%s
+64897_main_MSG_NO_TEMP=Cannot save temporary file
+64898_main_MSG_ERROR_REGISTRY=Can't write to registry.\^You may lack necessary rights.
+64899_main_MSG_MANY_ITEMS=You are putting many files.\^Try using real folders instead of virtual folders.\^Read documentation or ask on the forum for help.
+64900_main_MSG_ADD_TO_HFS="Add to HFS" has been added to your Window's Explorer right-click menu.
+64901_main_MSG_SINGLE_INSTANCE=Sorry, this feature only works with the "Only 1 instance" option enabled.\^\^You can find this option under Menu -> Start/Exit\^(only in expert mode)
+64902_main_MSG_COMM_ERROR=Network error. Request failed.
+64903_main_MSG_CON_PAUSED=paused
+64904_main_MSG_CON_SENT=%s / %s sent
+64905_main_MSG_CON_RECEIVED=%s / %s received
+64906_main_MSG_DDNS_NO_REPLY=no reply
+64907_main_MSG_DDNS_OK=successful
+64908_main_MSG_DDNS_UNK=unknown reply: %s
+64909_main_MSG_DDNS_ERR=error: %s
+64910_main_MSG_DDNS_REQ=DNS update requested for %s: %s
+64911_main_MSG_DDNS_DOING=Updating dynamic DNS...
+64912_main_MSG_MAX_CON_SING=Max connections from single address
+64913_main_MSG_MAX_SIM_ADDR{1}=Max simultaneous addresses
+64914_main_MSG_MAX_SIM_ADDR_DL=Max simultaneous addresses downloading
+64915_main_MSG_MAX_SIM_DL_SING{2}=Max simultaneous downloads from single address
+64916_main_MSG_MAX_SIM_DL=Max simultaneous downloads
+64917_main_MSG_SET_LIMIT=Set limit
+64918_main_MSG_UNPROTECTED_LINKS=Links are NOT actually protected.\^The feature is there to be used with the "list protected items only..." option.\^Continue?
+64919_main_MSG_SAME_NAME=An item with the same name is already present in this folder.\^Continue?
+64920_main_MSG_CONTINUE=Continue?
+64921_main_MSG_PROCESSING=Processing...
+64922_main_MSG_SPEED_KBS=%.1f kB/s
+64923_main_MSG_OPTIONS_SAVED=Options saved
+64924_main_MSG_SOME_LOCKED=Some items were not affected because locked
+64925_main_MSG_ITEM_LOCKED=The item is locked
+64926_main_MSG_INVALID_VALUE=Invalid value
+64927_main_MSG_EMPTY_NO_LIMIT=Leave blank to get no limits.
+64935_classesLib_MSG_ANTIDOS_REPLY=Please wait, server busy
+64936_optionsDlg_MSG_INVERT_BAN=Normal behavior of the Ban is to prevent access to the addresses you specify (also called black-list).\^If you want the opposite, to allow the addresses that you specify (white-list), enter all addresses in a single row preceded by a \ character.\^\^Let say you want to allow all your 192.168 local network plus your office at 1.1.1.1.\^Just put this IP address mask: \192.168.*;1.1.1.1\^The opening \ character inverts the logic, so everything else is banned.\^\^If you want to know more about address masks, check the guide.
+64937_main_S_PORT_LABEL=Port: %s
+64938_main_S_PORT_ANY=any
+64939_main_DISABLED=disabled
+64940_main_S_OK=Ok
+64941_main_MSG_MENU_VAL= (%s)
+64942_main_MSG_DL_TIMEOUT{1}=No downloads timeout
+64943_main_MSG_MAX_CON=Max connections
+65046_OverbyteIcsHttpContCod_ERR_GETCODING_OVERRIDE=GetCoding must be overridden in %s
 65088_OverbyteIcsCharsetUtils_sHebrewISOVisual=Hebrew (ISO-Visual)
 65089_OverbyteIcsCharsetUtils_sHebrewWindows=Hebrew (Windows)
 65090_OverbyteIcsCharsetUtils_sJapaneseJIS=Japanese (JIS)
@@ -601,7 +742,6 @@ Panel1.Button2.Caption=&No
 65099_OverbyteIcsCharsetUtils_sVietnameseWindows=Vietnamese (Windows)
 65100_OverbyteIcsCharsetUtils_sWesternEuropeanISO=Western European (ISO)
 65101_OverbyteIcsCharsetUtils_sWesternEuropeanWindows=Western European (Windows)
-65102_OverbyteIcsHttpContCod_ERR_GETCODING_OVERRIDE=GetCoding must be overridden in %s
 65104_OverbyteIcsCharsetUtils_sBalticISO=Baltic (ISO)
 65105_OverbyteIcsCharsetUtils_sBalticWindows=Baltic (Windows)
 65106_OverbyteIcsCharsetUtils_sCentralEuropeanISO=Central European (ISO)

hslib.pas

@@ -1,5 +1,5 @@
 {
-Copyright (C) 2002-2014 Massimo Melina (www.rejetto.com)
+Copyright (C) 2002-2020 Massimo Melina (www.rejetto.com)
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -19,6 +19,7 @@ Copyright (C) 2002-2014 Massimo Melina (www.rejetto.com)
 HTTP Server Lib
 
 ==== TO DO
+* https
 * upload bandwidth control (can it be done without multi-threading?)
 
 }
@@ -29,7 +30,7 @@ unit HSlib;
 interface
 
 uses
-  OverbyteIcsWSocket, OverbyteIcsWSockets, classes, messages, winprocs, forms, extctrls, sysutils, system.contnrs, strUtils, winsock, inifiles, types;
+  OverbyteIcsWSocket, classes, messages, winprocs, forms, extctrls, sysutils, system.contnrs, strUtils, winsock, inifiles, types;
 
 const
   VERSION = '2.11.0';
@@ -156,6 +157,7 @@ type
     P_requestCount: integer;
     P_destroying: boolean;  // destroying is in progress
     P_sndBuf: integer;
+    P_v6: boolean;
     persistent: boolean;
     disconnecting: boolean; // disconnected() has been called
     lockCount: integer;     // prevent freeing of the object
@@ -204,7 +206,7 @@ type
     eventData: ansistring;
     ignoreSpeedLimit: boolean;
     limiters: TobjectList;     // every connection can be bound to a number of TspeedLimiter
-    constructor create(server:ThttpSrv);
+    constructor create(server:ThttpSrv; acceptingSock:Twsocket);
     destructor Destroy; override;
     procedure disconnect();
     procedure addHeader(s:ansistring; overwrite:boolean=TRUE); // set an additional header line. If overwrite=false will always append.
@@ -219,6 +221,7 @@ type
     function  initInputStream():boolean;
     property address:string read P_address;      // other peer ip address
     property port:string read P_port;            // other peer port
+    property v6:boolean read P_v6;
     property requestCount:integer read P_requestCount;
     property bytesToSend:int64 read getBytesToSend;
     property bytesToPost:int64 read getBytesToPost;
@@ -261,7 +264,7 @@ type
     procedure calculateSpeed();
     procedure processDisconnecting();
   public
-    sock: TwsocketServer;     // listening socket
+    sock, sock6: Twsocket;     // listening socket
     conns,          // full list of connected clients
     disconnecting,  // list of pending disconnections
     offlines,       // disconnected clients to be freed
@@ -290,7 +293,7 @@ const
   MINIMUM_CHUNK_SIZE = 2*1024;
   MAXIMUM_CHUNK_SIZE = 1024*1024;
   HRM2CODE: array [ThttpReplyMode] of integer = (200, 200, 403, 401, 404, 400,
-  	500, 0, 0, 405, 302, 503, 413, 301, 304 );
+  	500, 0, 0, 405, 302, 429, 413, 301, 304 );
   METHOD2STR: array [ThttpMethod] of ansistring = ('UNK','GET','POST','HEAD');
   HRM2STR: array [ThttpReplyMode] of ansistring = ('Head+Body', 'Head only', 'Deny',
     'Unauthorized', 'Not found', 'Bad request', 'Internal error', 'Close',
@@ -334,6 +337,7 @@ uses
   Windows, ansistrings;
 const
   CRLF = #13#10;
+  HEADER_LIMITER: ansistring = CRLF+CRLF;
   MAX_REQUEST_LENGTH = 64*1024;
   MAX_INPUT_BUFFER_LENGTH = 256*1024;
   // used as body content when the user did not specify any
@@ -349,7 +353,7 @@ const
     '',
     '405 - Method not allowed',
     '<html><head><meta http-equiv="refresh" content="url=%url%" /></head><body onload=''window.location="%url%"''>302 - <a href="%url%">Redirection to %url%</a></body></html>',
-    '503 - Server is overloaded, retry later',
+    '429 - Server is overloaded, retry later',
     '413 - The request has exceeded the max length allowed',
     '301 - Moved permanently to <a href="%url%">%url%</a>',
     '' // RFC2616: The 304 response MUST NOT contain a message-body
@@ -385,28 +389,11 @@ begin if c then result:=a else result:=b end;
 function min(a,b:integer):integer;
 begin if a < b then result:=a else result:=b end;
 
-// this table is to be used by ipos(), to be calculated once
-var
-  upcaseTab: array [char] of char;
 function ipos(ss, s: string; ofs:integer=1):integer; overload;
-
-  procedure initTab();
-  var
-    i: char;
-    tmp: string;
-  begin
-  for i:=#0 to #255 do
-    begin
-    tmp:=ansiUppercase(i);
-    upcaseTab[i]:=tmp[1];
-    end;
-  end;
-
 var
   rss, rs, rss1, p: pchar;
   l: integer;
 begin
-if upcaseTab[#1] = #0 then initTab();
 result:=0;
 l:=length(s);
 if (l < ofs) or (l = 0) or (ss = '') then exit;
@@ -418,7 +405,7 @@ for result:=ofs to l do
   begin
   rss:=rss1;
   p:=rs;
-  while (rss^ <> #0) and (rss^ = upcaseTab[p^]) do
+  while (rss^ <> #0) and (rss^ = upcase(p^)) do
     begin
     inc(rss);
     inc(p);
@@ -512,6 +499,43 @@ while i <= length(s) do
   end;
 end; // base64decode
 
+function validUTF8(s:rawbytestring):boolean;
+var
+  i, more, len: integer;
+  c: byte;
+begin
+len:=length(s);
+i:=0;
+while i < len do
+  begin
+  inc(i);
+  c:=ord(s[i]);
+  if c < $80 then
+    continue;
+  if c >= $FE then
+    exit(FALSE);
+  if c >= $F0 then
+    more:=3
+  else if c >= $E0 then
+    more:=2
+  else if c >= $C0 then
+    more:=1
+  else
+    exit(FALSE);
+  if i+more > len then
+    exit(FALSE);
+  while more > 0 do
+    begin
+    inc(i);
+    c:=ord(s[i]);
+    if (c < $80) or (c > $C0) then
+      exit(FALSE);
+    dec(more);
+    end;
+  end;
+result:=TRUE;
+end; // validUTF8
+
 function decodeURL(url:ansistring; utf8:boolean=TRUE):string;
 var
   i, j: integer;
@@ -531,10 +555,11 @@ while i<length(url) do
     url[j]:=url[i];
   end;
 setLength(url, j);
-if utf8 then
+if utf8 and validUTF8(url)  then
   begin
   result:=utf8ToString(url);
-  if result='' then  // if the string is not UTF8 compliant, the result is empty
+  // if the string is not UTF8 compliant, the result is empty, or sometimes same length (but ruined)
+  if (result='') or (length(result)=length(url)) then
     result:=url;
   end
 else
@@ -554,7 +579,8 @@ if url = '' then
 encodeHTML:=[];
 if nonascii then
   encodeHTML:=[#128..#255];
-encodePerc:=[#0..#31,'#','%','?','"','''','&','<','>',':'];
+encodePerc:=[#0..#31,'#','%','?','"','''','&','<','>',':',
+  ',',';']; // these for content-disposition
 // actually ':' needs encoding only in relative url
 if spaces then include(encodePerc,' ');
 if not htmlEncoding then
@@ -651,7 +677,7 @@ end; // chopline
 
 function chopLine(var s:ansistring):ansistring; overload;
 begin
-result:=chop(pos(#10,s),1,s);
+result:=chop(#10,s);
 if (result>'') and (result[length(result)]=#13) then
   setlength(result, length(result)-1);
 end; // chopline
@@ -673,16 +699,12 @@ try
   result:=TRUE;
 
   if onAddress = '*' then
-    try
-      sock.MultiListenSockets.Clear();
-      with sock.MultiListenSockets.Add do
+    with sock6 do
       begin
       addr:='::';
-        Port := sock.port
+      Port:=sock.port;
+      try listen except end;
       end;
-      sock.MultiListen();
-    except end;
-
   notify(HE_OPEN, NIL);
 except
   end;
@@ -692,21 +714,24 @@ procedure ThttpSrv.stop();
 begin
 if sock = NIL then exit;
 try sock.Close() except end;
-try sock.multiListenSockets.clear() except end;
+try sock6.Close() except end;
 end;
 
 procedure ThttpSrv.connected(Sender: TObject; Error: Word);
-begin if error=0 then ThttpConn.create(self) end;
+begin if error=0 then ThttpConn.create(self, sender as Twsocket) end;
 
 procedure ThttpSrv.disconnected(Sender: TObject; Error: Word);
 begin notify(HE_CLOSE, NIL) end;
 
 constructor ThttpSrv.create();
 begin
-sock:=TWSocketServer.create(NIL);
+sock:=TWSocket.create(NIL);
 sock.OnSessionAvailable:=connected;
 sock.OnSessionClosed:=disconnected;
 sock.OnBgException:=bgexception;
+sock6:=TWSocket.create(NIL);
+sock6.OnSessionAvailable:=connected;
+sock6.OnBgException:=bgexception;
 
 conns:=TobjectList.create;
 conns.OwnsObjects:=FALSE;
@@ -852,7 +877,6 @@ end; // timerEvent
 procedure ThttpSrv.notify(ev:ThttpEvent; conn:ThttpConn);
 begin
 if not assigned(onEvent) then exit;
-//if assigned(sock) then sock.pause();
 if assigned(conn) then
   begin
   inc(conn.lockCount);
@@ -938,13 +962,13 @@ begin canClose:=FALSE end;
 
 ////////// CLIENT
 
-constructor ThttpConn.create(server:ThttpSrv);
+constructor ThttpConn.create(server:ThttpSrv; acceptingSock:Twsocket);
 var
   i: integer;
 begin
 // init socket
 sock:=Twsocket.create(NIL);
-sock.Dup(server.sock.Accept);
+sock.Dup(acceptingSock.accept());
 sock.OnDataAvailable:=dataavailable;
 sock.OnSessionClosed:=disconnected;
 sock.onSendData:=senddata;
@@ -957,6 +981,7 @@ limiters:=TObjectList.create;
 limiters.ownsObjects:=FALSE;
 P_address:=sock.GetPeerAddr();
 P_port:=sock.GetPeerPort();
+P_v6:=pos(':', address) > 0;
 state:=HCS_IDLE;
 srv:=server;
 srv.conns.add(self);
@@ -1189,8 +1214,8 @@ procedure ThttpConn.processInputBuffer();
 
   var
     i: integer;
-    s, l, k, c: string;
-
+    s, l, k, v: ansistring;
+    ws: widestring;
   begin
     repeat
     { When the buffer is stuffed with file bytes only, we can avoid calling pos() and chop().
@@ -1231,11 +1256,12 @@ procedure ThttpConn.processInputBuffer();
       break;
       end;
     // we wait for the header to be complete
-    if posEx(CRLF+CRLF, buffer, i+length(post.boundary)) = 0 then break;
+    if posEx(HEADER_LIMITER, buffer, i+length(post.boundary)) = 0 then
+      break;
     handleLeftData(i);
     post.filename:='';
     post.data:='';
-    post.header:=chop(CRLF+CRLF, buffer);
+    post.header:=chop(HEADER_LIMITER, buffer);
     chopLine(post.header);
     // parse the header part
     s:=post.header;
@@ -1244,25 +1270,28 @@ procedure ThttpConn.processInputBuffer();
       l:=chopLine(s);
       if l = '' then continue;
       k:=chop(':', l);
-      if not sameText(k, 'Content-Disposition') then continue; // we are not interested in other fields
+      if not sameText(k, 'Content-Disposition') then // we are only interested in content-disposition: form-data
+        continue;
       k:=trim(chop(';', l));
-      if not sameText(k, 'form-data') then continue;
+      if not sameText(k, 'form-data') then
+        continue;
       while l > '' do
         begin
-        c:=chop(nonQuotedPos(';', l), l);
-        k:=UTF8toString(rawByteString(trim(chop('=', c))));
-        c:=UTF8toString(rawByteString(ansiDequotedStr(c,'"')));
+        v:=chop(nonQuotedPos(';', l), 1, l);
+        k:=trim(chop('=', v));
+        ws:=UTF8toString(ansiDequotedStr(v,'"'));
         if sameText(k, 'filename') then
           begin
-          delete(c, 1, lastDelimiter('/\',c));
-          post.filename:=c;
-          end;
-        if sameText(k, 'name') then
-          post.varname:=c;
+          delete(ws, 1, lastDelimiter('/\',ws));
+          post.filename:=ws;
+          end
+        else if sameText(k, 'name') then
+          post.varname:=ws;
         end;
       end;
     lastPostItemPos:=bytesPosted-length(buffer);
-    if post.filename = '' then continue;
+    if post.filename = '' then
+      continue;
     firstPostFile:=FALSE;
     tryNotify(HE_POST_FILE);
     until false;
@@ -1346,7 +1375,7 @@ if buffer = '' then exit;
 if state = HCS_IDLE then
   begin
   state:=HCS_REQUESTING;
-  reply.contentType:='text/html';
+  reply.contentType:='text/html; charset=utf-8';
   notify(HE_REQUESTING);
   end;
 case state of
@@ -1364,7 +1393,7 @@ notify(HE_REQUESTED);
 if not initInputStream() then
   begin
   reply.mode:=HRM_INTERNAL_ERROR;
-  reply.contentType:='text/html';
+  reply.contentType:='text/html; charset=utf-8';
   notify(HE_CANT_OPEN_FILE);
   end;
 notify(HE_STREAM_READY);
@@ -1570,7 +1599,7 @@ end; // initInputStream
 
 function ThttpConn.sendNextChunk(max:integer=MAXINT):integer;
 var
-  n: int64;
+  n, toSend: int64;
   buf: ansistring;
 begin
 result:=0;
@@ -1582,7 +1611,8 @@ if (n = 0) or (bytesSentLastItem = 0) then n:=max;
 if n > MAXIMUM_CHUNK_SIZE then n:=MAXIMUM_CHUNK_SIZE;
 if n < MINIMUM_CHUNK_SIZE then n:=MINIMUM_CHUNK_SIZE;
 if n > max then n:=max;
-if n > bytesToSend then n:=bytesToSend;
+toSend:=bytesToSend;
+if n > toSend then n:=toSend;
 if n = 0 then exit;
 setLength(buf, n);
 n:=stream.read(buf[1], n);

invertban.txt

@@ -1,8 +0,0 @@
-Normal behavior of the Ban is to prevent access to the addresses you specify (also called black-list).
-If you want the opposite, to allow the addresses that you specify (white-list), enter all addresses in a single row preceded by a \ character.
-
-Let say you want to allow all your 192.168 local network plus your office at 1.1.1.1.
-Just put this IP address mask: \192.168.*;1.1.1.1
-The opening \ character inverts the logic, so everything else is banned.
-
-If you want to know more about address masks, check the guide.

main.dfm

@@ -2,7 +2,7 @@ object mainFrm: TmainFrm
   Left = 293
   Top = 219
   Caption = 'HFS ~ HTTP File Server'
-  ClientHeight = 483
+  ClientHeight = 436
   ClientWidth = 879
   Color = clBtnFace
   Constraints.MinHeight = 260
@@ -218,7 +218,7 @@ object mainFrm: TmainFrm
     Left = 0
     Top = 83
     Width = 879
-    Height = 400
+    Height = 353
     Align = alClient
     BevelOuter = bvNone
     Font.Charset = DEFAULT_CHARSET
@@ -231,7 +231,7 @@ object mainFrm: TmainFrm
     object splitV: TSplitter
       Left = 313
       Top = 0
-      Height = 289
+      Height = 242
       Beveled = True
       Constraints.MaxWidth = 3
       Constraints.MinWidth = 3
@@ -241,7 +241,7 @@ object mainFrm: TmainFrm
     end
     object splitH: TSplitter
       Left = 0
-      Top = 289
+      Top = 242
       Width = 879
       Height = 5
       Cursor = crVSplit
@@ -257,7 +257,7 @@ object mainFrm: TmainFrm
       Left = 316
       Top = 0
       Width = 563
-      Height = 289
+      Height = 242
       Align = alClient
       BevelOuter = bvNone
       TabOrder = 1
@@ -265,7 +265,7 @@ object mainFrm: TmainFrm
         Left = 0
         Top = 23
         Width = 563
-        Height = 266
+        Height = 219
         Align = alClient
         Font.Charset = ANSI_CHARSET
         Font.Color = clWindowText
@@ -557,7 +557,7 @@ object mainFrm: TmainFrm
       Left = 0
       Top = 0
       Width = 313
-      Height = 289
+      Height = 242
       Align = alLeft
       BevelOuter = bvNone
       Caption = 'filesPnl'
@@ -566,7 +566,7 @@ object mainFrm: TmainFrm
         Left = 0
         Top = 23
         Width = 313
-        Height = 266
+        Height = 219
         Align = alClient
         BevelInner = bvLowered
         BevelOuter = bvSpace
@@ -616,7 +616,7 @@ object mainFrm: TmainFrm
     end
     object connPnl: TPanel
       Left = 0
-      Top = 294
+      Top = 247
       Width = 879
       Height = 106
       Align = alBottom
@@ -749,6 +749,13 @@ object mainFrm: TmainFrm
       AutoHotkeys = maManual
       Caption = 'Copy URL with password'
     end
+    object CopyURLwithdifferentaddress1: TMenuItem
+      Caption = 'Copy URL with different host address'
+    end
+    object CopyURLwithfingerprint1: TMenuItem
+      Caption = 'Copy URL with fingerprint'
+      OnClick = CopyURLwithfingerprint1Click
+    end
     object Browseit1: TMenuItem
       Caption = 'Browse it'
       ImageIndex = 26
@@ -785,13 +792,6 @@ object mainFrm: TmainFrm
     object N11: TMenuItem
       Caption = '-'
     end
-    object CopyURLwithdifferentaddress1: TMenuItem
-      Caption = 'Copy URL with different host address'
-    end
-    object CopyURLwithfingerprint1: TMenuItem
-      Caption = 'Copy URL with fingerprint'
-      OnClick = CopyURLwithfingerprint1Click
-    end
     object Purge1: TMenuItem
       Caption = 'Purge...'
       OnClick = Purge1Click
@@ -2963,10 +2963,6 @@ object mainFrm: TmainFrm
         AutoCheck = True
         Caption = 'Enable macros.log'
       end
-      object Appendmacroslog1: TMenuItem
-        AutoCheck = True
-        Caption = 'Append macros.log'
-      end
       object Runscript1: TMenuItem
         Caption = 'Run script...'
         OnClick = Runscript1Click

notes.txt

@@ -1,62 +0,0 @@
-=== 4GB+ FILES DOWNLOAD SUPPORT 
-Reget Deluxe 4.1
-MetaProducts Download Express 1.7
-Getright
-Firefox 2.0
-
-=== 2GB+ FILES UPLOAD SUPPORT
-firefox 3.0: no
-
-=== HOW TO CREATE BIG FILES
-fsutil file createnew <filename> <filesize>
-
-=== HOW TO DOWNLOAD WITH NO DISK ACTIVITY (SPEED TEST)
-create a big file as above
-then download this way: wget -q -O nul http://localhost/big
-
-=== SUBMITTED TO
-www.nonags.com
-www.sharewareconnection.com
-
-=== LISTED ON
-www.sofotex.com
-www.download3000.com
-www.onekit.com
-www.all4you.dk/FreewareWorld
-www.snapfiles.com
-sourceforge
-www.freedownloadscenter.com
-download.freenet.de
-www.softonic.com
-www.portablefreeware.com
-www.download.com
-www.freewarepub.org
-www.handyarchive.com
-www.softpedia.com
-www.acidfiles.com
-www.fileedge.com
-www.freewarepark.com
-
-=== REVIEWS
-http://www.technospot.net/blogs/host-a-web-server-on-your-home-pc/
-http://www.snapfiles.com/get/hfs.html
-http://www.downloadsquad.com/2006/05/24/hft-quick-and-easy-http-file-server/
-http://www.caseytech.com/how-to-host-a-web-site-from-your-computer/
-http://www.chip.de/downloads/c1_downloads_29480524.html
-http://blog.pcserenity.com/2009/01/easy-conten-sharing-with-windows.html
-http://hfs.onehelp.ch
-http://www.lanacion.com.ar/nota.asp?nota_id=1148507
-http://blogmotion.fr/systeme/partage-windows-hfs-3947
-ita
-http://lafabbricadibyte.wordpress.com/2007/05/01/hfs-file-server-http-gratuito-per-windows/
-http://server.html.it/articoli/leggi/2335/hfs-file-sharing-via-http/
-
-=== OTHER SOFTWARE BASED ON HFS
-http://www.wrinx.com/products/pfs/
-  commercial, licensed
-http://www.powernetservers.com/pnwfs.php
-  commercial, probably unlicensed
-
-=== INSTALLABLE PLUGINS
-log links usage 
-    http://www.rejetto.com/forum/index.php/topic,7765.msg1047258.html#msg1047258

optionsDlg.dfm

@@ -222,9 +222,9 @@ object optionsFrm: ToptionsFrm
           Top = 106
           Width = 198
           Height = 22
-          EditLabel.Width = 111
+          EditLabel.Width = 105
           EditLabel.Height = 14
-          EditLabel.Caption = 'After ~login, redirect to'
+          EditLabel.Caption = 'After login, redirect to'
           TabOrder = 4
           OnChange = redirBoxChange
         end

optionsDlg.pas

@@ -834,7 +834,16 @@ procedure ToptionsFrm.okBtnClick(Sender: TObject);
 begin if saveValues() then close() end;
 
 procedure ToptionsFrm.Button1Click(Sender: TObject);
-begin msgDlg(getRes('invertBan')) end;
+resourcestring MSG_INVERT_BAN =
+  'Normal behavior of the Ban is to prevent access to the addresses you specify (also called black-list).'
+  +#13'If you want the opposite, to allow the addresses that you specify (white-list), enter all addresses in a single row preceded by a \ character.'
+  +#13
+  +#13'Let say you want to allow all your 192.168 local network plus your office at 1.1.1.1.'
+  +#13'Just put this IP address mask: \192.168.*;1.1.1.1'
+  +#13'The opening \ character inverts the logic, so everything else is banned.'
+  +#13
+  +#13'If you want to know more about address masks, check the guide.';
+begin msgDlg(MSG_INVERT_BAN) end;
 
 procedure ToptionsFrm.groupsBtnClick(Sender: TObject);
 var

scriptLib.pas

@@ -1,5 +1,5 @@
 {
-Copyright (C) 2002-2012  Massimo Melina (www.rejetto.com)
+Copyright (C) 2002-2020  Massimo Melina (www.rejetto.com)
 
 This file is part of HFS ~ HTTP File Server.
 
@@ -67,6 +67,8 @@ s:='';
 if ts then
     s:='<hr>'+dateTimeToStr(now())+CRLF;
 s:=s+#13'<dt>'+htmlEncode(textIn)+'</dt><dd>'+htmlEncode(textOut)+'</dd>';
+if sizeOfFile(MACROS_LOG_FILE) = 0 then
+  s:=HEADER+s;
 result:=appendTextFile(MACROS_LOG_FILE, s);
 end; // macrosLog
 
@@ -159,16 +161,18 @@ var
   procedure deprecatedMacro(what:string=''; instead:string='');
   begin mainfrm.add2log('WARNING, deprecated macro: '+first(what, name)+nonEmptyConcat(' - Use instead: ',instead), NIL, clRed) end;
 
+  procedure unsatisfied(b:boolean=TRUE);
+  begin
+  if b then
+    macroError('cannot be used here')
+  end;
+
   function satisfied(p:pointer):boolean;
   begin
   result:=assigned(p);
-  if not result then
-    macroError('cannot be used here');
+  unsatisfied(not result);
   end;
 
-  procedure unsatisfied(b:boolean=TRUE);
-  begin if b then macroError('cannot be used here') end;
-
   function parEx(idx:integer; name:string=''; doTrim:boolean=TRUE):string; overload;
   var
     i: integer;
@@ -260,9 +264,9 @@ var
     result:=staticVars;
     delete(varname,1,length(G_VAR_PREFIX));
     end
-  else if satisfied(md.cd) then
+  else if assigned(md.cd) then
     result:=md.cd.vars
-  else if satisfied(md.tempVars) then
+  else if assigned(md.tempVars) then
     result:=md.tempVars
   else
     raise Exception.create('no namespace available');
@@ -291,7 +295,7 @@ var
   if not satisfied(space) then exit;
   i:=space.indexOfName(varname);
   if i < 0 then
-    if value = '' then exit // all is good the way it is
+    if value = '' then exit(TRUE) // all is good the way it is
     else i:=space.add(varname+'='+value)
   else
     if value > '' then // in case of empty value, there's no need to assign, because we are going to delete it (after we cleared the bound object)
@@ -455,7 +459,8 @@ var
     vars: Tstrings;
     s: string;
   begin
-  if not satisfied(md.cd) then exit;
+  if not satisfied(md.cd) then
+    exit;
   try
     result:=md.cd.conn.request.url;
     if pars.count < 2 then exit;
@@ -657,16 +662,40 @@ var
 
   procedure inc_(v:integer=+1);
   begin
+  try
+    setVar(p, intToStr(strToIntDef(getVar(p),0)+v*parI(1,1)));
     result:='';
-  try setVar(p, intToStr(strToIntDef(getVar(p),0)+v*parI(1,1))) except end;
+  except
+    end;
   end; // inc_
 
   procedure convert();
+  var
+    dst, s: string;
+    c: ansichar;
   begin
-  if sameText(p, 'ansi') and sameText(par(1), 'utf-8') then
-    result:=ansiToUTF8(ansistring(par(2)))
-  else if sameText(p, 'utf-8') and sameText(par(1), 'ansi') then
-    result:=utf8ToAnsi(ansistring(par(2)))
+  dst:=par(1);
+  s:=par(2);
+  if sameText(p, 'ansi') and sameText(dst, 'utf-8') then
+    result:=string(ansiToUTF8(ansistring(s)))
+  else if sameText(p, 'utf-8') then
+    if sameText(dst, 'ansi') then
+      result:=utf8ToAnsi(ansistring(s))
+    else if dst='dec' then
+      begin
+      result:='';
+      for c in UTF8encode(s) do
+        result:=result+intToStr(ord(c))+',';
+      setLength(result, length(result)-1);
+      end
+    else if dst='hex' then
+      begin
+      result:='';
+      for c in UTF8encode(s) do
+        result:=result+intToHex(ord(c));
+      end;
+  if isFalse(par('macros')) then
+    result:=noMacrosAllowed(result);
   end; // convert
 
   procedure encodeuri();
@@ -921,6 +950,37 @@ var
     finally free end;
   end; // foreach
 
+  procedure forLine();
+  var
+    lines: TStringList;
+    line, code, run: string;
+    i: integer;
+  begin
+  code:=macroDequote(par(pars.count-1));
+  lines:=TStringList.create();
+  with TfastStringAppend.create do
+    try
+      lines.text:= getVar(par('var'));
+      for line in lines do
+        begin
+        i:=pos('=',line);
+        if i > 0 then
+          begin
+          setVar('line-key', Copy(line, 1, i-1));
+          setVar('line-value', Copy(line, i+1, MAXINT));
+          end;
+        setVar('line', line);
+        run:=code;
+        applyMacrosAndSymbols(run, cbMacros, cbData);
+        append(run);
+        end;
+      result:=reset();
+    finally
+      Free;
+      lines.Free;
+      end;
+  end; //forLine
+
   procedure for_();
   var
     b, e, i, d: integer;
@@ -1044,6 +1104,7 @@ var
   procedure load(fn:string; varname:string='');
   var
     from, size: int64;
+    s: ansistring;
   begin
   result:='';
   from:=parI('from', 0);
@@ -1062,11 +1123,17 @@ var
     try result:=httpGet(fn, from, size)
     except result:='' end
   else
-    result:=loadFile(uri2diskMaybe(fn), from, size);
+    begin
+    s:=loadFile(uri2diskMaybe(fn), from, size);
+    result:=UTF8ToString(s);
+    if result = '' then
+      result:=s;
+    end;
 
   if varname = '' then
     begin
-    if anyCharIn('/\',fn) then result:=macroQuote(result);
+    if anyCharIn('/\',fn) then
+      result:=macroQuote(result);
     exit;
     end;
   if ansiStartsStr(ENCODED_TABLE_HEADER, result) then
@@ -1165,19 +1232,19 @@ var
       'information=64'
     );
   var
-    i, j, code: integer;
+    code: integer;
     decode: TStringDynArray;
-    s: string;
+    s, d: string;
     buttons, icon: boolean;
   begin
   decode:=split(' ',par(1));
   code:=0;
-  for i:=0 to length(decode)-1 do
-    for j:=1 to length(STR2CODE) do
+  for d in decode do
+    for s in STR2CODE do
+      if startsStr(d+'=', s) then
         begin
-      s:=STR2CODE[j];
-      if ansiStartsStr(decode[i], s) then
-        inc(code, strToIntDef(substr(s, 1+pos('=',s)), 0));
+        inc(code, strToIntDef(substr(s, 2+d.length), 0));
+        Break
         end;
   buttons:=code AND 15 > 0;
   icon:=code SHR 4 > 0;
@@ -1307,19 +1374,20 @@ var
   if not satisfied(space) then exit;
   // set the table variable as text
   v:=par(1);
-  space.values[p]:=nonEmptyConcat('', space.values[p], CRLF)+v;
   // access the table object
   i:=space.indexOfName(p);
-  h:=space.objects[i] as THashedStringList;
-  if h = NIL then
+  if i < 0 then
     begin
     h:=ThashedStringList.create();
-    space.objects[i]:=h;
-    end;
+    space.AddPair(p, v, h);
+    end
+  else
+    h:=space.objects[i] as THashedStringList;
   // fill the object
   k:=chop('=',v);
   v:=macroDequote(v);
   h.values[k]:=v;
+  space.values[p]:=h.text;
   end; // setTable
 
   procedure disconnect();
@@ -1412,7 +1480,8 @@ var
     exit;
     end;
   a:=findEnabledLinkedAccount(a, split(';',s));
-  if assigned(a) then result:=a.user;
+  if assigned(a) then
+    result:=a.user;
   end; // memberOf
 
   procedure canArchive(f:Tfile);
@@ -1872,9 +1941,15 @@ try
       disconnect();
 
     if name = 'stop server' then
+      begin
       stopServer();
+      exit('');
+      end;
     if name = 'start server' then
+      begin
       startServer();
+      exit('');
+      end;
 
 
     if name = 'focus' then
@@ -1891,10 +1966,7 @@ try
       begin
       try
         if isFalse(parEx('if')) then
-          begin
-          result:='';
-          exit;
-          end;
+          exit('');
       except end;
       result:=md.cd.disconnectReason; // return the previous state
       if pars.count > 0 then md.cd.disconnectReason:=p;
@@ -1929,13 +2001,19 @@ try
       result:=jsEncode(p, first(par(1),'''"'));
 
     if name = 'base64' then
-      result:=base64encode(UTF8encode(p));
+      result:=string(base64encode(UTF8encode(p)));
     if name = 'base64decode' then
+      begin
       result:=utf8ToString(base64decode(ansistring(p)));
+      if isFalse(par('macros')) then
+        result:=noMacrosAllowed(result);
+      end;
     if name = 'md5' then
       result:=strMD5(p);
     if name = 'sha1' then
       result:=strSHA1(p);
+    if name = 'sha256' then
+      result:=strSHA256(p);
 
     if name = 'vfs select' then
       if pars.count = 0 then
@@ -2008,7 +2086,7 @@ try
       encodeuri();
 
     if name = 'decodeuri' then
-      result:=decodeURL(ansistring(p));
+      result:=noMacrosAllowed(decodeURL(ansistring(p)));
 
     if name = 'set cfg' then
       trueIf(mainfrm.setcfg(p));
@@ -2425,8 +2503,12 @@ try
       minOrMax();
 
     if stringExists(name, ['if','if not']) then
-      if isFalse(p) xor (length(name) > 2) then result:=macroDequote(par(2))
+      begin
+      try p:=getVar(parEx('var'));
+      except end;
+      if isTrue(p) xor (length(name) = 2) then result:=macroDequote(par(2))
       else result:=macroDequote(par(1));
+      end;
 
     if stringExists(name, ['=','>','>=','<','<=','<>','!=']) then
       trueIf(compare(name, p, par(1)));
@@ -2442,6 +2524,9 @@ try
     if name = 'cut' then
       cut();
 
+    if name ='for line' then
+      forLine();
+
     if pars.count < 3 then exit; // from here, only macros with at least 3 parameters
 
     if name ='for each' then

todo.txt

@@ -1,11 +1,11 @@
+- update doesn't work without 'only 1 instance' (it's the -q)
 + replace shellExtDlg.gif with transparent png (english system)
++ self-test supporting https
 + expiring links
 * dismiss regexp lib http://docwiki.embarcadero.com/Libraries/Rio/en/System.RegularExpressions.TRegEx
-+ ipv6
 + load *.events
 + url auth limited to resource
 + global limit speed for downloads (browsing excluded)
-+ [tpl id] [SECTION|for-tpl=MASK]
 * consider letting comment "protected" files. Can it really cause harm?
 * flag to enable lnk files in a folder (disabled by default)
 + sign exe http://www.rejetto.com/forum/hfs-~-http-file-server/'unsafe'/msg1061437/#msg1061437
@@ -24,13 +24,20 @@
 + macros missing to cache a folder: {.reply|content=|var=|code=|filename=|mime=.}
 - unexpected scripting behavior http://www.rejetto.com/forum/index.php/topic,9728.msg1054517.html#msg1054517
     in handleItem() translate only symbols, and run all macros at the end
+document: [section|ver=MASK|build=MIN-MAX|template=MASK]
+document: {.if|var}
+document: {.exec|out|timeout|exitcode.}
 document: [+section]
 document: {.set item|diff template.}
-document: single line diff templates
-document: disconnection reason|if=XXX
+document: {.add header|overwrite=0.}
+document: {.calc| ][ }
+document: single line diff templates (file path)
+document: {.disconnection reason|if=XXX.}
 document: %url%
 document: commands returning white space: add folder, save, set account, exec, mkdir, chdir, delete, rename, move copy, set
-document: dir, disk free, filetime, file changed, load tpl
+document: pipe, base64, base64decode, dir, disk free, filetime, file changed, load tpl, sha256, for line
+document {.convert|macros|dec|hex.}
+document: new event [login]
 + event to filter logging http://www.rejetto.com/forum/index.php/topic,9784.0.html
 - wrong browser http://www.rejetto.com/forum/index.php/topic,9710.0.html
     solution:
@@ -41,18 +48,14 @@ document: dir, disk free, filetime, file changed, load tpl
 + upload to non-browsable folder
 - android doesn't upload http://www.rejetto.com/forum/index.php/topic,9699.0/topicseen.html#msg1054287
 - android doesn't work with passwords http://www.rejetto.com/forum/index.php/topic,9575.msg1054029.html#msg1054029
-? default tpl: check with IE6
 ? default tpl: consider css data uri http://www.nczonline.net/blog/2010/07/06/data-uris-make-css-sprites-obsolete/
-+ default tpl: support for rawr thumbnails
-+ next VFS file format version should be XML-based
++ next VFS file format version should be text (yaml or json)
 + remove the "progress" from "log what", and use [progress|no log] instead
-? {.rename.} should update descript.ion
 + folder archive depth limit http://www.rejetto.com/forum/index.php/topic,8546.msg1050027.html#msg1050027
 ? in getPage() many %symbols% are translated in a way incompatible with {.section.}
 ? Windows Script Interfaces
 ? {.image|src=file|width=x|dst=outfile.}
-+ replace /~imgXX with ?mode=icon&id=XX
-+ user input through {.dialog.}
++ user input through {.dialog.} or similar
 + show missing files in VFS http://www.rejetto.com/forum/index.php/topic,8203.new.html
 * {.cache.} should be able to work on a simple variable
 + plugins system http://www.rejetto.com/wiki/index.php/HFS:_plugins_design
@@ -66,8 +69,6 @@ document: dir, disk free, filetime, file changed, load tpl
 + log event to filter www.rejetto.com/forum/?topic=7332.0
 ? integration with mediainfo.dll www.rejetto.com/forum/?topic=7329
 + folder archive log, just as for deletion http://www.rejetto.com/forum/index.php?topic=6904.msg1042974;topicseen#msg1042974
-- upload doesn't work on chinese folders with uneven length  www.rejetto.com/forum/?topic=5382
-- chinese problems since #161 www.rejetto.com/forum/?topic=5344
 - AV with RealVNC on hints by mouse hovering www.rejetto.com/forum/?topic=5261
 - N-Stalker can locally crash HFS
 - AV in #179 http://www.rejetto.com/forum/index.php?topic=5653.msg1033457#msg1033457  www.rejetto.com/forum/?topic=5681
@@ -94,7 +95,6 @@ document: dir, disk free, filetime, file changed, load tpl
 + make %list% available in every page
 + support for ALT+F4 with option "Minimize to tray clicking the close button" www.rejetto.com/forum/?topic=6351
 + replace and delete icons http://www.rejetto.com/forum/index.php?topic=6317.msg1038157#msg1038157
-+ self-test supporting https
 ? currently the delete permission is only inside a folder. you can't mark a file or delete the marked folder. is this ok?
 + when a link is protected (no access for this user) it may be displayed as a link to the %item-name%, then 401, and if login is successful provide a redirection
 + change folder/link/generic-file icons (via GUI, without editing the template)

upload_disabled.txt

@@ -1,5 +0,0 @@
-You selected a virtual folder.
-Upload is NOT available for virtual folders, only for real folders.
-
-=== How to get a real folder?
-Add a folder from your disk, then click on "Real Folder".

upload_how.txt

@@ -1,10 +0,0 @@
-1. Add a folder (choose "real folder") 
-
-You should now see a RED folder in your virtual file sytem, inside HFS 
-
-2. Right click on this folder
-3. Properties -> Permissions -> Upload
-4. Check on "Anyone"
-5. Ok 
-
-Now anyone who has access to your HFS server can upload files to you.

utillib.pas

@@ -1,5 +1,5 @@
 {
-Copyright (C) 2002-2012  Massimo Melina (www.rejetto.com)
+Copyright (C) 2002-2020  Massimo Melina (www.rejetto.com)
 
 This file is part of HFS ~ HTTP File Server.
 
@@ -44,6 +44,7 @@ type
   TnameExistsFun = function(user:string):boolean;
 
 procedure doNothing(); inline; // useful for readability
+function httpsCanWork():boolean;
 function accountExists(user:string; evenGroups:boolean=FALSE):boolean;
 function getAccount(user:string; evenGroups:boolean=FALSE):Paccount;
 function nodeToFile(n:TtreeNode):Tfile;
@@ -165,14 +166,14 @@ function replaceString(var ss:TStringDynArray; old, new:string):integer;
 function popString(var ss:TstringDynArray):string;
 procedure insertString(s:string; idx:integer; var ss:TStringDynArray);
 function removeString(var a:TStringDynArray; idx:integer; l:integer=1):boolean; overload;
-function removeString(find:string; var a:TStringDynArray):boolean; overload;
+function removeString(s:string; var a:TStringDynArray; onlyOnce:boolean=TRUE; ci:boolean=TRUE; keepOrder:boolean=TRUE):boolean; overload;
 procedure removeStrings(find:string; var a:TStringDynArray);
 procedure toggleString(s:string; var ss:TStringDynArray);
 function onlyString(s:string; ss:TStringDynArray):boolean;
 function addArray(var dst:TstringDynArray; src:array of string; where:integer=-1; srcOfs:integer=0; srcLn:integer=-1):integer;
 function removeArray(var src:TstringDynArray; toRemove:array of string):integer;
 function addUniqueArray(var a:TstringDynArray; b:array of string):integer;
-procedure uniqueStrings(var a:TstringDynArray);
+procedure uniqueStrings(var a:TstringDynArray; ci:Boolean=TRUE);
 function idxOf(s:string; a:array of string; isSorted:boolean=FALSE):integer;
 function stringExists(s:string; a:array of string; isSorted:boolean=FALSE):boolean;
 function listToArray(l:Tstrings):TstringDynArray;
@@ -254,6 +255,7 @@ function strSHA256(s:string):string;
 function strSHA1(s:string):string;
 function strMD5(s:string):string;
 function strToOem(s:string):ansistring;
+function strToBytes(s:ansistring):Tbytes;
 
 implementation
 
@@ -639,13 +641,14 @@ if i < 0 then addString(s, ss)
 else removeString(ss, i);
 end; // toggleString
 
-procedure uniqueStrings(var a:TstringDynArray);
+procedure uniqueStrings(var a:TstringDynArray; ci:Boolean=TRUE);
 var
   i, j: integer;
 begin
 for i:=length(a)-1 downto 1 do
   for j:=i-1 downto 0 do
-    if ansiCompareText(a[i], a[j]) = 0 then
+    if ci and SameText(a[i], a[j])
+    or not ci and (a[i] = a[j]) then
       begin
       removeString(a, i);
       break;
@@ -666,10 +669,6 @@ begin
   until false;
 end; // removeStrings
 
-// remove first instance of the specified string
-function removeString(find:string; var a:TStringDynArray):boolean;
-begin result:=removeString(a, idxOf(find,a)) end;
-
 function removeArray(var src:TstringDynArray; toRemove:array of string):integer;
 var
   i, l, ofs: integer;
@@ -743,6 +742,35 @@ while idx+l < length(a) do
 setLength(a, idx);
 end; // removestring
 
+function removeString(s:string; var a:TStringDynArray; onlyOnce:boolean=TRUE; ci:boolean=TRUE; keepOrder:boolean=TRUE):boolean; overload;
+var i, lessen:integer;
+begin
+result:=FALSE;
+if a = NIL then
+  exit;
+lessen:=0;
+try
+  for i:=length(a)-1 to 0 do
+    if ci and sameText(a[i], s)
+    or not ci and (a[i]=s) then
+      begin
+      result:=TRUE;
+      if keepOrder then
+        removeString(a, i)
+      else
+        begin
+        inc(lessen);
+        a[i]:=a[length(a)-lessen];
+        end;
+      if onlyOnce then
+        exit;
+      end;
+finally
+  if lessen > 0 then
+    setLength(a, length(a)-lessen);
+  end;
+end;
+
 function dotted(i:int64):string;
 begin
 result:=intToStr(i);
@@ -1212,14 +1240,8 @@ end;
 
 // exec but does not wait for the process to end
 function execNew(cmd:string):boolean;
-var
-  si: TStartupInfo;
-  pi: TProcessInformation;
 begin
-fillchar(si, sizeOf(si), 0);
-fillchar(pi, sizeOf(pi), 0);
-si.cb:=sizeOf(si);
-result:=createProcess(NIL,pchar(cmd),NIL,NIL,FALSE,0,NIL,NIL,si,pi)
+result:=32 < ShellExecute(0, nil, 'cmd.exe', pchar('/C '+cmd), nil, SW_SHOW);
 end; // execNew
 
 function addArray(var dst:TstringDynArray; src:array of string; where:integer=-1; srcOfs:integer=0; srcLn:integer=-1):integer;
@@ -1656,71 +1678,103 @@ result:=inputQueryLongdlg.ShowModal() = mrOk;
 if result then value:=inputQueryLongdlg.inputBox.Text;
 end; // inputQueryLong
 
+function dllIsPresent(name:string):boolean;
+var h: HMODULE;
+begin
+h:=LoadLibrary(@name);
+result:= h<>0;
+FreeLibrary(h);
+end;
+
+function httpsCanWork():boolean;
+const
+  files: array of string = ['libcrypto-1_1.dll','libssl-1_1.dll'];
+  baseUrl = 'http://rejetto.com/hfs/';
+  // these should be made resourcestring but then a runtime error is raised
+  MSG = 'An HTTPS action is required but some files are missing. Download them?';
+  MSG_OK = 'Download completed';
+  MSG_KO = 'Download failed';
+var
+  s: string;
+  missing: TStringDynArray;
+begin
+missing:=NIL;
+for s in files do
+  if not FileExists(s) and not dllIsPresent(s) then
+    addString(s, missing);
+if missing=NIL then
+  exit(TRUE);
+if msgDlg(MSG, MB_OKCANCEL+MB_ICONQUESTION) <> MROK then
+  exit(FALSE);
+for s in missing do
+  if not httpGetFile(baseUrl+s, s, 2, mainfrm.statusBarHttpGetUpdate) then
+    begin
+    msgDlg(MSG_KO, MB_ICONERROR);
+    exit(FALSE);
+    end;
+mainfrm.setStatusBarText(MSG_OK);
+result:=TRUE;
+end; // httpsCanWork
+
 function httpGet(url:string; from:int64=0; size:int64=-1):string;
 var
-  http: THttpCli;
   reply: Tstringstream;
 begin
 if size = 0 then
-  begin
-  result:='';
-  exit;
-  end;
+  exit('');
 reply:=TStringStream.Create('');
+with ThttpClient.createURL(url) do
   try
-  http:=Thttpcli.create(NIL);
-  try
-    http.URL:=url;
-    http.followRelocation:=TRUE;
-    http.rcvdStream:=reply;
-    http.agent:=HFS_HTTP_AGENT;
+    rcvdStream:=reply;
     if (from <> 0) or (size > 0) then
-      http.contentRangeBegin:=intToStr(from);
+      contentRangeBegin:=intToStr(from);
     if size > 0 then
-      http.contentRangeEnd:=intToStr(from+size-1);
-    http.get();
+      contentRangeEnd:=intToStr(from+size-1);
+    get();
     result:=reply.dataString;
-  finally http.free end
-finally reply.free end
+    if sameText('utf-8', reGet(ContentType, '; *charset=(.+) *($|;)')) then
+      Result:=UTF8ToString(result);
+  finally
+    reply.free;
+    Free;
+    end
 end; // httpGet
 
 function httpFileSize(url:string):int64;
-var
-  http: THttpCli;
 begin
-http:=Thttpcli.create(NIL);
+with ThttpClient.createURL(url) do
   try
-  http.URL:=url;
-  http.Agent:=HFS_HTTP_AGENT;
     try
-    http.head();
-    result:=http.contentLength
-  except result:=-1 end;
-finally http.free end
+      head();
+      result:=contentLength
+     except result:=-1
+      end;
+  finally free
+    end;
 end; // httpFileSize
 
 function httpGetFile(url, filename:string; tryTimes:integer=1; notify:TdocDataEvent=NIL):boolean;
 var
-  http: THttpCli;
-  reply: Tfilestream;
   supposed: integer;
+  reply: Tfilestream;
 begin
 reply:=TfileStream.Create(filename, fmCreate);
+with ThttpClient.createURL(url) do
   try
-  http:=Thttpcli.create(NIL);
-  try
-    http.URL:=url;
-    http.RcvdStream:=reply;
-    http.Agent:=HFS_HTTP_AGENT;
-    http.OnDocData:=notify;
+    rcvdStream:=reply;
+    onDocData:=notify;
     result:=TRUE;
-    try http.get()
-    except result:=FALSE end;
-    supposed:=http.ContentLength;
-  finally http.free end
-finally reply.free end;
+    try get()
+    except result:=FALSE
+      end;
+    supposed:=ContentLength;
+  finally
+    reply.free;
+    free;
+    end;
 result:= result and (sizeOfFile(filename)=supposed);
-if not result then deleteFile(filename);
+if not result then
+  deleteFile(filename);
 
 if not result and (tryTimes > 1) then
   result:=httpGetFile(url, filename, tryTimes-1, notify);
@@ -2062,7 +2116,8 @@ if to_ = NIL then
   end;
 l:=to_-from+1;
 setLength(result, l);
-if l > 0 then strLcopy(@result[1], from, l);
+if l > 0 then
+  strLcopy(@result[1], from, l);
 end; // getStr
 
 function poss(chars:TcharSet; s:string; ofs:integer=1):integer;
@@ -2165,7 +2220,7 @@ const
 var
   sa            : TSecurityAttributes;
   ReadPipe,WritePipe  : THandle;
-  start               : TStartUpInfoA;
+  start               : TStartUpInfoW;
   ProcessInfo         : TProcessInformation;
   Buffer              : Pansichar;
   TotalBytesRead,
@@ -2196,7 +2251,7 @@ else
   timeout:=now()+timeout/SECONDS;
 // Create a Console Child Process with redirected input and output
 try
-  if CreateProcessA(nil, PansiChar(ansistring(DosApp)), @sa, @sa, true, CREATE_NO_WINDOW or NORMAL_PRIORITY_CLASS, nil, nil, start, ProcessInfo) then
+  if CreateProcess(nil, PChar(dosApp), @sa, @sa, true, CREATE_NO_WINDOW or NORMAL_PRIORITY_CLASS, nil, nil, start, ProcessInfo) then
     repeat
     result:=TRUE;
     // wait for end of child process
@@ -2206,16 +2261,22 @@ try
     // so that the pipe is not blocked by an overflow. New information
     // can be written from the console app to the pipe only if there is
     // enough buffer space.
-    if not PeekNamedPipe(ReadPipe, @Buffer[TotalBytesRead], ReadBuffer,
-      @BytesRead, @TotalBytesAvail, @BytesLeftThisMessage ) then
-      break
-    else if BytesRead > 0 then
-      ReadFile(ReadPipe, Buffer[TotalBytesRead], BytesRead, BytesRead, nil );
+    if not PeekNamedPipe(ReadPipe, @Buffer[TotalBytesRead], ReadBuffer, @BytesRead, @TotalBytesAvail, @BytesLeftThisMessage )
+    or (BytesRead > 0) and not ReadFile(ReadPipe, Buffer[TotalBytesRead], BytesRead, BytesRead, nil ) then
+      break;
     inc(TotalBytesRead, BytesRead);
     until (Apprunning <> WAIT_TIMEOUT) or (now() >= timeout);
+  if IsTextUnicode(Buffer, TotalBytesRead, NIL) then
+    begin
+    Pchar(@Buffer[TotalBytesRead])^:= #0;
+    output:=pchar(Buffer)
+    end
+  else
+    begin
     Buffer[TotalBytesRead]:= #0;
-  OemToCharA(PansiChar(Buffer),Buffer);
+    OemToCharA(Buffer,Buffer);
     output:=string(ansistrings.strPas(Buffer));
+    end;
 finally
   GetExitCodeProcess(ProcessInfo.hProcess, exitcode);
   TerminateProcess(ProcessInfo.hProcess, 0);
@@ -2521,7 +2582,8 @@ var
   i:=mImp+dir;
     repeat
     j:=i+dir;
-    if (j > 0) and (j <= length(s)) and charInSet(s[j], ['0'..'9','.']) then
+    if (j > 0) and (j <= length(s))
+    and (charInSet(s[j], ['0'..'9','.','E']) or (j>1) and charInSet(s[j],['+','-']) and (s[j-1]='E')) then
       i:=j
     else
       break;
@@ -2551,6 +2613,7 @@ begin
       end;
 
     if (i = 1) // a starting operator is not an operator
+    or (s[i-1]='E') // exponential syntax
     or (v <= mImpV) // left-to-right precedence
     then continue;
     // we got a better one, record it
@@ -2880,7 +2943,7 @@ finally
   end;
 end; // deltree
 
-function str2bytes(s:ansistring):Tbytes;
+function strToBytes(s:ansistring):Tbytes;
 begin
 setLength(result, length(s));
 move(s[1], result[0], length(result));
@@ -2890,7 +2953,7 @@ function stringToGif(s:ansistring; gif:TgifImage=NIL):TgifImage;
 var
   ss: Tbytesstream;
 begin
-ss:=Tbytesstream.create(str2bytes(s));
+ss:=Tbytesstream.create(strToBytes(s));
 try
   if gif = NIL then
     gif:=TGIFImage.Create();

whatsnew.txt

@@ -12,16 +12,24 @@ propaganda
   Mobile-friendly template
   Unicode support
   Encrypted login, and logout
+  DoS protection
+  IPv6
 /propaganda
 + new default template
 + new login system, session based, with logout
++ IPv6 support
++ DoS protection https://rejetto.com/forum/index.php?topic=13060.msg1065962#msg1065962
 + {.set item|name.}
 + {.get item|icon.}
 + {.set cfg.}
++ {.for line.}
++ {.if|var}
 + cache for jquery and template sections
-+ new template commands: base64, base64decode, md5, sha1
++ new template commands: base64, base64decode, md5, sha1, sha256
 + *.diff.tpl in exe's folder
 + default mime-type for mkv
++ 'no list' section flag
++ https client support (not server)
 - fixed template handling of section names with both '+' and '=' present
 - fixed LNK files to deleted items
 - fixed comments files were not updated upon deletion of files
@@ -29,6 +37,7 @@ propaganda
 - fixed double "Content-Length" header on compressed pages
 - fixed log text base color not matching system settings http://rejetto.com/forum/index.php?topic=13233.0
 - fixed while renaming a file in the GUI, CTRL+C/V didn't work on the text
+- fixed diff tpl logic: an empty section will now override the inherited one
 
 VER 2.3m
 propaganda