Merge pull request #41 from divinity76/patch-1

warning about Delphi 10.4 Community being incompatible
2025-12-19 18:13:46 +01:00 · 2025-01-22 22:25:18 +01:00 · 2023-03-25 12:45:10 +01:00 · 2023-03-12 17:42:10 +01:00 · 2020-08-30 23:26:11 +02:00 · 2020-08-23 13:45:47 +02:00
17 changed files with 1671 additions and 1240 deletions
--- a/.gitignore
+++ b/.gitignore
@ -3,6 +3,7 @@ __history/
 __recovery/
 win32/
 .vscode/
 .idea/
 *.vfs
 *.dcu
 *.exe
--- a/README.md
+++ b/README.md
@ -1,5 +1,26 @@
 # Obsolete
 This is the repository of the old HFS.
 I'm working on HFS 3 on another repository. Check it out! 
 https://github.com/rejetto/hfs
 ## Introduction
 You can use HFS (HTTP File Server) to send and receive files.
 It's different from classic file sharing because it uses web technology.
 It also differs from classic web servers because it's very easy to use and runs "right out-of-the box".
 The virtual file system will allow you to easily share even one single file.
 ## Dev notes
 Initially developed in 2002 with Delphi 6, now with Delphi 10.3.3 (Community Edition).
 Icons are generated at http://fontello.com/ . Use fontello.json for further modifications.
 For the default template we are targeting compatibility with Chrome 49 as it's the latest version running on Windows XP.
 Warning: Delphi Community Edition 10.4 removed support for command-line compilation, and is thus unable to compile JEDI Code Library, and is thus unable to compile HFS2, ref [Community Edition no longer includes the command-line compilers](https://blogs.embarcadero.com/delphi-cbuilder-community-editions-now-available-in-version-10-4-2/#comment-1339) - meaning the last version of Community Edition cabale of compiling HFS2 is Delphi 10.3.x
 ## Libs used
 - [ICS v8.64](http://www.overbyte.be) by François PIETTE 
 - [TRegExpr v0.952b](https://github.com/andgineer/TRegExpr/releases) by Andrey V. Sorokin
 - [JEDI Code Library v2.7](https://github.com/project-jedi/jcl)
 - [Kryvich's Delphi Localizer v4.1](http://sites.google.com/site/kryvich)
--- a/classesLib.pas
+++ b/classesLib.pas
@ -1,5 +1,5 @@
 {
-Copyright (C) 2002-2012  Massimo Melina (www.rejetto.com)
+Copyright (C) 2002-2020  Massimo Melina (www.rejetto.com)
 This file is part of HFS ~ HTTP File Server.
@ -27,6 +27,16 @@ uses
  OverbyteIcsWSocket, OverbyteIcshttpProt;
 type
  TantiDos = class
  protected
    accepted: boolean;
    Paddress: string;
  public
    constructor create;
    destructor Destroy; override;
    function accept(conn:ThttpConn; address:string=''):boolean;
    end;
  TfastStringAppend = class
  protected
    buff: string;
@ -89,6 +99,7 @@ type
    constructor create;
    destructor Destroy; override;
    function addFile(src:string; dst:string=''; data:Tobject=NIL):boolean; virtual;
    function contains(src:string):boolean;
    function count():integer;
    procedure reset(); virtual;
    property totalSize:int64 read getTotal;
@ -139,7 +150,7 @@ type
  PtplSection = ^TtplSection;
  TtplSection = record
    name, txt: string;
-    nolog, nourl, cache: boolean;
+    nolog, public, noList, cache: boolean;
    ts: Tdatetime;
    end;
@ -192,7 +203,7 @@ type
  ThttpClient = class(TSslHttpCli)
    constructor Create(AOwner: TComponent); override;
-    destructor destroy;
+    destructor Destroy; override;
    class function createURL(url:string):ThttpClient;
    end;
@ -221,6 +232,70 @@ implementation
 uses
  utilLib, main, windows, dateUtils, forms;
 const folderConcurrents: integer = 0;
 const MAX_CONCURRENTS = 3;
 const ip2availability: Tdictionary<string,Tdatetime> = NIL;
 constructor TantiDos.create();
 begin
 accepted:=FALSE;
 end;
 function TantiDos.accept(conn:ThttpConn; address:string=''):boolean;
  procedure reject();
  resourcestring
    MSG_ANTIDOS_REPLY = 'Please wait, server busy';
  begin
  conn.reply.mode:=HRM_OVERLOAD;
  conn.addHeader(ansistring('Refresh: '+intToStr(1+random(2)))); // random for less collisions
  conn.reply.body:=UTF8Encode(MSG_ANTIDOS_REPLY);
  end;
 begin
 if address= '' then
  address:=conn.address;
 if ip2availability = NIL then
  ip2availability:=Tdictionary<string,Tdatetime>.create();
 try
  if ip2availability[address] > now() then // this specific address has to wait?
    begin
    reject();
    exit(FALSE);
    end;
 except
  end;
 if folderConcurrents >= MAX_CONCURRENTS then   // max number of concurrent folder loading, others are postponed
  begin
  reject();
  exit(FALSE);
  end;
 inc(folderConcurrents);
 Paddress:=address;
 ip2availability.AddOrSetValue(address, now()+1/HOURS);
 accepted:=TRUE;
 Result:=TRUE;
 end;
 destructor TantiDos.Destroy;
 var
  pair: Tpair<string,Tdatetime>;
  t: Tdatetime;
 begin
 if not accepted then
  exit;
 t:=now();
 if folderConcurrents = MAX_CONCURRENTS then // serving multiple addresses at max capacity, let's give a grace period for others
  ip2availability[Paddress]:=t + 1/SECONDS
 else
  ip2availability.Remove(Paddress);
 dec(folderConcurrents);
 // purge leftovers
 for pair in ip2availability do
  if pair.Value < t then
    ip2availability.Remove(pair.Key);
 end;
 class function ThttpClient.createURL(url:string):ThttpClient;
 begin
 if startsText('https://', url)
@ -238,11 +313,11 @@ agent:=HFS_HTTP_AGENT;
 SslContext := TSslContext.Create(NIL);
 end; // create
-destructor ThttpClient.destroy;
+destructor ThttpClient.Destroy;
 begin
 SslContext.free;
 SslContext:=NIl;
-inherited;
+inherited destroy;
 end;
 constructor TperIp.create();
@ -450,6 +525,16 @@ if cachedTotal < 0 then calculate();
 result:=cachedTotal;
 end; // getTotal
 function TarchiveStream.contains(src:string):boolean;
 var
  i: integer;
 begin
 for i:=0 to Length(flist)-1 do
  if flist[i].src = src then
    exit(TRUE);
 result:=FALSE;
 end;
 function TarchiveStream.addFile(src:string; dst:string=''; data:Tobject=NIL):boolean;
  function getMtime(fh:Thandle):int64;
@ -774,10 +859,12 @@ var
 var
  i, posBak: int64;
  n: integer;
 begin
 posBak:=pos;
 p:=@buffer;
-while (count > 0) and (cur < length(flist)) do
+n:=length(flist);
 while (count > 0) and (cur < n) do
  case where of
    TW_HEADER:
      begin
@ -941,7 +1028,7 @@ if sections.containsKey(section) then
  result:=sections[section]
 else
  result:=NIL;
-if inherit and assigned(over) and ((result = NIL) or (trim(result.txt) = '')) then
+if inherit and assigned(over) and (result = NIL) then
  result:=over.getSection(section);
 end; // getSection
@ -956,7 +1043,7 @@ else
 end; // getTxt
 function Ttpl.getTxtByExt(fileExt:string):string;
-begin result:=getTxt('file.'+fileExt) end;
+begin result:=getTxt('file'+fileExt) end;
 procedure Ttpl.fromString(txt:string);
 var
@ -1006,12 +1093,52 @@ var
  procedure saveInSection();
  var
    ss: TStringDynArray;
    s: string;
    i: integer;
    base: TtplSection;
    function parseFlagsAndAcceptSection(flags:TStringDynArray):boolean;
    var
      f, k, v, s: string;
      i: integer;
    begin
    for f in flags do
      begin
      i:=pos('=',f);
      if i = 0 then
        begin
        if f='no log' then
          base.nolog:=TRUE
        else if f='public' then
          base.public:=TRUE
        else if f='no list' then
          base.noList:=TRUE
        else if f='cache' then
          base.cache:=TRUE;
        Continue;
        end;
      k:=copy(f,1,i-1);
      v:=copy(f,i+1,MAXINT);
      if k = 'build' then
        begin
        s:=chop('-',v);
        if (v > '') and (VERSION_BUILD > v) // max
        or (s > '') and (VERSION_BUILD < s) then // min
          exit(FALSE);
        end
      else if k = 'ver' then
        if fileMatch(v, VERSION) then continue
        else exit(FALSE)
      else if k = 'template' then
        if fileMatch(v, getTill(#13,getTxt('template id'))) then continue
        else exit(FALSE)
      end;
    result:=TRUE;
    end;
  var
    ss: TStringDynArray;
    s, si: string;
    till: pchar;
-    append: boolean;
+    append, prepend, add: boolean;
    sect, from: PtplSection;
  begin
  till:=pred(bos);
@ -1019,44 +1146,49 @@ var
  if till^ = #10 then dec(till);
  if till^ = #13 then dec(till);
  base:=default(TtplSection);
  base.txt:=getStr(ptxt, till);
  // there may be flags after |
  s:=cur_section;
  cur_section:=chop('|', s);
  base.nolog:=ansiPos('no log', s) > 0;
  base.nourl:=ansiPos('private', s) > 0;
  base.cache:=ansiPos('cache', s) > 0;
  base.ts:=now();
  ss:=split('|',cur_section);
  cur_section:=popString(ss);
  if not parseFlagsAndAcceptSection(ss) then
    exit;
-  s:=cur_section;
+  prepend:=startsStr('^', cur_section);
-  append:=ansiStartsStr('+', s);
+  append:=startsStr('+', cur_section);
-  if append then
+  add:=prepend or append;
-    delete(s,1,1);
+  if add then
    delete(cur_section,1,1);
  // there may be several section names separated by =
-  ss:=split('=', s);
+  ss:=split('=', cur_section);
  // handle the main section specific case
-  if ss = NIL then addString('', ss);
+  if ss = NIL then
    addString('', ss);
  // assign to every name the same txt
-  for i:=0 to length(ss)-1 do
+  for si in ss do
    begin
-    s:=trim(ss[i]);
+    s:=trim(si);
    sect:=getSection(s, FALSE);
    from:=NIL;
    if sect = NIL then // not found
      begin
-      if append then
+      if add then
        from:=getSection(s);
      sect:=newSection(s);
      end
    else
-      if append then
+      if add then
        from:=sect;
    if from<>NIL then
      begin // inherit from it
-      sect.txt:=from.txt+base.txt;
+      if append then
        sect.txt:=from.txt+base.txt
      else
        sect.txt:=base.txt+CRLF+from.txt;
      sect.nolog:=from.nolog or base.nolog;
-      sect.nourl:=from.nourl or base.nourl;
+      sect.public:=from.public or base.public;
      sect.noList:=from.noList or base.noList;
      continue;
      end;
    sect^:=base;
@ -1065,13 +1197,12 @@ var
  end; // saveInSection
 const
-  BOM = #$EF#$BB#$BF;
+  UTF8_BOM = #$EF#$BB#$BF;
 var
  first: boolean;
 begin
-// this is used by some unicode files. at the moment we just ignore it.
+if ansiStartsStr(UTF8_BOM, txt) then
-if ansiStartsStr(BOM, txt) then
+  delete(txt, 1, length(UTF8_BOM));
  delete(txt, 1, length(BOM));
 if txt = '' then exit;
 src:=src+txt;
--- a/default.tpl
+++ b/default.tpl
--- a/defs.inc
+++ b/defs.inc
@ -1,3 +1,5 @@
 {$A+,B-,C+,E-,F-,G+,H+,I-,J+,K-,L+,M-,N+,O+,P+,Q-,R-,S-,T-,U-,V+,X+,Y+,Z1}
 {$DEFINE NOT STABLE }
 {$IFDEF STABLE }
  {$ASSERTIONS OFF}
--- a/notes.txt
+++ b/notes.txt
@ -1,9 +0,0 @@
 Initially developed with Delphi 6, now with Delphi 10.3.3
 Icons are generated at http://fontello.com/ . Use fontello.json for further modifications.
 === LIBS USED
 ICS v8.63 by François PIETTE http://www.overbyte.be
 TRegExpr v0.952 by Andrey V. Sorokin http://www.regexpstudio.com/TRegExpr/TRegExpr.html
 JEDI Code Library v2.7 https://github.com/project-jedi/jcl
 Kryvich's Delphi Localizer v4.1 http://sites.google.com/site/kryvich
--- a/hfs.dproj
+++ b/hfs.dproj
@ -206,9 +206,10 @@
            </Platforms>
            <ModelSupport>False</ModelSupport>
            <Deployment Version="3">
-                <DeployFile LocalName="hfs.exe" Configuration="Release" Class="ProjectOutput">
+                <DeployFile LocalName="hfs.dpr" Configuration="Release" Class="ProjectFile">
                    <Platform Name="Win32">
-                        <RemoteName>hfs.exe</RemoteName>
+                        <RemoteDir>.\</RemoteDir>
                        <Enabled>false</Enabled>
                        <Overwrite>true</Overwrite>
                    </Platform>
                </DeployFile>
@ -218,16 +219,15 @@
                        <Overwrite>true</Overwrite>
                    </Platform>
                </DeployFile>
-                <DeployFile LocalName="hfs.dpr" Configuration="Debug" Class="ProjectFile">
+                <DeployFile LocalName="hfs.exe" Configuration="Release" Class="ProjectOutput">
                    <Platform Name="Win32">
-                        <RemoteDir>.\</RemoteDir>
+                        <RemoteName>hfs.exe</RemoteName>
                        <Overwrite>true</Overwrite>
                    </Platform>
                </DeployFile>
-                <DeployFile LocalName="hfs.dpr" Configuration="Release" Class="ProjectFile">
+                <DeployFile LocalName="hfs.dpr" Configuration="Debug" Class="ProjectFile">
                    <Platform Name="Win32">
                        <RemoteDir>.\</RemoteDir>
                        <Enabled>false</Enabled>
                        <Overwrite>true</Overwrite>
                    </Platform>
                </DeployFile>
--- a/hfs.drc
+++ b/hfs.drc
@ -99,182 +99,182 @@
 #define main_SW2EXPERT 64749
 #define main_SW2EASY 64750
 #define main_MSG_DL_TIMEOUT_LONG 64751
-#define main_MSG_ZLIB 64752
+#define main_MSG_NEWER_INCOMP 64752
-#define main_MSG_BAKAVAILABLE 64753
+#define main_MSG_ZLIB 64753
-#define main_MSG_CANT_LOAD_SAVE 64754
+#define main_MSG_BAKAVAILABLE 64754
-#define main_MSG_OPEN_VFS 64755
+#define main_MSG_CANT_LOAD_SAVE 64755
-#define main_LIMIT 64756
+#define main_MSG_OPEN_VFS 64756
-#define main_TOP_SPEED 64757
+#define main_LIMIT 64757
-#define main_MSG_MAX_BW 64758
+#define main_TOP_SPEED 64758
-#define main_MSG_LIM0 64759
+#define main_MSG_MAX_BW 64759
-#define main_MSG_MAX_BW_1 64760
+#define main_MSG_LIM0 64760
-#define main_MSG_GRAPH_RATE_MENU 64761
+#define main_MSG_MAX_BW_1 64761
-#define main_MSG_MAX_SIM 64762
+#define main_MSG_GRAPH_RATE_MENU 64762
-#define main_MSG_WARN_CONN 64763
+#define main_MSG_MAX_CON_LONG 64763
-#define main_MSG_WARN_ACT_DL 64764
+#define main_MSG_WARN_CONN 64764
-#define main_MSG_MAX_SIM_SING 64765
+#define main_MSG_WARN_ACT_DL 64765
-#define main_MSG_MAX_SIM_DL_SING 64766
+#define main_MSG_MAX_CON_SING_LONG 64766
 #define main_MSG_GRAPH_RATE 64767
-#define main_MSG_CON_STATE_IDLE 64768
+#define main_MSG_VFS_DONT_CONS_DL_MASK 64768
-#define main_MSG_CON_STATE_REQ 64769
+#define main_MSG_VFS_INHERITED 64769
-#define main_MSG_CON_STATE_RCV 64770
+#define main_MSG_VFS_EXTERNAL 64770
-#define main_MSG_CON_STATE_THINK 64771
+#define main_MSG_CON_HINT 64771
-#define main_MSG_CON_STATE_REP 64772
+#define main_MSG_CON_STATE_IDLE 64772
-#define main_MSG_CON_STATE_SEND 64773
+#define main_MSG_CON_STATE_REQ 64773
-#define main_MSG_CON_STATE_DISC 64774
+#define main_MSG_CON_STATE_RCV 64774
-#define main_MSG_CON_PAUSED 64775
+#define main_MSG_CON_STATE_THINK 64775
-#define main_MSG_CON_SENT 64776
+#define main_MSG_CON_STATE_REP 64776
-#define main_MSG_CON_RECEIVED 64777
+#define main_MSG_CON_STATE_SEND 64777
-#define main_MSG_TPL_RESET 64778
+#define main_MSG_CON_STATE_DISC 64778
-#define main_MSG_ALLO_REF 64779
+#define main_MSG_TPL_RESET 64779
-#define main_MSG_ALLO_REF_LONG 64780
+#define main_MSG_ALLO_REF 64780
-#define main_MSG_BETTERSTOP 64781
+#define main_MSG_ALLO_REF_LONG 64781
-#define main_MSG_BADCRC 64782
+#define main_MSG_BETTERSTOP 64782
-#define main_MSG_NEWER 64783
+#define main_MSG_BADCRC 64783
-#define main_MSG_VFS_ARCABLE 64784
+#define main_MSG_VFS_HIDE_EMPTY 64784
-#define main_MSG_VFS_DEF_MASK 64785
+#define main_MSG_VFS_NOT_BROW 64785
-#define main_MSG_VFS_ACCESS 64786
+#define main_MSG_VFS_HIDE_EMPTY_FLD 64786
-#define main_MSG_VFS_UPLOAD 64787
+#define main_MSG_VFS_HIDE_EXT 64787
-#define main_MSG_VFS_DELETE 64788
+#define main_MSG_VFS_ARCABLE 64788
-#define main_MSG_VFS_COMMENT 64789
+#define main_MSG_VFS_DEF_MASK 64789
-#define main_MSG_VFS_REALM 64790
+#define main_MSG_VFS_ACCESS 64790
-#define main_MSG_VFS_DIFF_TPL 64791
+#define main_MSG_VFS_UPLOAD 64791
-#define main_MSG_VFS_FILES_FLT 64792
+#define main_MSG_VFS_DELETE 64792
-#define main_MSG_VFS_FLD_FLT 64793
+#define main_MSG_VFS_COMMENT 64793
-#define main_MSG_VFS_UPL_FLT 64794
+#define main_MSG_VFS_REALM 64794
-#define main_MSG_VFS_DONT_CONS_DL 64795
+#define main_MSG_VFS_DIFF_TPL 64795
-#define main_MSG_VFS_DONT_CONS_DL_MASK 64796
+#define main_MSG_VFS_FILES_FLT 64796
-#define main_MSG_VFS_INHERITED 64797
+#define main_MSG_VFS_FLD_FLT 64797
-#define main_MSG_VFS_EXTERNAL 64798
+#define main_MSG_VFS_UPL_FLT 64798
-#define main_MSG_CON_HINT 64799
+#define main_MSG_VFS_DONT_CONS_DL 64799
-#define main_VFS_ITEMS 64800
+#define main_IN_SPEED 64800
-#define main_MSG_ITEM_EXISTS 64801
+#define main_BANS 64801
-#define main_MSG_INSTALL_TPL 64802
+#define main_MEMORY 64802
-#define main_MSG_FOLDER_UPLOAD 64803
+#define main_CUST_TPL 64803
-#define main_MSG_VFS_DRAG_INVIT 64804
+#define main_VFS_ITEMS 64804
-#define main_MSG_VFS_URL 64805
+#define main_MSG_ITEM_EXISTS 64805
-#define main_MSG_VFS_PATH 64806
+#define main_MSG_INSTALL_TPL 64806
-#define main_MSG_VFS_SIZE 64807
+#define main_MSG_FOLDER_UPLOAD 64807
-#define main_MSG_VFS_DLS 64808
+#define main_MSG_VFS_DRAG_INVIT 64808
-#define main_MSG_VFS_INVISIBLE 64809
+#define main_MSG_VFS_URL 64809
-#define main_MSG_VFS_DL_FORB 64810
+#define main_MSG_VFS_PATH 64810
-#define main_MSG_VFS_DONT_LOG 64811
+#define main_MSG_VFS_SIZE 64811
-#define main_MSG_VFS_HIDE_EMPTY 64812
+#define main_MSG_VFS_DLS 64812
-#define main_MSG_VFS_NOT_BROW 64813
+#define main_MSG_VFS_INVISIBLE 64813
-#define main_MSG_VFS_HIDE_EMPTY_FLD 64814
+#define main_MSG_VFS_DL_FORB 64814
-#define main_MSG_VFS_HIDE_EXT 64815
+#define main_MSG_VFS_DONT_LOG 64815
-#define main_MSG_CHK_UPD_FAIL 64816
+#define main_MSG_UPD_DL 64816
-#define main_MSG_CHK_UPD_HEAD 64817
+#define main_MSG_UPDATE 64817
-#define main_MSG_CHK_UPD_VER 64818
+#define main_MSG_REQUESTING 64818
-#define main_MSG_CHK_UPD_VER_EXT 64819
+#define main_MSG_CHK_UPD 64819
-#define main_MSG_CHK_UPD_NONE 64820
+#define main_MSG_CHK_UPD_FAIL 64820
-#define main_TO_CLIP 64821
+#define main_MSG_CHK_UPD_HEAD 64821
-#define main_ALREADY_CLIP 64822
+#define main_MSG_CHK_UPD_VER 64822
-#define main_MSG_NO_SPACE 64823
+#define main_MSG_CHK_UPD_VER_EXT 64823
-#define main_CONN 64824
+#define main_MSG_CHK_UPD_NONE 64824
-#define main_TOT_IN 64825
+#define main_TO_CLIP 64825
-#define main_TOT_OUT 64826
+#define main_ALREADY_CLIP 64826
-#define main_OUT_SPEED 64827
+#define main_MSG_NO_SPACE 64827
-#define main_IN_SPEED 64828
+#define main_CONN 64828
-#define main_BANS 64829
+#define main_TOT_IN 64829
-#define main_MEMORY 64830
+#define main_TOT_OUT 64830
-#define main_CUST_TPL 64831
+#define main_OUT_SPEED 64831
-#define main_AUTOSAVE 64832
+#define main_MSG_FILE_ADD_ABORT 64832
-#define main_SECONDS 64833
+#define main_MSG_ADDING 64833
-#define main_MSG_SPD_LIMIT_SING 64834
+#define main_MSG_INV_FILENAME 64834
-#define main_MSG_SPD_LIMIT 64835
+#define main_MSG_DELETE 64835
-#define main_MSG_AUTO_SAVE 64836
+#define main_AUTOSAVE 64836
-#define main_MSG_AUTO_SAVE_LONG 64837
+#define main_SECONDS 64837
-#define main_MSG_MIN 64838
+#define main_MSG_SPD_LIMIT_SING 64838
-#define main_MSG_BAN 64839
+#define main_MSG_SPD_LIMIT 64839
-#define main_MSG_CANT_SAVE_OPT 64840
+#define main_MSG_AUTO_SAVE 64840
-#define main_MSG_UPD_SAVE_ERROR 64841
+#define main_MSG_AUTO_SAVE_LONG 64841
-#define main_MSG_UPD_REQ_ONLY1 64842
+#define main_MSG_MIN 64842
-#define main_MSG_UPD_WAIT 64843
+#define main_MSG_BAN 64843
-#define main_MSG_UPD_DL 64844
+#define main_MSG_CANT_SAVE_OPT 64844
-#define main_MSG_UPDATE 64845
+#define main_MSG_UPD_SAVE_ERROR 64845
-#define main_MSG_REQUESTING 64846
+#define main_MSG_UPD_REQ_ONLY1 64846
-#define main_MSG_CHK_UPD 64847
+#define main_MSG_UPD_WAIT 64847
-#define main_MSG_LOG_UPL 64848
+#define main_MSG_LOG_HEAD 64848
-#define main_MSG_LOG_UPLOADED 64849
+#define main_MSG_LOG_NOT_MOD 64849
-#define main_MSG_LOG_UPL_FAIL 64850
+#define main_MSG_LOG_REDIR 64850
-#define main_MSG_LOG_DL 64851
+#define main_MSG_LOG_NOT_SERVED 64851
-#define main_MSG_LOGIN_FAILED 64852
+#define main_MSG_LOG_UPL 64852
-#define main_MSG_MIN_DISK_REACHED 64853
+#define main_MSG_LOG_UPLOADED 64853
-#define main_MSG_UPL_NAME_FORB 64854
+#define main_MSG_LOG_UPL_FAIL 64854
-#define main_MSG_UPL_CANT_CREATE 64855
+#define main_MSG_LOG_DL 64855
-#define main_FINGERPRINT 64856
+#define main_MSG_LOGIN_FAILED 64856
-#define main_NO_FINGERPRINT 64857
+#define main_MSG_MIN_DISK_REACHED 64857
-#define main_MSG_SAVE_VFS 64858
+#define main_MSG_UPL_NAME_FORB 64858
-#define main_MSG_INP_COMMENT 64859
+#define main_MSG_UPL_CANT_CREATE 64859
-#define main_MSG_FILE_ADD_ABORT 64860
+#define main_FINGERPRINT 64860
-#define main_MSG_ADDING 64861
+#define main_NO_FINGERPRINT 64861
-#define main_MSG_INV_FILENAME 64862
+#define main_MSG_SAVE_VFS 64862
-#define main_MSG_DELETE 64863
+#define main_MSG_INP_COMMENT 64863
-#define main_MSG_PORT_USED_BY 64864
+#define main_MSG_BAN_CMT 64864
-#define main_MSG_PORT_BLOCKED 64865
+#define main_MSG_BAN_CMT_LONG 64865
-#define main_MSG_KICK_ALL 64866
+#define main_MSG_BREAK_DYN_DNS 64866
-#define main_MSG_TPL_INCOMPATIBLE 64867
+#define main_MSG_CANT_OPEN_PORT 64867
-#define main_MSG_LOG_SERVER_START 64868
+#define main_MSG_PORT_USED_BY 64868
-#define main_MSG_LOG_SERVER_STOP 64869
+#define main_MSG_PORT_BLOCKED 64869
-#define main_MSG_LOG_CONNECTED 64870
+#define main_MSG_KICK_ALL 64870
-#define main_MSG_LOG_DISC_SRV 64871
+#define main_MSG_TPL_INCOMPATIBLE 64871
-#define main_MSG_LOG_DISC 64872
+#define main_MSG_LOG_SERVER_START 64872
-#define main_MSG_LOG_GOT 64873
+#define main_MSG_LOG_SERVER_STOP 64873
-#define main_MSG_LOG_BYTES_SENT 64874
+#define main_MSG_LOG_CONNECTED 64874
-#define main_MSG_LOG_SERVED 64875
+#define main_MSG_LOG_DISC_SRV 64875
-#define main_MSG_LOG_HEAD 64876
+#define main_MSG_LOG_DISC 64876
-#define main_MSG_LOG_NOT_MOD 64877
+#define main_MSG_LOG_GOT 64877
-#define main_MSG_LOG_REDIR 64878
+#define main_MSG_LOG_BYTES_SENT 64878
-#define main_MSG_LOG_NOT_SERVED 64879
+#define main_MSG_LOG_SERVED 64879
-#define main_MSG_DDNS_nohost 64880
+#define main_MSG_DDNS_FAIL 64880
-#define main_MSG_DDNS_notyours 64881
+#define main_MSG_DDNS_REPLY_SIZE 64881
-#define main_MSG_DDNS_numhost 64882
+#define main_MSG_DDNS_badauth 64882
-#define main_MSG_DDNS_abuse 64883
+#define main_MSG_DDNS_notfqdn 64883
-#define main_MSG_DDNS_dnserr 64884
+#define main_MSG_DDNS_nohost 64884
-#define main_MSG_DDNS_911 64885
+#define main_MSG_DDNS_notyours 64885
-#define main_MSG_DDNS_notdonator 64886
+#define main_MSG_DDNS_numhost 64886
-#define main_MSG_DDNS_badagent 64887
+#define main_MSG_DDNS_abuse 64887
-#define main_MSG_BAN_MASK 64888
+#define main_MSG_DDNS_dnserr 64888
-#define main_MSG_IP_MASK_LONG 64889
+#define main_MSG_DDNS_911 64889
-#define main_MSG_KICK_ADDR 64890
+#define main_MSG_DDNS_notdonator 64890
-#define main_MSG_BAN_ALREADY 64891
+#define main_MSG_DDNS_badagent 64891
-#define main_MSG_BAN_CMT 64892
+#define main_MSG_BAN_MASK 64892
-#define main_MSG_BAN_CMT_LONG 64893
+#define main_MSG_IP_MASK_LONG 64893
-#define main_MSG_BREAK_DYN_DNS 64894
+#define main_MSG_KICK_ADDR 64894
-#define main_MSG_CANT_OPEN_PORT 64895
+#define main_MSG_BAN_ALREADY 64895
-#define main_MSG_NO_TEMP 64896
+#define main_MSG_ADDRESSES_EXCEED 64896
-#define main_MSG_ERROR_REGISTRY 64897
+#define main_MSG_NO_TEMP 64897
-#define main_MSG_MANY_ITEMS 64898
+#define main_MSG_ERROR_REGISTRY 64898
-#define main_MSG_ADD_TO_HFS 64899
+#define main_MSG_MANY_ITEMS 64899
-#define main_MSG_SINGLE_INSTANCE 64900
+#define main_MSG_ADD_TO_HFS 64900
-#define main_MSG_COMM_ERROR 64901
+#define main_MSG_SINGLE_INSTANCE 64901
-#define main_MSG_DDNS_NO_REPLY 64902
+#define main_MSG_COMM_ERROR 64902
-#define main_MSG_DDNS_OK 64903
+#define main_MSG_CON_PAUSED 64903
-#define main_MSG_DDNS_UNK 64904
+#define main_MSG_CON_SENT 64904
-#define main_MSG_DDNS_ERR 64905
+#define main_MSG_CON_RECEIVED 64905
-#define main_MSG_DDNS_REQ 64906
+#define main_MSG_DDNS_NO_REPLY 64906
-#define main_MSG_DDNS_DOING 64907
+#define main_MSG_DDNS_OK 64907
-#define main_MSG_DDNS_FAIL 64908
+#define main_MSG_DDNS_UNK 64908
-#define main_MSG_DDNS_REPLY_SIZE 64909
+#define main_MSG_DDNS_ERR 64909
-#define main_MSG_DDNS_badauth 64910
+#define main_MSG_DDNS_REQ 64910
-#define main_MSG_DDNS_notfqdn 64911
+#define main_MSG_DDNS_DOING 64911
-#define main_MSG_MAX_SIM_ADDR 64912
+#define main_MSG_MAX_CON_SING 64912
-#define main_MSG_MAX_SIM_ADDR_DL 64913
+#define main_MSG_MAX_SIM_ADDR 64913
-#define main_MSG_MAX_SIM_DL_SING 64914
+#define main_MSG_MAX_SIM_ADDR_DL 64914
-#define main_MSG_MAX_SIM_DL 64915
+#define main_MSG_MAX_SIM_DL_SING 64915
-#define main_MSG_SET_LIMIT 64916
+#define main_MSG_MAX_SIM_DL 64916
-#define main_MSG_UNPROTECTED_LINKS 64917
+#define main_MSG_SET_LIMIT 64917
-#define main_MSG_SAME_NAME 64918
+#define main_MSG_UNPROTECTED_LINKS 64918
-#define main_MSG_CONTINUE 64919
+#define main_MSG_SAME_NAME 64919
-#define main_MSG_PROCESSING 64920
+#define main_MSG_CONTINUE 64920
-#define main_MSG_SPEED_KBS 64921
+#define main_MSG_PROCESSING 64921
-#define main_MSG_OPTIONS_SAVED 64922
+#define main_MSG_SPEED_KBS 64922
-#define main_MSG_SOME_LOCKED 64923
+#define main_MSG_OPTIONS_SAVED 64923
-#define main_MSG_ITEM_LOCKED 64924
+#define main_MSG_SOME_LOCKED 64924
-#define main_MSG_INVALID_VALUE 64925
+#define main_MSG_ITEM_LOCKED 64925
-#define main_MSG_EMPTY_NO_LIMIT 64926
+#define main_MSG_INVALID_VALUE 64926
-#define main_MSG_ADDRESSES_EXCEED 64927
+#define main_MSG_EMPTY_NO_LIMIT 64927
 #define JclResources_RsIntelCacheDescrF0 64928
 #define JclResources_RsIntelCacheDescrF1 64929
 #define JclResources_RsIntelCacheDescrFF 64930
@ -282,15 +282,15 @@
 #define JclResources_RsOSVersionWinServer2012 64932
 #define JclResources_RsOSVersionWin81 64933
 #define JclResources_RsOSVersionWinServer2012R2 64934
-#define optionsDlg_MSG_INVERT_BAN 64935
+#define classesLib_MSG_ANTIDOS_REPLY 64935
-#define main_S_PORT_LABEL 64936
+#define optionsDlg_MSG_INVERT_BAN 64936
-#define main_S_PORT_ANY 64937
+#define main_S_PORT_LABEL 64937
-#define main_DISABLED 64938
+#define main_S_PORT_ANY 64938
-#define main_S_OK 64939
+#define main_DISABLED 64939
-#define main_MSG_MENU_VAL 64940
+#define main_S_OK 64940
-#define main_MSG_DL_TIMEOUT 64941
+#define main_MSG_MENU_VAL 64941
-#define main_MSG_MAX_CON 64942
+#define main_MSG_DL_TIMEOUT 64942
-#define main_MSG_MAX_CON_SING 64943
+#define main_MSG_MAX_CON 64943
 #define JclResources_RsIntelCacheDescrCA 64944
 #define JclResources_RsIntelCacheDescrD0 64945
 #define JclResources_RsIntelCacheDescrD1 64946
@ -976,6 +976,7 @@ BEGIN
 	main_SW2EXPERT,	L"Switch to Expert mode"
 	main_SW2EASY,	L"Switch to Easy mode"
 	main_MSG_DL_TIMEOUT_LONG,	L"Enter the number of MINUTES with no download after which the program automatically shuts down.\rLeave blank to get no timeout."
 	main_MSG_NEWER_INCOMP,	L"This file has been created with a newer and incompatible version."
 	main_MSG_ZLIB,	L"This file is corrupted (ZLIB)."
 	main_MSG_BAKAVAILABLE,	L"This file is corrupted but a backup is available.\rContinue with backup?"
 	main_MSG_CANT_LOAD_SAVE,	L"Cannot load or save while adding files"
@ -986,12 +987,15 @@ BEGIN
 	main_MSG_LIM0,	L"Zero is an effective limit.\rTo disable instead, leave empty."
 	main_MSG_MAX_BW_1,	L"Max bandwidth for single address (KB/s)."
 	main_MSG_GRAPH_RATE_MENU,	L"Graph refresh rate: %d (tenths of second)"
-	main_MSG_MAX_SIM,	L"Max simultaneous connections to serve.\rMost people don't know this function well, and have problems. If you are unsure, please use the \"Max simultaneous downloads\"."
+	main_MSG_MAX_CON_LONG,	L"Max simultaneous connections to serve.\rMost people don't know this function well, and have problems. If you are unsure, please use the \"Max simultaneous downloads\"."
 	main_MSG_WARN_CONN,	L"In this moment there are %d active connections"
 	main_MSG_WARN_ACT_DL,	L"In this moment there are %d active downloads"
-	main_MSG_MAX_SIM_SING,	L"Max simultaneous connections to accept from a single IP address.\rMost people don't know this function well, and have problems. If you are unsure, please use the \"Max simultaneous downloads from a single IP address\"."
+	main_MSG_MAX_CON_SING_LONG,	L"Max simultaneous connections to accept from a single IP address.\rMost people don't know this function well, and have problems. If you are unsure, please use the \"Max simultaneous downloads from a single IP address\"."
 	main_MSG_MAX_SIM_DL_SING,	L"Max simultaneous downloads from a single IP address."
 	main_MSG_GRAPH_RATE,	L"Graph refresh rate"
 	main_MSG_VFS_DONT_CONS_DL_MASK,	L"Don't consider as download (mask): %s"
 	main_MSG_VFS_INHERITED,	L" [inherited]"
 	main_MSG_VFS_EXTERNAL,	L" [external]"
 	main_MSG_CON_HINT,	L"Connection time: %s\rLast request time: %s\rAgent: %s"
 	main_MSG_CON_STATE_IDLE,	L"idle"
 	main_MSG_CON_STATE_REQ,	L"requesting"
 	main_MSG_CON_STATE_RCV,	L"receiving"
@ -999,15 +1003,15 @@ BEGIN
 	main_MSG_CON_STATE_REP,	L"replying"
 	main_MSG_CON_STATE_SEND,	L"sending"
 	main_MSG_CON_STATE_DISC,	L"disconnected"
 	main_MSG_CON_PAUSED,	L"paused"
 	main_MSG_CON_SENT,	L"%s / %s sent"
 	main_MSG_CON_RECEIVED,	L"%s / %s received"
 	main_MSG_TPL_RESET,	L"The template has been reset"
 	main_MSG_ALLO_REF,	L"Allowed referer"
 	main_MSG_ALLO_REF_LONG,	L"Leave empty to disable this feature.\rHere you can specify a mask.\rWhen a file is requested, if the mask doesn't match the \"Referer\" HTTP field, the request is rejected."
 	main_MSG_BETTERSTOP,	L"\rGoing on may lead to problems.\rIt is adviced to stop loading.\rStop?"
 	main_MSG_BADCRC,	L"This file is corrupted (CRC)."
-	main_MSG_NEWER,	L"This file has been created with a newer and incompatible version."
+	main_MSG_VFS_HIDE_EMPTY,	L"Hidden if empty"
 	main_MSG_VFS_NOT_BROW,	L"Not browsable"
 	main_MSG_VFS_HIDE_EMPTY_FLD,	L"Hide empty folders"
 	main_MSG_VFS_HIDE_EXT,	L"Hide extention"
 	main_MSG_VFS_ARCABLE,	L"Archivable"
 	main_MSG_VFS_DEF_MASK,	L"Default file mask: %s"
 	main_MSG_VFS_ACCESS,	L"Access for"
@ -1020,10 +1024,10 @@ BEGIN
 	main_MSG_VFS_FLD_FLT,	L"Folders filter: %s"
 	main_MSG_VFS_UPL_FLT,	L"Upload filter: %s"
 	main_MSG_VFS_DONT_CONS_DL,	L"Don't consider as download"
-	main_MSG_VFS_DONT_CONS_DL_MASK,	L"Don't consider as download (mask): %s"
+	main_IN_SPEED,	L"In: %.1f KB/s"
-	main_MSG_VFS_INHERITED,	L" [inherited]"
+	main_BANS,	L"Ban rules: %d"
-	main_MSG_VFS_EXTERNAL,	L" [external]"
+	main_MEMORY,	L"Mem"
-	main_MSG_CON_HINT,	L"Connection time: %s\rLast request time: %s\rAgent: %s"
+	main_CUST_TPL,	L"Customized template"
 	main_VFS_ITEMS,	L"VFS: %d items"
 	main_MSG_ITEM_EXISTS,	L"%s item(s) already exists:\r%s\r\rContinue?"
 	main_MSG_INSTALL_TPL,	L"Install this template?"
@ -1036,10 +1040,10 @@ BEGIN
 	main_MSG_VFS_INVISIBLE,	L"Invisible"
 	main_MSG_VFS_DL_FORB,	L"Download forbidden"
 	main_MSG_VFS_DONT_LOG,	L"Don't log"
-	main_MSG_VFS_HIDE_EMPTY,	L"Hidden if empty"
+	main_MSG_UPD_DL,	L"Downloading new version..."
-	main_MSG_VFS_NOT_BROW,	L"Not browsable"
+	main_MSG_UPDATE,	L"You are invited to use the new version.\r\rUpdate now?"
-	main_MSG_VFS_HIDE_EMPTY_FLD,	L"Hide empty folders"
+	main_MSG_REQUESTING,	L"Requesting..."
-	main_MSG_VFS_HIDE_EXT,	L"Hide extention"
+	main_MSG_CHK_UPD,	L"Checking for updates"
 	main_MSG_CHK_UPD_FAIL,	L"Check update: failed"
 	main_MSG_CHK_UPD_HEAD,	L"Check update: "
 	main_MSG_CHK_UPD_VER,	L"new version found: %s"
@ -1052,10 +1056,10 @@ BEGIN
 	main_TOT_IN,	L"Total In: %s"
 	main_TOT_OUT,	L"Total Out: %s"
 	main_OUT_SPEED,	L"Out: %.1f KB/s"
-	main_IN_SPEED,	L"In: %.1f KB/s"
+	main_MSG_FILE_ADD_ABORT,	L"File addition was aborted.\rThe list of files is incomplete."
-	main_BANS,	L"Ban rules: %d"
+	main_MSG_ADDING,	L"Adding item #%d"
-	main_MEMORY,	L"Mem"
+	main_MSG_INV_FILENAME,	L"Invalid filename"
-	main_CUST_TPL,	L"Customized template"
+	main_MSG_DELETE,	L"Delete?"
 	main_AUTOSAVE,	L"Auto save every: "
 	main_SECONDS,	L"%d seconds"
 	main_MSG_SPD_LIMIT_SING,	L"Speed limit for single address"
@ -1068,10 +1072,10 @@ BEGIN
 	main_MSG_UPD_SAVE_ERROR,	L"Cannot save the update"
 	main_MSG_UPD_REQ_ONLY1,	L"The auto-update feature cannot work because it requires the \"Only 1 instance\" option enabled.\r\rYour browser will now be pointed to the update, so you can install it manually."
 	main_MSG_UPD_WAIT,	L"Waiting for last requests to be served, then we'll update"
-	main_MSG_UPD_DL,	L"Downloading new version..."
+	main_MSG_LOG_HEAD,	L"Served head"
-	main_MSG_UPDATE,	L"You are invited to use the new version.\r\rUpdate now?"
+	main_MSG_LOG_NOT_MOD,	L"Not modified, use cache"
-	main_MSG_REQUESTING,	L"Requesting..."
+	main_MSG_LOG_REDIR,	L"Redirected to %s"
-	main_MSG_CHK_UPD,	L"Checking for updates"
+	main_MSG_LOG_NOT_SERVED,	L"Not served: %d - %s"
 	main_MSG_LOG_UPL,	L"Uploading %s"
 	main_MSG_LOG_UPLOADED,	L"Fully uploaded %s - %s @ %sB/s"
 	main_MSG_LOG_UPL_FAIL,	L"Upload failed %s"
@ -1084,10 +1088,10 @@ BEGIN
 	main_NO_FINGERPRINT,	L"Create fingerprint on addition: disabled"
 	main_MSG_SAVE_VFS,	L"Your current file system is not saved.\rSave it?"
 	main_MSG_INP_COMMENT,	L"Please insert a comment for \"%s\".\rYou should use HTML: <br> for break line."
-	main_MSG_FILE_ADD_ABORT,	L"File addition was aborted.\rThe list of files is incomplete."
+	main_MSG_BAN_CMT,	L"Ban comment"
-	main_MSG_ADDING,	L"Adding item #%d"
+	main_MSG_BAN_CMT_LONG,	L"A comment for this ban..."
-	main_MSG_INV_FILENAME,	L"Invalid filename"
+	main_MSG_BREAK_DYN_DNS,	L"This option is NOT compatible with \"dynamic dns updater\".\rContinue?"
-	main_MSG_DELETE,	L"Delete?"
+	main_MSG_CANT_OPEN_PORT,	L"Cannot open port."
 	main_MSG_PORT_USED_BY,	L"It is already used by %s"
 	main_MSG_PORT_BLOCKED,	L"Something is blocking, maybe your system firewall."
 	main_MSG_KICK_ALL,	L"There are %d connections open.\rDo you want to close them now?"
@ -1100,10 +1104,10 @@ BEGIN
 	main_MSG_LOG_GOT,	L"Got %d bytes"
 	main_MSG_LOG_BYTES_SENT,	L"%s bytes sent"
 	main_MSG_LOG_SERVED,	L"Served %s"
-	main_MSG_LOG_HEAD,	L"Served head"
+	main_MSG_DDNS_FAIL,	L"DNS update failed: %s\rUser intervention is required."
-	main_MSG_LOG_NOT_MOD,	L"Not modified, use cache"
+	main_MSG_DDNS_REPLY_SIZE,	L"%d bytes reply"
-	main_MSG_LOG_REDIR,	L"Redirected to %s"
+	main_MSG_DDNS_badauth,	L"invalid user/password"
-	main_MSG_LOG_NOT_SERVED,	L"Not served: %d - %s"
+	main_MSG_DDNS_notfqdn,	L"incomplete hostname, required form aaa.bbb.com"
 	main_MSG_DDNS_nohost,	L"specified hostname does not exist"
 	main_MSG_DDNS_notyours,	L"specified hostname belongs to another username"
 	main_MSG_DDNS_numhost,	L"too many or too few hosts found"
@ -1116,26 +1120,23 @@ BEGIN
 	main_MSG_IP_MASK_LONG,	L"You can edit the address.\rMasks and ranges are allowed."
 	main_MSG_KICK_ADDR,	L"There are %d open connections from this address.\rDo you want to kick them all now?"
 	main_MSG_BAN_ALREADY,	L"This IP address is already banned"
-	main_MSG_BAN_CMT,	L"Ban comment"
+	main_MSG_ADDRESSES_EXCEED,	L"The following addresses exceed the limit:\r%s"
 	main_MSG_BAN_CMT_LONG,	L"A comment for this ban..."
 	main_MSG_BREAK_DYN_DNS,	L"This option is NOT compatible with \"dynamic dns updater\".\rContinue?"
 	main_MSG_CANT_OPEN_PORT,	L"Cannot open port."
 	main_MSG_NO_TEMP,	L"Cannot save temporary file"
 	main_MSG_ERROR_REGISTRY,	L"Can't write to registry.\rYou may lack necessary rights."
 	main_MSG_MANY_ITEMS,	L"You are putting many files.\rTry using real folders instead of virtual folders.\rRead documentation or ask on the forum for help."
 	main_MSG_ADD_TO_HFS,	L"\"Add to HFS\" has been added to your Window's Explorer right-click menu."
 	main_MSG_SINGLE_INSTANCE,	L"Sorry, this feature only works with the \"Only 1 instance\" option enabled.\r\rYou can find this option under Menu -> Start/Exit\r(only in expert mode)"
 	main_MSG_COMM_ERROR,	L"Network error. Request failed."
 	main_MSG_CON_PAUSED,	L"paused"
 	main_MSG_CON_SENT,	L"%s / %s sent"
 	main_MSG_CON_RECEIVED,	L"%s / %s received"
 	main_MSG_DDNS_NO_REPLY,	L"no reply"
 	main_MSG_DDNS_OK,	L"successful"
 	main_MSG_DDNS_UNK,	L"unknown reply: %s"
 	main_MSG_DDNS_ERR,	L"error: %s"
 	main_MSG_DDNS_REQ,	L"DNS update requested for %s: %s"
 	main_MSG_DDNS_DOING,	L"Updating dynamic DNS..."
-	main_MSG_DDNS_FAIL,	L"DNS update failed: %s\rUser intervention is required."
+	main_MSG_MAX_CON_SING,	L"Max connections from single address"
 	main_MSG_DDNS_REPLY_SIZE,	L"%d bytes reply"
 	main_MSG_DDNS_badauth,	L"invalid user/password"
 	main_MSG_DDNS_notfqdn,	L"incomplete hostname, required form aaa.bbb.com"
 	main_MSG_MAX_SIM_ADDR,	L"Max simultaneous addresses"
 	main_MSG_MAX_SIM_ADDR_DL,	L"Max simultaneous addresses downloading"
 	main_MSG_MAX_SIM_DL_SING,	L"Max simultaneous downloads from single address"
@ -1151,7 +1152,6 @@ BEGIN
 	main_MSG_ITEM_LOCKED,	L"The item is locked"
 	main_MSG_INVALID_VALUE,	L"Invalid value"
 	main_MSG_EMPTY_NO_LIMIT,	L"Leave blank to get no limits."
 	main_MSG_ADDRESSES_EXCEED,	L"The following addresses exceed the limit:\r%s"
 	JclResources_RsIntelCacheDescrF0,	L"64-Byte Prefetching"
 	JclResources_RsIntelCacheDescrF1,	L"128-Byte Prefetching"
 	JclResources_RsIntelCacheDescrFF,	L"CPUID leaf 2 does not report cache descriptor information, use CPUID leaf 4 to query cache parameters"
@ -1159,6 +1159,7 @@ BEGIN
 	JclResources_RsOSVersionWinServer2012,	L"Windows Server 2012"
 	JclResources_RsOSVersionWin81,	L"Windows 8.1"
 	JclResources_RsOSVersionWinServer2012R2,	L"Windows Server 2012 R2"
 	classesLib_MSG_ANTIDOS_REPLY,	L"Please wait, server busy"
 	optionsDlg_MSG_INVERT_BAN,	L"Normal behavior of the Ban is to prevent access to the addresses you specify (also called black-list).\rIf you want the opposite, to allow the addresses that you specify (white-list), enter all addresses in a single row preceded by a \\ character.\r\rLet say you want to allow all your 192.168 local network plus your office at 1.1.1.1.\rJust put this IP address mask: \\192.168.*;1.1.1.1\rThe opening \\ character inverts the logic, so everything else is banned.\r\rIf you want to know more about address masks, check the guide."
 	main_S_PORT_LABEL,	L"Port: %s"
 	main_S_PORT_ANY,	L"any"
@ -1167,7 +1168,6 @@ BEGIN
 	main_MSG_MENU_VAL,	L" (%s)"
 	main_MSG_DL_TIMEOUT,	L"No downloads timeout"
 	main_MSG_MAX_CON,	L"Max connections"
 	main_MSG_MAX_CON_SING,	L"Max connections from single address"
 	JclResources_RsIntelCacheDescrCA,	L"Shared 2nd-Level TLB: 4 KByte pages, 4-way associative, 512 entries"
 	JclResources_RsIntelCacheDescrD0,	L"3rd-level cache: 512 KByte, 4-way set associative, 64 byte line size"
 	JclResources_RsIntelCacheDescrD1,	L"3rd-level cache: 1 MByte, 4-way set associative, 64 byte line size"
--- a/hfs.lng
+++ b/hfs.lng
@ -1,5 +1,5 @@
 ; Kryvich's Delphi Localizer Language File.
-; Generated by K.D.L. Scanner, 02/06/2020 14:12:28
+; Generated by K.D.L. Scanner, 02/08/2020 18:30:32
 Humanize=1
 HumanizedCR=\^
@ -282,7 +282,6 @@ menu.Debug1.dumpTrafficChk.Caption=Dump traffic
 menu.Debug1.Showcustomizedoptions1.Caption=Show customized options...
 menu.Debug1.highSpeedChk.Caption=Experimental high speed handling
 menu.Debug1.macrosLogChk.Caption=Enable macros.log
 menu.Debug1.Appendmacroslog1.Caption=Append macros.log
 menu.Debug1.Runscript1.Caption=Run script...
 menu.Debug1.showMemUsageChk.Caption=Show memory usage
 menu.Debug1.noContentdispositionChk.Caption=No Content-disposition
@ -536,198 +535,198 @@ Panel1.Button2.Caption=&No
 64742_main_MSG_CORRUPTED=This file does not contain valid data.
 64743_main_MSG_MACROS_FOUND=!!!!!!!!! DANGER !!!!!!!!!\^This file contains macros.\^Don't accept macros from people you don't trust.\^\^Trust this file?
 64744_main_MSG_UPD_INFO=Last stable version: %s\^\^Last untested version: %s\^
-64783_main_MSG_NEWER=There's a new version available online: %s
+64745_main_MSG_NEWER=There's a new version available online: %s
 64746_main_MSG_SRC_UPD=Searching for updates...
 64747_main_ARE_EXPERT{1}=You are in Expert mode
 64748_main_ARE_EASY=You are in Easy mode
 64749_main_SW2EXPERT=Switch to Expert mode
 64750_main_SW2EASY=Switch to Easy mode
 64751_main_MSG_DL_TIMEOUT_LONG=Enter the number of MINUTES with no download after which the program automatically shuts down.\^Leave blank to get no timeout.
-64752_main_MSG_ZLIB=This file is corrupted (ZLIB).
+64752_main_MSG_NEWER_INCOMP=This file has been created with a newer and incompatible version.
-64753_main_MSG_BAKAVAILABLE=This file is corrupted but a backup is available.\^Continue with backup?
+64753_main_MSG_ZLIB=This file is corrupted (ZLIB).
-64754_main_MSG_CANT_LOAD_SAVE=Cannot load or save while adding files
+64754_main_MSG_BAKAVAILABLE=This file is corrupted but a backup is available.\^Continue with backup?
-64755_main_MSG_OPEN_VFS=Open VFS file
+64755_main_MSG_CANT_LOAD_SAVE=Cannot load or save while adding files
-64756_main_LIMIT{2}=Limit
+64756_main_MSG_OPEN_VFS=Open VFS file
-64757_main_TOP_SPEED=Top speed
+64757_main_LIMIT{2}=Limit
-64758_main_MSG_MAX_BW=Max bandwidth (KB/s).
+64758_main_TOP_SPEED=Top speed
-64759_main_MSG_LIM0=Zero is an effective limit.\^To disable instead, leave empty.
+64759_main_MSG_MAX_BW=Max bandwidth (KB/s).
-64760_main_MSG_MAX_BW_1=Max bandwidth for single address (KB/s).
+64760_main_MSG_LIM0=Zero is an effective limit.\^To disable instead, leave empty.
-64761_main_MSG_GRAPH_RATE_MENU=Graph refresh rate: %d (tenths of second)
+64761_main_MSG_MAX_BW_1=Max bandwidth for single address (KB/s).
-64762_main_MSG_MAX_SIM=Max simultaneous connections to serve.\^Most people don't know this function well, and have problems. If you are unsure, please use the "Max simultaneous downloads".
+64762_main_MSG_GRAPH_RATE_MENU=Graph refresh rate: %d (tenths of second)
-64763_main_MSG_WARN_CONN=In this moment there are %d active connections
+64763_main_MSG_MAX_CON_LONG=Max simultaneous connections to serve.\^Most people don't know this function well, and have problems. If you are unsure, please use the "Max simultaneous downloads".
-64764_main_MSG_WARN_ACT_DL=In this moment there are %d active downloads
+64764_main_MSG_WARN_CONN=In this moment there are %d active connections
-64765_main_MSG_MAX_SIM_SING=Max simultaneous connections to accept from a single IP address.\^Most people don't know this function well, and have problems. If you are unsure, please use the "Max simultaneous downloads from a single IP address".
+64765_main_MSG_WARN_ACT_DL=In this moment there are %d active downloads
-64766_main_MSG_MAX_SIM_DL_SING{1}=Max simultaneous downloads from a single IP address.
+64766_main_MSG_MAX_CON_SING_LONG=Max simultaneous connections to accept from a single IP address.\^Most people don't know this function well, and have problems. If you are unsure, please use the "Max simultaneous downloads from a single IP address".
 64767_main_MSG_GRAPH_RATE{1}=Graph refresh rate
-64768_main_MSG_CON_STATE_IDLE=idle
+64768_main_MSG_VFS_DONT_CONS_DL_MASK=Don't consider as download (mask): %s
-64769_main_MSG_CON_STATE_REQ=requesting
+64769_main_MSG_VFS_INHERITED= [inherited]
-64770_main_MSG_CON_STATE_RCV=receiving
+64770_main_MSG_VFS_EXTERNAL= [external]
-64771_main_MSG_CON_STATE_THINK=thinking
+64771_main_MSG_CON_HINT=Connection time: %s\^Last request time: %s\^Agent: %s
-64772_main_MSG_CON_STATE_REP=replying
+64772_main_MSG_CON_STATE_IDLE=idle
-64773_main_MSG_CON_STATE_SEND=sending
+64773_main_MSG_CON_STATE_REQ=requesting
-64774_main_MSG_CON_STATE_DISC=disconnected
+64774_main_MSG_CON_STATE_RCV=receiving
-64775_main_MSG_CON_PAUSED=paused
+64775_main_MSG_CON_STATE_THINK=thinking
-64776_main_MSG_CON_SENT=%s / %s sent
+64776_main_MSG_CON_STATE_REP=replying
-64777_main_MSG_CON_RECEIVED=%s / %s received
+64777_main_MSG_CON_STATE_SEND=sending
-64778_main_MSG_TPL_RESET=The template has been reset
+64778_main_MSG_CON_STATE_DISC=disconnected
-64779_main_MSG_ALLO_REF=Allowed referer
+64779_main_MSG_TPL_RESET=The template has been reset
-64780_main_MSG_ALLO_REF_LONG=Leave empty to disable this feature.\^Here you can specify a mask.\^When a file is requested, if the mask doesn't match the "Referer" HTTP field, the request is rejected.
+64780_main_MSG_ALLO_REF=Allowed referer
-64781_main_MSG_BETTERSTOP=\^Going on may lead to problems.\^It is adviced to stop loading.\^Stop?
+64781_main_MSG_ALLO_REF_LONG=Leave empty to disable this feature.\^Here you can specify a mask.\^When a file is requested, if the mask doesn't match the "Referer" HTTP field, the request is rejected.
-64782_main_MSG_BADCRC=This file is corrupted (CRC).
+64782_main_MSG_BETTERSTOP=\^Going on may lead to problems.\^It is adviced to stop loading.\^Stop?
-64783_main_MSG_NEWER{1}=This file has been created with a newer and incompatible version.
+64783_main_MSG_BADCRC=This file is corrupted (CRC).
-64784_main_MSG_VFS_ARCABLE=Archivable
+64784_main_MSG_VFS_HIDE_EMPTY=Hidden if empty
-64785_main_MSG_VFS_DEF_MASK=Default file mask: %s
+64785_main_MSG_VFS_NOT_BROW=Not browsable
-64786_main_MSG_VFS_ACCESS=Access for
+64786_main_MSG_VFS_HIDE_EMPTY_FLD=Hide empty folders
-64787_main_MSG_VFS_UPLOAD=Upload allowed for
+64787_main_MSG_VFS_HIDE_EXT=Hide extention
-64788_main_MSG_VFS_DELETE=Delete allowed for
+64788_main_MSG_VFS_ARCABLE=Archivable
-64789_main_MSG_VFS_COMMENT=Comment: %s
+64789_main_MSG_VFS_DEF_MASK=Default file mask: %s
-64790_main_MSG_VFS_REALM=Realm: %s
+64790_main_MSG_VFS_ACCESS=Access for
-64791_main_MSG_VFS_DIFF_TPL=Diff template: %s
+64791_main_MSG_VFS_UPLOAD=Upload allowed for
-64792_main_MSG_VFS_FILES_FLT=Files filter: %s
+64792_main_MSG_VFS_DELETE=Delete allowed for
-64793_main_MSG_VFS_FLD_FLT=Folders filter: %s
+64793_main_MSG_VFS_COMMENT=Comment: %s
-64794_main_MSG_VFS_UPL_FLT=Upload filter: %s
+64794_main_MSG_VFS_REALM=Realm: %s
-64795_main_MSG_VFS_DONT_CONS_DL=Don't consider as download
+64795_main_MSG_VFS_DIFF_TPL=Diff template: %s
-64796_main_MSG_VFS_DONT_CONS_DL_MASK=Don't consider as download (mask): %s
+64796_main_MSG_VFS_FILES_FLT=Files filter: %s
-64797_main_MSG_VFS_INHERITED= [inherited]
+64797_main_MSG_VFS_FLD_FLT=Folders filter: %s
-64798_main_MSG_VFS_EXTERNAL= [external]
+64798_main_MSG_VFS_UPL_FLT=Upload filter: %s
-64799_main_MSG_CON_HINT=Connection time: %s\^Last request time: %s\^Agent: %s
+64799_main_MSG_VFS_DONT_CONS_DL=Don't consider as download
-64800_main_VFS_ITEMS=VFS: %d items
+64800_main_IN_SPEED=In: %.1f KB/s
-64801_main_MSG_ITEM_EXISTS=%s item(s) already exists:\^%s\^\^Continue?
+64801_main_BANS=Ban rules: %d
-64802_main_MSG_INSTALL_TPL=Install this template?
+64802_main_MEMORY=Mem
-64803_main_MSG_FOLDER_UPLOAD=Do you want ANYONE to be able to upload to this folder?
+64803_main_CUST_TPL=Customized template
-64804_main_MSG_VFS_DRAG_INVIT=Drag your files here
+64804_main_VFS_ITEMS=VFS: %d items
-64805_main_MSG_VFS_URL=URL: %s
+64805_main_MSG_ITEM_EXISTS=%s item(s) already exists:\^%s\^\^Continue?
-64806_main_MSG_VFS_PATH=Path: %s
+64806_main_MSG_INSTALL_TPL=Install this template?
-64807_main_MSG_VFS_SIZE=Size: %s
+64807_main_MSG_FOLDER_UPLOAD=Do you want ANYONE to be able to upload to this folder?
-64808_main_MSG_VFS_DLS=Downloads: %s
+64808_main_MSG_VFS_DRAG_INVIT=Drag your files here
-64809_main_MSG_VFS_INVISIBLE=Invisible
+64809_main_MSG_VFS_URL=URL: %s
-64810_main_MSG_VFS_DL_FORB=Download forbidden
+64810_main_MSG_VFS_PATH=Path: %s
-64811_main_MSG_VFS_DONT_LOG=Don't log
+64811_main_MSG_VFS_SIZE=Size: %s
-64812_main_MSG_VFS_HIDE_EMPTY=Hidden if empty
+64812_main_MSG_VFS_DLS=Downloads: %s
-64813_main_MSG_VFS_NOT_BROW=Not browsable
+64813_main_MSG_VFS_INVISIBLE=Invisible
-64814_main_MSG_VFS_HIDE_EMPTY_FLD=Hide empty folders
+64814_main_MSG_VFS_DL_FORB=Download forbidden
-64815_main_MSG_VFS_HIDE_EXT=Hide extention
+64815_main_MSG_VFS_DONT_LOG=Don't log
-64816_main_MSG_CHK_UPD_FAIL=Check update: failed
+64816_main_MSG_UPD_DL=Downloading new version...
-64817_main_MSG_CHK_UPD_HEAD=Check update: 
+64817_main_MSG_UPDATE=You are invited to use the new version.\^\^Update now?
-64818_main_MSG_CHK_UPD_VER=new version found: %s
+64818_main_MSG_REQUESTING=Requesting...
-64819_main_MSG_CHK_UPD_VER_EXT=Build #%s (current is #%s)
+64819_main_MSG_CHK_UPD=Checking for updates
-64820_main_MSG_CHK_UPD_NONE=no new version
+64820_main_MSG_CHK_UPD_FAIL=Check update: failed
-64821_main_TO_CLIP=Copy to clipboard
+64821_main_MSG_CHK_UPD_HEAD=Check update: 
-64822_main_ALREADY_CLIP=Already in clipboard
+64822_main_MSG_CHK_UPD_VER=new version found: %s
-64823_main_MSG_NO_SPACE=Out of space
+64823_main_MSG_CHK_UPD_VER_EXT=Build #%s (current is #%s)
-64824_main_CONN=Connections: %d
+64824_main_MSG_CHK_UPD_NONE=no new version
-64825_main_TOT_IN=Total In: %s
+64825_main_TO_CLIP=Copy to clipboard
-64826_main_TOT_OUT{1}=Total Out: %s
+64826_main_ALREADY_CLIP=Already in clipboard
-64827_main_OUT_SPEED=Out: %.1f KB/s
+64827_main_MSG_NO_SPACE=Out of space
-64828_main_IN_SPEED=In: %.1f KB/s
+64828_main_CONN=Connections: %d
-64829_main_BANS=Ban rules: %d
+64829_main_TOT_IN=Total In: %s
-64830_main_MEMORY=Mem
+64830_main_TOT_OUT{1}=Total Out: %s
-64831_main_CUST_TPL=Customized template
+64831_main_OUT_SPEED=Out: %.1f KB/s
-64832_main_AUTOSAVE=Auto save every: 
+64832_main_MSG_FILE_ADD_ABORT=File addition was aborted.\^The list of files is incomplete.
-64833_main_SECONDS=%d seconds
+64833_main_MSG_ADDING=Adding item #%d
-64834_main_MSG_SPD_LIMIT_SING=Speed limit for single address
+64834_main_MSG_INV_FILENAME=Invalid filename
-64835_main_MSG_SPD_LIMIT=Speed limit
+64835_main_MSG_DELETE=Delete?
-64836_main_MSG_AUTO_SAVE=Auto-save %s
+64836_main_AUTOSAVE=Auto save every: 
-64837_main_MSG_AUTO_SAVE_LONG=Auto-save %s.\^Specify in seconds.\^Leave blank to disable.
+64837_main_SECONDS=%d seconds
-64838_main_MSG_MIN=We don't accept less than %d
+64838_main_MSG_SPD_LIMIT_SING=Speed limit for single address
-64839_main_MSG_BAN=Your ban configuration may have been screwed up.\^Please verify it.
+64839_main_MSG_SPD_LIMIT=Speed limit
-64840_main_MSG_CANT_SAVE_OPT=Can't save options there.\^Should I try to save to user registry?
+64840_main_MSG_AUTO_SAVE=Auto-save %s
-64841_main_MSG_UPD_SAVE_ERROR=Cannot save the update
+64841_main_MSG_AUTO_SAVE_LONG=Auto-save %s.\^Specify in seconds.\^Leave blank to disable.
-64842_main_MSG_UPD_REQ_ONLY1=The auto-update feature cannot work because it requires the "Only 1 instance" option enabled.\^\^Your browser will now be pointed to the update, so you can install it manually.
+64842_main_MSG_MIN=We don't accept less than %d
-64843_main_MSG_UPD_WAIT=Waiting for last requests to be served, then we'll update
+64843_main_MSG_BAN=Your ban configuration may have been screwed up.\^Please verify it.
-64844_main_MSG_UPD_DL=Downloading new version...
+64844_main_MSG_CANT_SAVE_OPT=Can't save options there.\^Should I try to save to user registry?
-64845_main_MSG_UPDATE=You are invited to use the new version.\^\^Update now?
+64845_main_MSG_UPD_SAVE_ERROR=Cannot save the update
-64846_main_MSG_REQUESTING=Requesting...
+64846_main_MSG_UPD_REQ_ONLY1=The auto-update feature cannot work because it requires the "Only 1 instance" option enabled.\^\^Your browser will now be pointed to the update, so you can install it manually.
-64847_main_MSG_CHK_UPD=Checking for updates
+64847_main_MSG_UPD_WAIT=Waiting for last requests to be served, then we'll update
-64848_main_MSG_LOG_UPL=Uploading %s
+64848_main_MSG_LOG_HEAD=Served head
-64849_main_MSG_LOG_UPLOADED=Fully uploaded %s - %s @ %sB/s
+64849_main_MSG_LOG_NOT_MOD=Not modified, use cache
-64850_main_MSG_LOG_UPL_FAIL=Upload failed %s
+64850_main_MSG_LOG_REDIR=Redirected to %s
-64851_main_MSG_LOG_DL=Fully downloaded - %s @ %sB/s - %s
+64851_main_MSG_LOG_NOT_SERVED=Not served: %d - %s
-64852_main_MSG_LOGIN_FAILED=Login failed
+64852_main_MSG_LOG_UPL=Uploading %s
-64853_main_MSG_MIN_DISK_REACHED=Minimum disk space reached.
+64853_main_MSG_LOG_UPLOADED=Fully uploaded %s - %s @ %sB/s
-64854_main_MSG_UPL_NAME_FORB=File name or extension forbidden.
+64854_main_MSG_LOG_UPL_FAIL=Upload failed %s
-64855_main_MSG_UPL_CANT_CREATE=Error creating file.
+64855_main_MSG_LOG_DL=Fully downloaded - %s @ %sB/s - %s
-64856_main_FINGERPRINT=Create fingerprint on addition under %d KB
+64856_main_MSG_LOGIN_FAILED=Login failed
-64857_main_NO_FINGERPRINT=Create fingerprint on addition: disabled
+64857_main_MSG_MIN_DISK_REACHED=Minimum disk space reached.
-64858_main_MSG_SAVE_VFS=Your current file system is not saved.\^Save it?
+64858_main_MSG_UPL_NAME_FORB=File name or extension forbidden.
-64859_main_MSG_INP_COMMENT=Please insert a comment for "%s".\^You should use HTML: <br> for break line.
+64859_main_MSG_UPL_CANT_CREATE=Error creating file.
-64860_main_MSG_FILE_ADD_ABORT=File addition was aborted.\^The list of files is incomplete.
+64860_main_FINGERPRINT=Create fingerprint on addition under %d KB
-64861_main_MSG_ADDING=Adding item #%d
+64861_main_NO_FINGERPRINT=Create fingerprint on addition: disabled
-64862_main_MSG_INV_FILENAME=Invalid filename
+64862_main_MSG_SAVE_VFS=Your current file system is not saved.\^Save it?
-64863_main_MSG_DELETE=Delete?
+64863_main_MSG_INP_COMMENT=Please insert a comment for "%s".\^You should use HTML: <br> for break line.
-64864_main_MSG_PORT_USED_BY=It is already used by %s
+64864_main_MSG_BAN_CMT=Ban comment
-64865_main_MSG_PORT_BLOCKED=Something is blocking, maybe your system firewall.
+64865_main_MSG_BAN_CMT_LONG=A comment for this ban...
-64866_main_MSG_KICK_ALL=There are %d connections open.\^Do you want to close them now?
+64866_main_MSG_BREAK_DYN_DNS=This option is NOT compatible with "dynamic dns updater".\^Continue?
-64867_main_MSG_TPL_INCOMPATIBLE=The template you are trying to load is not compatible with current HFS version.\^HFS will now use default template.\^Ask on the forum if you need further help.
+64867_main_MSG_CANT_OPEN_PORT=Cannot open port.
-64868_main_MSG_LOG_SERVER_START=Server start
+64868_main_MSG_PORT_USED_BY=It is already used by %s
-64869_main_MSG_LOG_SERVER_STOP=Server stop
+64869_main_MSG_PORT_BLOCKED=Something is blocking, maybe your system firewall.
-64870_main_MSG_LOG_CONNECTED=Connected
+64870_main_MSG_KICK_ALL=There are %d connections open.\^Do you want to close them now?
-64871_main_MSG_LOG_DISC_SRV=Disconnected by server
+64871_main_MSG_TPL_INCOMPATIBLE=The template you are trying to load is not compatible with current HFS version.\^HFS will now use default template.\^Ask on the forum if you need further help.
-64872_main_MSG_LOG_DISC=Disconnected
+64872_main_MSG_LOG_SERVER_START=Server start
-64873_main_MSG_LOG_GOT=Got %d bytes
+64873_main_MSG_LOG_SERVER_STOP=Server stop
-64874_main_MSG_LOG_BYTES_SENT=%s bytes sent
+64874_main_MSG_LOG_CONNECTED=Connected
-64875_main_MSG_LOG_SERVED=Served %s
+64875_main_MSG_LOG_DISC_SRV=Disconnected by server
-64876_main_MSG_LOG_HEAD=Served head
+64876_main_MSG_LOG_DISC=Disconnected
-64877_main_MSG_LOG_NOT_MOD=Not modified, use cache
+64877_main_MSG_LOG_GOT=Got %d bytes
-64878_main_MSG_LOG_REDIR=Redirected to %s
+64878_main_MSG_LOG_BYTES_SENT=%s bytes sent
-64879_main_MSG_LOG_NOT_SERVED=Not served: %d - %s
+64879_main_MSG_LOG_SERVED=Served %s
-64880_main_MSG_DDNS_nohost=specified hostname does not exist
+64880_main_MSG_DDNS_FAIL=DNS update failed: %s\^User intervention is required.
-64881_main_MSG_DDNS_notyours=specified hostname belongs to another username
+64881_main_MSG_DDNS_REPLY_SIZE=%d bytes reply
-64882_main_MSG_DDNS_numhost=too many or too few hosts found
+64882_main_MSG_DDNS_badauth=invalid user/password
-64883_main_MSG_DDNS_abuse=specified hostname is blocked for update abuse
+64883_main_MSG_DDNS_notfqdn=incomplete hostname, required form aaa.bbb.com
-64884_main_MSG_DDNS_dnserr=server error
+64884_main_MSG_DDNS_nohost=specified hostname does not exist
-64885_main_MSG_DDNS_911=server error
+64885_main_MSG_DDNS_notyours=specified hostname belongs to another username
-64886_main_MSG_DDNS_notdonator=an option specified requires payment
+64886_main_MSG_DDNS_numhost=too many or too few hosts found
-64887_main_MSG_DDNS_badagent=banned client
+64887_main_MSG_DDNS_abuse=specified hostname is blocked for update abuse
-64888_main_MSG_BAN_MASK=Ban IP mask
+64888_main_MSG_DDNS_dnserr=server error
-64889_main_MSG_IP_MASK_LONG=You can edit the address.\^Masks and ranges are allowed.
+64889_main_MSG_DDNS_911=server error
-64890_main_MSG_KICK_ADDR=There are %d open connections from this address.\^Do you want to kick them all now?
+64890_main_MSG_DDNS_notdonator=an option specified requires payment
-64891_main_MSG_BAN_ALREADY=This IP address is already banned
+64891_main_MSG_DDNS_badagent=banned client
-64892_main_MSG_BAN_CMT=Ban comment
+64892_main_MSG_BAN_MASK=Ban IP mask
-64893_main_MSG_BAN_CMT_LONG=A comment for this ban...
+64893_main_MSG_IP_MASK_LONG=You can edit the address.\^Masks and ranges are allowed.
-64894_main_MSG_BREAK_DYN_DNS=This option is NOT compatible with "dynamic dns updater".\^Continue?
+64894_main_MSG_KICK_ADDR=There are %d open connections from this address.\^Do you want to kick them all now?
-64895_main_MSG_CANT_OPEN_PORT=Cannot open port.
+64895_main_MSG_BAN_ALREADY=This IP address is already banned
-64896_main_MSG_NO_TEMP=Cannot save temporary file
+64896_main_MSG_ADDRESSES_EXCEED=The following addresses exceed the limit:\^%s
-64897_main_MSG_ERROR_REGISTRY=Can't write to registry.\^You may lack necessary rights.
+64897_main_MSG_NO_TEMP=Cannot save temporary file
-64898_main_MSG_MANY_ITEMS=You are putting many files.\^Try using real folders instead of virtual folders.\^Read documentation or ask on the forum for help.
+64898_main_MSG_ERROR_REGISTRY=Can't write to registry.\^You may lack necessary rights.
-64899_main_MSG_ADD_TO_HFS="Add to HFS" has been added to your Window's Explorer right-click menu.
+64899_main_MSG_MANY_ITEMS=You are putting many files.\^Try using real folders instead of virtual folders.\^Read documentation or ask on the forum for help.
-64900_main_MSG_SINGLE_INSTANCE=Sorry, this feature only works with the "Only 1 instance" option enabled.\^\^You can find this option under Menu -> Start/Exit\^(only in expert mode)
+64900_main_MSG_ADD_TO_HFS="Add to HFS" has been added to your Window's Explorer right-click menu.
-64901_main_MSG_COMM_ERROR=Network error. Request failed.
+64901_main_MSG_SINGLE_INSTANCE=Sorry, this feature only works with the "Only 1 instance" option enabled.\^\^You can find this option under Menu -> Start/Exit\^(only in expert mode)
-64902_main_MSG_DDNS_NO_REPLY=no reply
+64902_main_MSG_COMM_ERROR=Network error. Request failed.
-64903_main_MSG_DDNS_OK=successful
+64903_main_MSG_CON_PAUSED=paused
-64904_main_MSG_DDNS_UNK=unknown reply: %s
+64904_main_MSG_CON_SENT=%s / %s sent
-64905_main_MSG_DDNS_ERR=error: %s
+64905_main_MSG_CON_RECEIVED=%s / %s received
-64906_main_MSG_DDNS_REQ=DNS update requested for %s: %s
+64906_main_MSG_DDNS_NO_REPLY=no reply
-64907_main_MSG_DDNS_DOING=Updating dynamic DNS...
+64907_main_MSG_DDNS_OK=successful
-64908_main_MSG_DDNS_FAIL=DNS update failed: %s\^User intervention is required.
+64908_main_MSG_DDNS_UNK=unknown reply: %s
-64909_main_MSG_DDNS_REPLY_SIZE=%d bytes reply
+64909_main_MSG_DDNS_ERR=error: %s
-64910_main_MSG_DDNS_badauth=invalid user/password
+64910_main_MSG_DDNS_REQ=DNS update requested for %s: %s
-64911_main_MSG_DDNS_notfqdn=incomplete hostname, required form aaa.bbb.com
+64911_main_MSG_DDNS_DOING=Updating dynamic DNS...
-64912_main_MSG_MAX_SIM_ADDR{1}=Max simultaneous addresses
+64912_main_MSG_MAX_CON_SING=Max connections from single address
-64913_main_MSG_MAX_SIM_ADDR_DL=Max simultaneous addresses downloading
+64913_main_MSG_MAX_SIM_ADDR{1}=Max simultaneous addresses
-64766_main_MSG_MAX_SIM_DL_SING{2}=Max simultaneous downloads from single address
+64914_main_MSG_MAX_SIM_ADDR_DL=Max simultaneous addresses downloading
-64915_main_MSG_MAX_SIM_DL=Max simultaneous downloads
+64915_main_MSG_MAX_SIM_DL_SING{2}=Max simultaneous downloads from single address
-64916_main_MSG_SET_LIMIT=Set limit
+64916_main_MSG_MAX_SIM_DL=Max simultaneous downloads
-64917_main_MSG_UNPROTECTED_LINKS=Links are NOT actually protected.\^The feature is there to be used with the "list protected items only..." option.\^Continue?
+64917_main_MSG_SET_LIMIT=Set limit
-64918_main_MSG_SAME_NAME=An item with the same name is already present in this folder.\^Continue?
+64918_main_MSG_UNPROTECTED_LINKS=Links are NOT actually protected.\^The feature is there to be used with the "list protected items only..." option.\^Continue?
-64919_main_MSG_CONTINUE=Continue?
+64919_main_MSG_SAME_NAME=An item with the same name is already present in this folder.\^Continue?
-64920_main_MSG_PROCESSING=Processing...
+64920_main_MSG_CONTINUE=Continue?
-64921_main_MSG_SPEED_KBS=%.1f kB/s
+64921_main_MSG_PROCESSING=Processing...
-64922_main_MSG_OPTIONS_SAVED=Options saved
+64922_main_MSG_SPEED_KBS=%.1f kB/s
-64923_main_MSG_SOME_LOCKED=Some items were not affected because locked
+64923_main_MSG_OPTIONS_SAVED=Options saved
-64924_main_MSG_ITEM_LOCKED=The item is locked
+64924_main_MSG_SOME_LOCKED=Some items were not affected because locked
-64925_main_MSG_INVALID_VALUE=Invalid value
+64925_main_MSG_ITEM_LOCKED=The item is locked
-64926_main_MSG_EMPTY_NO_LIMIT=Leave blank to get no limits.
+64926_main_MSG_INVALID_VALUE=Invalid value
-64927_main_MSG_ADDRESSES_EXCEED=The following addresses exceed the limit:\^%s
+64927_main_MSG_EMPTY_NO_LIMIT=Leave blank to get no limits.
-64935_optionsDlg_MSG_INVERT_BAN=Normal behavior of the Ban is to prevent access to the addresses you specify (also called black-list).\^If you want the opposite, to allow the addresses that you specify (white-list), enter all addresses in a single row preceded by a \ character.\^\^Let say you want to allow all your 192.168 local network plus your office at 1.1.1.1.\^Just put this IP address mask: \192.168.*;1.1.1.1\^The opening \ character inverts the logic, so everything else is banned.\^\^If you want to know more about address masks, check the guide.
+64935_classesLib_MSG_ANTIDOS_REPLY=Please wait, server busy
-64936_main_S_PORT_LABEL=Port: %s
+64936_optionsDlg_MSG_INVERT_BAN=Normal behavior of the Ban is to prevent access to the addresses you specify (also called black-list).\^If you want the opposite, to allow the addresses that you specify (white-list), enter all addresses in a single row preceded by a \ character.\^\^Let say you want to allow all your 192.168 local network plus your office at 1.1.1.1.\^Just put this IP address mask: \192.168.*;1.1.1.1\^The opening \ character inverts the logic, so everything else is banned.\^\^If you want to know more about address masks, check the guide.
-64937_main_S_PORT_ANY=any
+64937_main_S_PORT_LABEL=Port: %s
-64938_main_DISABLED=disabled
+64938_main_S_PORT_ANY=any
-64939_main_S_OK=Ok
+64939_main_DISABLED=disabled
-64940_main_MSG_MENU_VAL= (%s)
+64940_main_S_OK=Ok
-64941_main_MSG_DL_TIMEOUT{1}=No downloads timeout
+64941_main_MSG_MENU_VAL= (%s)
-64942_main_MSG_MAX_CON=Max connections
+64942_main_MSG_DL_TIMEOUT{1}=No downloads timeout
-64943_main_MSG_MAX_CON_SING=Max connections from single address
+64943_main_MSG_MAX_CON=Max connections
 65046_OverbyteIcsHttpContCod_ERR_GETCODING_OVERRIDE=GetCoding must be overridden in %s
 65088_OverbyteIcsCharsetUtils_sHebrewISOVisual=Hebrew (ISO-Visual)
 65089_OverbyteIcsCharsetUtils_sHebrewWindows=Hebrew (Windows)
--- a/hslib.pas
+++ b/hslib.pas
@ -1,5 +1,5 @@
 {
-Copyright (C) 2002-2014 Massimo Melina (www.rejetto.com)
+Copyright (C) 2002-2020 Massimo Melina (www.rejetto.com)
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@ -19,6 +19,7 @@ Copyright (C) 2002-2014 Massimo Melina (www.rejetto.com)
 HTTP Server Lib
 ==== TO DO
 * https
 * upload bandwidth control (can it be done without multi-threading?)
 }
@ -156,6 +157,7 @@ type
    P_requestCount: integer;
    P_destroying: boolean;  // destroying is in progress
    P_sndBuf: integer;
    P_v6: boolean;
    persistent: boolean;
    disconnecting: boolean; // disconnected() has been called
    lockCount: integer;     // prevent freeing of the object
@ -219,6 +221,7 @@ type
    function  initInputStream():boolean;
    property address:string read P_address;      // other peer ip address
    property port:string read P_port;            // other peer port
    property v6:boolean read P_v6;
    property requestCount:integer read P_requestCount;
    property bytesToSend:int64 read getBytesToSend;
    property bytesToPost:int64 read getBytesToPost;
@ -290,7 +293,7 @@ const
  MINIMUM_CHUNK_SIZE = 2*1024;
  MAXIMUM_CHUNK_SIZE = 1024*1024;
  HRM2CODE: array [ThttpReplyMode] of integer = (200, 200, 403, 401, 404, 400,
-  	500, 0, 0, 405, 302, 503, 413, 301, 304 );
+  	500, 0, 0, 405, 302, 429, 413, 301, 304 );
  METHOD2STR: array [ThttpMethod] of ansistring = ('UNK','GET','POST','HEAD');
  HRM2STR: array [ThttpReplyMode] of ansistring = ('Head+Body', 'Head only', 'Deny',
    'Unauthorized', 'Not found', 'Bad request', 'Internal error', 'Close',
@ -350,7 +353,7 @@ const
    '',
    '405 - Method not allowed',
    '<html><head><meta http-equiv="refresh" content="url=%url%" /></head><body onload=''window.location="%url%"''>302 - <a href="%url%">Redirection to %url%</a></body></html>',
-    '503 - Server is overloaded, retry later',
+    '429 - Server is overloaded, retry later',
    '413 - The request has exceeded the max length allowed',
    '301 - Moved permanently to <a href="%url%">%url%</a>',
    '' // RFC2616: The 304 response MUST NOT contain a message-body
@ -576,7 +579,8 @@ if url = '' then
 encodeHTML:=[];
 if nonascii then
  encodeHTML:=[#128..#255];
-encodePerc:=[#0..#31,'#','%','?','"','''','&','<','>',':'];
+encodePerc:=[#0..#31,'#','%','?','"','''','&','<','>',':',
  ',',';']; // these for content-disposition
 // actually ':' needs encoding only in relative url
 if spaces then include(encodePerc,' ');
 if not htmlEncoding then
@ -873,7 +877,6 @@ end; // timerEvent
 procedure ThttpSrv.notify(ev:ThttpEvent; conn:ThttpConn);
 begin
 if not assigned(onEvent) then exit;
 //if assigned(sock) then sock.pause();
 if assigned(conn) then
  begin
  inc(conn.lockCount);
@ -978,6 +981,7 @@ limiters:=TObjectList.create;
 limiters.ownsObjects:=FALSE;
 P_address:=sock.GetPeerAddr();
 P_port:=sock.GetPeerPort();
 P_v6:=pos(':', address) > 0;
 state:=HCS_IDLE;
 srv:=server;
 srv.conns.add(self);
@ -1595,7 +1599,7 @@ end; // initInputStream
 function ThttpConn.sendNextChunk(max:integer=MAXINT):integer;
 var
-  n: int64;
+  n, toSend: int64;
  buf: ansistring;
 begin
 result:=0;
@ -1607,7 +1611,8 @@ if (n = 0) or (bytesSentLastItem = 0) then n:=max;
 if n > MAXIMUM_CHUNK_SIZE then n:=MAXIMUM_CHUNK_SIZE;
 if n < MINIMUM_CHUNK_SIZE then n:=MINIMUM_CHUNK_SIZE;
 if n > max then n:=max;
-if n > bytesToSend then n:=bytesToSend;
+toSend:=bytesToSend;
 if n > toSend then n:=toSend;
 if n = 0 then exit;
 setLength(buf, n);
 n:=stream.read(buf[1], n);
--- a/main.dfm
+++ b/main.dfm
@ -2963,10 +2963,6 @@ object mainFrm: TmainFrm
        AutoCheck = True
        Caption = 'Enable macros.log'
      end
      object Appendmacroslog1: TMenuItem
        AutoCheck = True
        Caption = 'Append macros.log'
      end
      object Runscript1: TMenuItem
        Caption = 'Run script...'
        OnClick = Runscript1Click
--- a/main.pas
+++ b/main.pas
@ -1,5 +1,5 @@
 {
-Copyright (C) 2002-2014  Massimo Melina (www.rejetto.com)
+Copyright (C) 2002-2020  Massimo Melina (www.rejetto.com)
 This file is part of HFS ~ HTTP File Server.
@ -17,7 +17,6 @@ This file is part of HFS ~ HTTP File Server.
    along with HFS; if not, write to the Free Software
    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 }
 {$A+,B-,C+,E-,F-,G+,H+,I-,J+,K-,L+,M-,N+,O+,P+,Q-,R-,S-,T-,U-,V+,X+,Y+,Z1}
 {$INCLUDE defs.inc }
 unit main;
@ -36,8 +35,8 @@ uses
  HSlib, traylib, monoLib, progFrmLib, classesLib;
 const
-  VERSION = '2.4.0 beta9';
+  VERSION = '2.4.0 RC8';
-  VERSION_BUILD = '311';
+  VERSION_BUILD = '320';
  VERSION_STABLE = {$IFDEF STABLE } TRUE {$ELSE} FALSE {$ENDIF};
  CURRENT_VFS_FORMAT :integer = 1;
  CRLF = #13#10;
@ -160,6 +159,9 @@ resourcestring
  MSG_ENABLED =   'Option enabled';
  MSG_DISABLED = 'Option disabled';
  MSG_COMM_ERROR = 'Network error. Request failed.';
  MSG_CON_PAUSED = 'paused';
  MSG_CON_SENT = '%s / %s sent';
  MSG_CON_RECEIVED = '%s / %s received';
 type
  Pboolean = ^boolean;
@ -669,7 +671,6 @@ type
    Speedlimitforsingleaddress1: TMenuItem;
    macrosLogChk: TMenuItem;
    Debug1: TMenuItem;
    Appendmacroslog1: TMenuItem;
    preventStandbyChk: TMenuItem;
    titlePnl: TPanel;
    HTMLtemplate1: TMenuItem;
@ -1366,8 +1367,10 @@ begin result:=reMatch(txt, '^'+quoteRegExprMetaChars(quoteIfAnyChar(' ',name)),
 type
  TfileListing = class
    actualCount: integer;
  public
    dir: array of Tfile;
    timeout: TDateTime;
    ignoreConnFilter: boolean;
    constructor create();
    destructor Destroy; override;
@ -1518,16 +1521,13 @@ end; // loadIon
 function TfileListing.fromFolder(folder:Tfile; cd:TconnData;
  recursive:boolean=FALSE; limit:integer=-1; toSkip:integer=-1; doClear:boolean=TRUE):integer;
 var
  actualCount: integer;
  seeProtected, noEmptyFolders, forArchive: boolean;
  filesFilter, foldersFilter, urlFilesFilter, urlFoldersFilter: string;
  procedure recurOn(f:Tfile);
  begin
  if not f.isFolder() then exit;
  setLength(dir, actualCount);
  toSkip:=fromFolder(f, cd, TRUE, limit, toSkip, FALSE);
  actualCount:=length(dir);
  end; // recurOn
  procedure addToListing(f:Tfile);
@ -1541,7 +1541,11 @@ var
  else
    begin
    if actualCount >= length(dir) then
-      setLength(dir, actualCount+100);
+      begin
      setLength(dir, actualCount+1000);
      if actualCount > 0 then
        mainfrm.setStatusBarText(format('Listing files: %s',[dotted(actualCount)]));
      end;
    dir[actualCount]:=f;
    inc(actualCount);
    end;
@ -1660,6 +1664,8 @@ this would let us have "=" inside the names, but names cannot be assigned
        repeat
        application.ProcessMessages();
        cd.lastActivityTime:=now();
        if (timeout > 0) and (cd.lastActivityTime > timeout) then
          break;
        // we don't list these entries
        if (sr.name = '.') or (sr.name = '..')
        or isCommentFile(sr.name) or isFingerprintFile(sr.name) or sameText(sr.name, DIFF_TPL_FILE)
@ -1720,8 +1726,7 @@ this would let us have "=" inside the names, but names cannot be assigned
    sr: TSearchRec;
    n: Ttreenode;
  begin
-  { this folder has been dinamically generated, thus the node is not actually
+  // this folder has been dinamically generated, thus the node is not actually its own... skip
  { its own... skip }
  if folder.isTemp() then exit;
  // include (valid) items from the VFS branch
@ -1786,7 +1791,8 @@ this would let us have "=" inside the names, but names cannot be assigned
 begin
 result:=toSkip;
-if doClear then dir:=NIL;
+if doClear then
  actualCount:=0;
 if not folder.isFolder()
 or not folder.accessFor(cd)
@ -1804,7 +1810,6 @@ if assigned(cd) then
    toSkip:=max(0, pred(strToIntDef(par('page'), 1))*limit);
  end;
 actualCount:=length(dir);
 folder.getFiltersRecursively(filesFilter, foldersFilter);
 if assigned(cd) and not ignoreConnFilter then
  begin
@ -1828,7 +1833,10 @@ try
  if folder.isRealFolder() and not (FA_HIDDENTREE in folder.flags) and allowedTo(folder) then
    includeFilesFromDisk();
  includeItemsFromVFS();
-finally setLength(dir, actualCount) end;
+finally
  if doClear then
    setLength(dir, actualCount)
  end;
 result:=toSkip;
 end; // fromFolder
@ -3458,7 +3466,6 @@ end; // shouldRecur
 function Tmainfrm.getFolderPage(folder:Tfile; cd:TconnData; otpl:Tobject):string;
 // we pass the Tpl parameter as Tobject because symbol Ttpl is not defined yet
 var
  baseurl, list, fileTpl, folderTpl, linkTpl: string;
  table: TStringDynArray;
@ -3609,17 +3616,18 @@ var
 var
  i, n: integer;
  f: Tfile;
  useList: boolean;
  mainSection: PtplSection;
  antiDos: TantiDos;
 begin
 result:='';
 if (folder = NIL) or not folder.isFolder() then exit;
 if macrosLogChk.checked and not appendmacroslog1.checked then
  resetLog();
 diffTpl:=Ttpl.create();
 folder.lock();
 try
  buildTime:=now();
-  cd.conn.addHeader('Cache-Control: no-cache, no-store, must-revalidate, max-age=-1');
+  cd.conn.setHeaderIfNone('Cache-Control: no-cache, no-store, must-revalidate, max-age=-1');
  recur:=shouldRecur(cd);
  baseurl:=protoColon()+getSafeHost(cd)+folder.url(TRUE);
@ -3634,6 +3642,15 @@ try
  if otpl <> filelistTpl then
    diffTpl.fullText:=folder.getRecursiveDiffTplAsStr();
  mainSection:=diffTpl.getSection('');
  if mainSection = NIL then
    exit;
  useList:=not mainSection.noList;
  antiDos:=TantiDos.create();
  if useList and not antiDos.accept(cd.conn, cd.address) then
    exit(cd.conn.reply.body);
  fullEncode:=FALSE;
  ofsRelUrl:=length(folder.url(fullEncode))+1;
  ofsRelItemUrl:=length(folder.pathTill())+1;
@ -3651,6 +3668,8 @@ try
  result:=diffTpl['special:begin'];
  tryApplyMacrosAndSymbols(result, md, FALSE);
  if useList then
    begin
    // cache these values
    fileTpl:=xtpl(diffTpl['file'], table);
    folderTpl:=xtpl(diffTpl['folder'], table);
@ -3684,7 +3703,7 @@ try
        else
          inc(numberFiles);
        end;
-    {TODO this symbols will be available when executing macros in handleItem. Having
+      {TODO these symbols will be available when executing macros in handleItem. Having
        them at this stage is useful only in case immediate calculations are required.
        This may happen seldom, but maybe some template is using it since we got this here.
        Each symbols is an extra iteration on the template piece and we may be tempted
@ -3720,12 +3739,17 @@ try
    if cd.conn.state = HCS_DISCONNECTED then exit;
    // build final page
-  if not oneAccessible then md.archiveAvailable:=FALSE;
+    if not oneAccessible then
      md.archiveAvailable:=FALSE;
    end
  else
    list:='';
  md.table:=table;
  addArray(md.table, [
    '%list%',list
  ]);
-  result:=diffTpl[''];
+  result:=mainSection.txt;
  md.f:=NIL;
  md.afterTheList:=TRUE;
  try tryApplyMacrosAndSymbols(result, md)
@ -3735,6 +3759,7 @@ try
  result:=replaceText(result, '%build-time%',
    floatToStrF((now()-buildTime)*SECONDS, ffFixed, 7,3) );
 finally
  freeAndNIL(antiDos);
  folder.unlock();
  diffTpl.free;
  end;
@ -3981,9 +4006,9 @@ if result then
  conn.reply.mode:=HRM_NOT_MODIFIED;
  exit;
  end;
-conn.addHeader('ETag: '+UTF8encode(etag));
+conn.setHeaderIfNone('ETag: '+UTF8encode(etag));
 if ts > '' then
-  conn.addHeader('Last-Modified: '+UTF8encode(ts));
+  conn.setHeaderIfNone('Last-Modified: '+UTF8encode(ts));
 end; // notModified
 function notModified(conn:ThttpConn; f:string):boolean; overload;
@ -4179,11 +4204,13 @@ if lines = '' then
 else
  rest:=reReplace(lines, '^', '> ')+CRLF;
 addr:='';
 if assigned(cd) and assigned(cd.conn) then
  addr:=nonEmptyConcat('', cd.user, '@')
-    +cd.address+':'+cd.conn.port
+    +ifThen(cd.conn.v6, '['+cd.address+']', cd.address)
-    +nonEmptyConcat(' {', localDNSget(cd.address), '}');
+    +':'+cd.conn.port
    +nonEmptyConcat(' {', localDNSget(cd.address), '}')
 else
  addr:='';
 if (logFile.filename > '') and (logFile.apacheFormat = '') then
  begin
@ -4412,7 +4439,7 @@ end; // apacheLogCb
 procedure removeFilesFromComments(files:TStringDynArray);
 var
  fn, lastPath, path: string;
-  trancheStart, trancheEnd: integer; // the tranche is a window within 'files' of items sharing the same path
+  trancheStart, trancheEnd: integer; // the tranche is a window within 'selection' of items sharing the same path
  ss: TstringList;
  procedure doTheTranche();
@ -4511,13 +4538,17 @@ resourcestring
  MSG_TPL_INCOMPATIBLE = 'The template you are trying to load is not compatible with current HFS version.'
    +#13'HFS will now use default template.'
    +#13'Ask on the forum if you need further help.';
 var
  sec: PtplSection;
 begin
 result:=FALSE; // mod by mars
 //patch290();
 if trim(text) = trim(defaultTpl.fullText) then
  text:='';
 tpl.fullText:=text;
-if tpl.sectionExist('unauthorized') then
+sec:=tpl.getSection('api level', FALSE);
 if (text>'')
 and ((sec=NIL) or (strToIntDef(sec.txt.trim,0) < 2)) then
  begin
  tpl.fullText:='';
  tplFilename:='';
@ -4909,7 +4940,7 @@ var
  var s:ansistring;
  begin
  s:=ansistring(HSlib.encodeURL(data.lastFN));
-  conn.addHeader( ansistring('Content-Disposition: '+if_(attach, 'attachment; ')
+  conn.setHeaderIfNone( ansistring('Content-Disposition: '+if_(attach, 'attachment; ')
    +'filename*=UTF-8'''''+s+'; filename='+s));
  end;
@ -4942,6 +4973,7 @@ var
        data.session:=sessions[sid];
        if data.session.ip <> conn.address then
          begin
          conn.delCookie(SESSION_COOKIE); // legitimate clients that changed address must clear their cookie, or they will be stuck with this invalid session
          conn.reply.mode:=HRM_DENY;
          result:=FALSE;
          exit;
@ -4976,15 +5008,28 @@ var
  begin
  result:=NIL;
  for i:=0 to data.postvars.count-1 do
-    if sameText('files', data.postvars.names[i]) then
+    if sameText('selection', data.postvars.names[i]) then
      addString(getTill('#', data.postvars.valueFromIndex[i]), result) // omit #anchors
  end; // getFilesSelection
  function possibleCSRF():boolean;
  var s: string;
  begin
  s:= conn.getHeader('origin');
  result:=(s > '') and not s.endsWith( conn.getHeader('Host'))
  end; // possibleCSRF
  procedure serveTar();
  var
    tar: TtarStream;
    nofolders, selection, itsAsearch: boolean;
    procedure addToTar(src,dst:string);
    begin
    if not selection or not tar.contains(src) then
      tar.addFile(src, dst);
    end;
    procedure addFolder(f:Tfile; ignoreConnFilters:boolean=FALSE);
    var
      i, ofs: integer;
@ -4997,6 +5042,7 @@ var
    listing:=TfileListing.create();
    try
      listing.ignoreConnFilter:=ignoreConnFilters;
      listing.timeout:= now()+1/MINUTES;
      listing.fromFolder( f, data, shouldRecur(data));
      fIsTemp:=f.isTemp();
      ofs:=length(f.resource)-length(f.name)+1;
@ -5018,7 +5064,7 @@ var
        else
          s:=fi.pathTill(f.parent); // we want the path to include also f, so stop at f.parent
-        tar.addFile(fi.resource, s);
+        addToTar(fi.resource, s);
        end
    finally listing.free end;
    end; // addFolder
@ -5053,11 +5099,13 @@ var
            t:=substr(s, lastDelimiter('\/', s)+1)
          else
            t:=s;
-          tar.addFile(ft.resource, t);
+          addToTar(ft.resource, t);
        finally freeIfTemp(ft) end;
        end;
    end; // addSelection
  var
    antiDos: TantiDos;
  begin
  if not f.hasRecursive(FA_ARCHIVABLE) then
    begin
@ -5073,12 +5121,17 @@ var
  noFolders:=not stringExists(data.postVars.values['nofolders'], ['','0','false']);
  itsAsearch:=data.urlvars.values['search'] > '';
-  tar:=TtarStream.create(); // this is freed by ThttpSrv
+  antiDos:=TantiDos.create;
  try
    tar:=TtarStream.create();
    try
      tar.fileNamesOEM:=oemTarChk.checked;
      addSelection();
      if not selection then
-      addFolder(f);
+        if antiDos.accept(data.conn, data.address) then
          addFolder(f)
        else
          exit;
      if tar.count = 0 then
        begin
@ -5091,7 +5144,7 @@ var
      conn.reply.mode:=HRM_REPLY;
      conn.reply.contentType:=DEFAULT_MIME;
      conn.reply.bodyMode:=RBM_STREAM;
-    conn.reply.bodyStream:=tar;
+      conn.reply.bodyStream:=tar; // it will be freed by ThttpSrv
      if f.name = '' then exit; // can this really happen?
      data.lastFN:=if_(f.name='/', 'home', f.name)
@ -5104,7 +5157,10 @@ var
      ]), data.lastFN);
      if not noContentdispositionChk.checked then
        addContentDisposition();
-  except tar.free end;
+    except tar.free
      end;
  finally freeAndNIL(antiDos)
    end;
  end; // serveTar
  procedure checkCurrentAddress();
@ -5182,6 +5238,7 @@ var
    if conn.reply.contentType = '' then
      conn.reply.contentType:=ansistring(if_(trim(getTill('<', s))='', 'text/html', 'text/plain'))+'; charset=utf-8';
    if conn.reply.mode = HRM_IGNORE then
      conn.reply.mode:=HRM_REPLY;
    conn.reply.bodyMode:=RBM_STRING;
    conn.reply.body:=UTF8encode(s);
@ -5195,7 +5252,9 @@ var
    begin
    if (conn.request.method <> HM_POST)
    or (data.postVars.values['action'] <> 'delete')
-    or not accountAllowed(FA_DELETE, data, f) then exit;
+    or not accountAllowed(FA_DELETE, data, f)
    or possibleCSRF()
    then exit;
    doneRes:=NIL;
    errors:=NIL;
@ -5283,8 +5342,32 @@ var
    data.user:=acc.user;
    data.pwd:=acc.pwd;
    data.session.redirect:='.';
    runEventScript('login')
    end; //urlAuth
    function thumb():Boolean;
    var
      b: rawbytestring;
      s, e: integer;
    begin
    if mode <> 'thumb' then
      exit(FALSE);
    result:=TRUE;
    b:=loadFile(f.resource, 0, 96*KILO);
    s:= pos(rawbytestring(#$FF#$D8#$FF), b, 2);
    if s > 0 then
      e:=pos(rawbytestring(#$FF#$D9), b, s);
    if (s=0) or (e=0) then
      begin
      data.conn.reply.mode:=HRM_NOT_FOUND;
      exit;
      end;
    conn.reply.contentType:='image/jpeg';
    conn.reply.mode:=HRM_REPLY;
    conn.reply.bodyMode:=RBM_STRING;
    conn.reply.body:=Copy(b, s, e-s+2);
    end;
  var
    b: boolean;
    s: string;
@ -5342,6 +5425,13 @@ var
    end;
  runEventScript('pre-filter-request');
  if conn.disconnectedByServer then
    exit;
  if data.disconnectReason > '' then
    begin
    getPage('deny', data);
    exit;
    end;
  if (length(conn.request.user) > 100) or anycharIn('/\:?*<>|', conn.request.user) then
    begin
@ -5396,12 +5486,17 @@ var
        end
      else
        s:='bad password'; //TODO shouldn't this change http code?
    if s='ok' then
      runEventScript('login')
    else
      runEventScript('unauthorized');
    replyWithString(s);
    exit;
    end;
  s:=urlAuth();
  if s > '' then
    begin
    runEventScript('unauthorized');
    conn.reply.mode:=HRM_DENY;
    replyWithString(s);
    exit;
@ -5425,6 +5520,12 @@ var
  if conn.reply.mode = HRM_REDIRECT then
    exit;
  lastActivityTime:=now();
  if conn.request.method = HM_HEAD then
    conn.reply.mode:=HRM_REPLY_HEADER
  else
    conn.reply.mode:=HRM_REPLY;
  if ansiStartsStr('/~img', url) then
    begin
    if not sendPic(data) then
@ -5465,7 +5566,7 @@ var
    url:=chop(lastDelimiter('/', urlCmd)+1, 0, urlCmd);
    // we know an urlCmd must begin with ~
    // favicon is handled as an urlCmd: we provide HFS icon.
-    // an non-existent ~file will be detected a hundred lines below.
+    // a non-existent ~file will be detected a hundred lines below.
    if ansiStartsStr('~', urlCmd) or (urlCmd = 'favicon.ico') then
      f:=findFileByURL(url);
    end;
@ -5541,16 +5642,16 @@ var
  if (s > '') and f.isFolder() and not ansiStartsText('special:', s) then
    with tplFromFile(f) do // temporarily builds from diff tpls
      try
        // NB: section [] is not accessible, because of the s>'' test
        section:=getsection(s);
-        if assigned(section) and not section.nourl then // it has to exist and be accessible 
+        if assigned(section) and section.public then // it has to exist and be accessible
          begin
          if not section.cache
          or not notModified(conn, s+floatToStr(section.ts), '') then
            getPage(s, data, f, me());
          exit;
          end;
-      finally free end;
+      finally free
        end;
  if f.isFolder() and not (FA_BROWSABLE in f.flags)
  and stringExists(urlCmd,['','~folder.tar','~files.lst']) then
@ -5577,6 +5678,8 @@ var
  if ansiStartsStr('~files.lst', urlCmd)
  or f.isFolder() and (data.urlvars.values['tpl'] = 'list') then
    begin
    if conn.reply.mode=HRM_REPLY_HEADER then
      exit;
    // load from external file
    s:=cfgPath+FILELIST_TPL_FILE;
    if newMtime(s, lastFilelistTpl) then
@ -5603,19 +5706,12 @@ var
    exit;
    end;
  case conn.request.method of
    HM_GET, HM_POST:
      begin
      conn.reply.mode:=HRM_REPLY;
      lastActivityTime:=now();
      end;
    HM_HEAD: conn.reply.mode:=HRM_REPLY_HEADER;
    end;
  data.lastFile:=f; // auto-freeing
  if f.isFolder() then
    begin
    if conn.reply.mode=HRM_REPLY_HEADER then
      exit;
    deletion();
    if sessionRedirect() then
      exit;
@ -5631,6 +5727,9 @@ var
  if notModified(conn, f) then // calling notModified before limitsExceededOnDownload makes possible for [download] to manipualate headers set here
    exit;
  if thumb() then
    Exit;
  data.countAsDownload:=f.shouldCountAsDownload();
  if data.countAsDownload and limitsExceededOnDownload() then
    exit;
@ -5915,7 +6014,7 @@ case event of
    refreshConn(data);
    end;
-  HE_POST_VAR: data.postVars.add(conn.post.varname+'='+conn.post.data);
+  HE_POST_VAR: data.postVars.add(conn.post.varname+'='+UTF8toString(conn.post.data));
  HE_POST_VARS:
    if conn.post.mode = PM_URLENCODED then
      urlToStrings(conn.post.data, data.postVars);
@ -7786,7 +7885,12 @@ finally freeAndNIL(info) end;
 end; // autoCheckUpdates
 procedure loadEvents();
-begin eventScripts.fullText:=loadTextFile(cfgpath+EVENTSCRIPTS_FILE) end;
+begin
 if not newMtime(cfgpath+EVENTSCRIPTS_FILE, eventScriptsLast) then
  exit;
 eventScripts.fullText:=loadTextFile(cfgpath+EVENTSCRIPTS_FILE);
 runEventScript('init');
 end;
 procedure Tmainfrm.updateCopyBtn();
 resourcestring
@ -8014,10 +8118,10 @@ var
        if userSocketBuffer > 0 then
          data.conn.sndBuf:=userSocketBuffer
-        else
+        else if highSpeedChk.checked then
          begin
          size:=minmax(8192, MEGA, round(data.averageSpeed));
-          if highSpeedChk.checked and (safeDiv(0.0+size, data.conn.sndbuf, 2) > 2) then
+          if safeDiv(0.0+size, data.conn.sndbuf, 2) > 2 then
            data.conn.sndBuf:=size;
          end;
        end;
@ -8043,8 +8147,6 @@ var
  updateCopyBtn();
  keepTplUpdated();
  updateCurrentCFG();
  if newMtime(cfgpath+EVENTSCRIPTS_FILE, eventScriptsLast) then
  loadEvents();
  if assigned(runScriptFrm) and runScriptFrm.visible
@ -8703,7 +8805,7 @@ procedure TmainFrm.appEventsShowHint(var HintStr: String; var CanShow: Boolean;
    +if_(f.isRealFolder() or f.isFile(), #13+format(MSG_VFS_PATH,[f.resource]));
  if f.isFile() then
    result:=result+format(#13+MSG_VFS_SIZE+#13+MSG_VFS_DLS,
-      [ smartsize(sizeofFile(f.resource)), f.DLcount ]);
+      [ smartsize(sizeofFile(f.resource)), dotted(f.DLcount) ]);
  s:=flagR(MSG_VFS_INVISIBLE, FA_HIDDENTREE, TRUE);
  if s = '' then s:=flag(MSG_VFS_INVISIBLE, FA_HIDDEN);
@ -8764,10 +8866,30 @@ procedure TmainFrm.appEventsShowHint(var HintStr: String; var CanShow: Boolean;
    MSG_CON_HINT = 'Connection time: %s'#13'Last request time: %s'#13'Agent: %s';
  var
    cd: TconnData;
    st: string;
  begin
  cd:=pointedConnection();
  if assigned(cd) then
-    result:=format(MSG_CON_HINT, [dateTimeToStr(cd.time), dateTimeToStr(cd.requestTime), first(cd.agent,'<unknown>')])
+    begin
    if isSendingFile(cd) then
      st:=format(MSG_CON_SENT, [
        dotted(cd.conn.bytesSentLastItem),
        dotted(cd.conn.bytesPartial)
      ])
    else if isReceivingFile(cd) then
      st:=format(MSG_CON_received, [
        dotted(cd.conn.bytesPosted),
        dotted(cd.conn.post.length)
      ])
    else
      st:='';
    result:=format(MSG_CON_HINT, [
      dateTimeToStr(cd.time),
      dateTimeToStr(cd.requestTime),
      first(cd.agent,'<unknown>')
    ])+nonEmptyConcat(#13,st);
    end
  else
    result:=if_(HintsForNewcomersChk.checked, 'This box shows info about current connections');
  end;
@ -9048,10 +9170,6 @@ var
  end;
  function getStatus():string;
  resourcestring
    MSG_CON_PAUSED = 'paused';
    MSG_CON_SENT = '%s / %s sent';
    MSG_CON_RECEIVED = '%s / %s received';
  begin
  if isSendingFile(data) then
    begin
@ -9059,16 +9177,16 @@ var
      result:=MSG_CON_PAUSED
    else
      result:=format(MSG_CON_SENT, [
-        dotted(data.conn.bytesSentLastItem),
+        smartsize(data.conn.bytesSentLastItem),
-        dotted(data.conn.bytesPartial)
+        smartsize(data.conn.bytesPartial)
      ]);
    exit;
    end;
  if isReceivingFile(data) then
    begin
    result:=format(MSG_CON_received, [
-      dotted(data.conn.bytesPosted),
+      smartsize(data.conn.bytesPosted),
-      dotted(data.conn.post.length)
+      smartsize(data.conn.post.length)
    ]);
    exit;
    end;
@ -9498,7 +9616,7 @@ resourcestring
    +#13'It is adviced to stop loading.'
    +#13'Stop?';
  MSG_BADCRC = 'This file is corrupted (CRC).';
-  MSG_NEWER='This file has been created with a newer and incompatible version.';
+  MSG_NEWER_INCOMP='This file has been created with a newer and incompatible version.';
  MSG_ZLIB = 'This file is corrupted (ZLIB).';
  MSG_BAKAVAILABLE = 'This file is corrupted but a backup is available.'#13'Continue with backup?';
@ -9585,7 +9703,7 @@ while not tlv.isOver() do
        after.resetLetBrowse:=TRUE;
        end;
      if (int_(data) > CURRENT_VFS_FORMAT)
-      and (msgDlg(MSG_NEWER+MSG_BETTERSTOP, MB_ICONERROR+MB_YESNO) = IDYES) then
+      and (msgDlg(MSG_NEWER_INCOMP+MSG_BETTERSTOP, MB_ICONERROR+MB_YESNO) = IDYES) then
        exit;
      end;
  	FK_CRC:
@ -9968,7 +10086,7 @@ end; // setGraphRate
 procedure TmainFrm.Maxconnections1Click(Sender: TObject);
 resourcestring
-  MSG_MAX_SIM = 'Max simultaneous connections to serve.'
+  MSG_MAX_CON_LONG = 'Max simultaneous connections to serve.'
    +#13'Most people don''t know this function well, and have problems. If you are unsure, please use the "Max simultaneous downloads".';
  MSG_WARN_CONN = 'In this moment there are %d active connections';
 var
@ -9976,7 +10094,7 @@ var
 begin
 if maxConnections > 0 then s:=intToStr(maxConnections)
 else s:='';
-if inputquery(MSG_SET_LIMIT, MSG_MAX_SIM+#13+MSG_EMPTY_NO_LIMIT, s) then
+if inputquery(MSG_SET_LIMIT, MSG_MAX_CON_LONG+#13+MSG_EMPTY_NO_LIMIT, s) then
 	try setMaxConnections(strToUInt(s))
  except msgDlg(MSG_INVALID_VALUE, MB_ICONERROR)
  end;
@ -10005,7 +10123,7 @@ end;
 procedure TmainFrm.Maxconnectionsfromsingleaddress1Click(Sender: TObject);
 resourcestring
-  MSG_MAX_SIM_SING = 'Max simultaneous connections to accept from a single IP address.'
+  MSG_MAX_CON_SING_LONG = 'Max simultaneous connections to accept from a single IP address.'
    +#13'Most people don''t know this function well, and have problems. If you are unsure, please use the "Max simultaneous downloads from a single IP address".';
 var
  s: string;
@ -10014,7 +10132,7 @@ var
 begin
 if maxConnectionsIP > 0 then s:=intToStr(maxConnectionsIP)
 else s:='';
-if inputquery(MSG_SET_LIMIT, MSG_MAX_SIM_SING+#13+MSG_EMPTY_NO_LIMIT, s) then
+if inputquery(MSG_SET_LIMIT, MSG_MAX_CON_SING_LONG+#13+MSG_EMPTY_NO_LIMIT, s) then
 	try setMaxConnectionsIP(strToUInt(s))
  except msgDlg(MSG_INVALID_VALUE, MB_ICONERROR)
  end;
@ -10029,8 +10147,6 @@ if assigned(addresses) then
 end;
 procedure TmainFrm.MaxDLsIP1Click(Sender: TObject);
 resourcestring
  MSG_MAX_SIM_DL_SING = 'Max simultaneous downloads from a single IP address.';
 var
  s: string;
  addresses: TStringDynArray;
@ -11373,7 +11489,7 @@ pt:=logbox.caretpos;
 if pt.y >= logbox.lines.count then
  exit;
 s:=logbox.lines[pt.y];
-s:=reGet(s, '^.+  (\S+@)?(\S+):\d+  ', 2);
+s:=reGet(s, '^.+  (\S+@)?\[?(\S+?)\]?:\d+  ', 2);
 if checkAddressSyntax(s,FALSE) then
  result:=s;
 end; // ipPointedInLog
@ -11784,7 +11900,6 @@ if menu.items.find(logmenu.items.caption) = NIL then
 SwitchON1.imageIndex:=if_(srv.active, 11, 4);
 SwitchON1.caption:=if_(srv.active, S_OFF, S_ON);
 Appendmacroslog1.Enabled:=macrosLogChk.checked;
 stopSpidersChk.Enabled:=not fileExistsByURL('/robots.txt');
 Showbandwidthgraph1.visible:=not graphBox.visible;
 if bakShellMenuText='' then
@ -12009,7 +12124,7 @@ tray:=TmyTrayicon.create(self);
 DragAcceptFiles(handle, true);
 caption:=format('HFS ~ HTTP File Server %s', [VERSION]);
 application.Title:=format('HFS %s', [VERSION]);
-setSpeedLimit(-1);
+setSpeedLimit(50000);
 setSpeedLimitIP(-1);
 setGraphRate(10);
 setMaxConnections(0);
@ -12715,7 +12830,10 @@ MIMEtypes:=toSA([
  '*.txt', 'text/plain',
  '*.css', 'text/css',
  '*.js',  'text/javascript',
-  '*.mkv', 'video/x-matroska'
+  '*.mkv', 'video/x-matroska',
  '*.mp3', 'audio/mp3',
  '*.mp4', 'video/mp4',
  '*.m3u8', 'application/x-mpegURL'
 ]);
 systemimages:=getSystemimages();
--- a/notes.txt
+++ b/notes.txt
@ -1,62 +0,0 @@
 === 4GB+ FILES DOWNLOAD SUPPORT 
 Reget Deluxe 4.1
 MetaProducts Download Express 1.7
 Getright
 Firefox 2.0
 === 2GB+ FILES UPLOAD SUPPORT
 firefox 3.0: no
 === HOW TO CREATE BIG FILES
 fsutil file createnew <filename> <filesize>
 === HOW TO DOWNLOAD WITH NO DISK ACTIVITY (SPEED TEST)
 create a big file as above
 then download this way: wget -q -O nul http://localhost/big
 === SUBMITTED TO
 www.nonags.com
 www.sharewareconnection.com
 === LISTED ON
 www.sofotex.com
 www.download3000.com
 www.onekit.com
 www.all4you.dk/FreewareWorld
 www.snapfiles.com
 sourceforge
 www.freedownloadscenter.com
 download.freenet.de
 www.softonic.com
 www.portablefreeware.com
 www.download.com
 www.freewarepub.org
 www.handyarchive.com
 www.softpedia.com
 www.acidfiles.com
 www.fileedge.com
 www.freewarepark.com
 === REVIEWS
 http://www.technospot.net/blogs/host-a-web-server-on-your-home-pc/
 http://www.snapfiles.com/get/hfs.html
 http://www.downloadsquad.com/2006/05/24/hft-quick-and-easy-http-file-server/
 http://www.caseytech.com/how-to-host-a-web-site-from-your-computer/
 http://www.chip.de/downloads/c1_downloads_29480524.html
 http://blog.pcserenity.com/2009/01/easy-conten-sharing-with-windows.html
 http://hfs.onehelp.ch
 http://www.lanacion.com.ar/nota.asp?nota_id=1148507
 http://blogmotion.fr/systeme/partage-windows-hfs-3947
 ita
 http://lafabbricadibyte.wordpress.com/2007/05/01/hfs-file-server-http-gratuito-per-windows/
 http://server.html.it/articoli/leggi/2335/hfs-file-sharing-via-http/
 === OTHER SOFTWARE BASED ON HFS
 http://www.wrinx.com/products/pfs/
  commercial, licensed
 http://www.powernetservers.com/pnwfs.php
  commercial, probably unlicensed
 === INSTALLABLE PLUGINS
 log links usage 
    http://www.rejetto.com/forum/index.php/topic,7765.msg1047258.html#msg1047258
--- a/scriptLib.pas
+++ b/scriptLib.pas
@ -1,5 +1,5 @@
 {
-Copyright (C) 2002-2012  Massimo Melina (www.rejetto.com)
+Copyright (C) 2002-2020  Massimo Melina (www.rejetto.com)
 This file is part of HFS ~ HTTP File Server.
@ -161,16 +161,18 @@ var
  procedure deprecatedMacro(what:string=''; instead:string='');
  begin mainfrm.add2log('WARNING, deprecated macro: '+first(what, name)+nonEmptyConcat(' - Use instead: ',instead), NIL, clRed) end;
  procedure unsatisfied(b:boolean=TRUE);
  begin
  if b then
    macroError('cannot be used here')
  end;
  function satisfied(p:pointer):boolean;
  begin
  result:=assigned(p);
-  if not result then
+  unsatisfied(not result);
    macroError('cannot be used here');
  end;
  procedure unsatisfied(b:boolean=TRUE);
  begin if b then macroError('cannot be used here') end;
  function parEx(idx:integer; name:string=''; doTrim:boolean=TRUE):string; overload;
  var
    i: integer;
@ -262,9 +264,9 @@ var
    result:=staticVars;
    delete(varname,1,length(G_VAR_PREFIX));
    end
-  else if satisfied(md.cd) then
+  else if assigned(md.cd) then
    result:=md.cd.vars
-  else if satisfied(md.tempVars) then
+  else if assigned(md.tempVars) then
    result:=md.tempVars
  else
    raise Exception.create('no namespace available');
@ -293,7 +295,7 @@ var
  if not satisfied(space) then exit;
  i:=space.indexOfName(varname);
  if i < 0 then
-    if value = '' then exit // all is good the way it is
+    if value = '' then exit(TRUE) // all is good the way it is
    else i:=space.add(varname+'='+value)
  else
    if value > '' then // in case of empty value, there's no need to assign, because we are going to delete it (after we cleared the bound object)
@ -660,16 +662,40 @@ var
  procedure inc_(v:integer=+1);
  begin
  try
    setVar(p, intToStr(strToIntDef(getVar(p),0)+v*parI(1,1)));
    result:='';
-  try setVar(p, intToStr(strToIntDef(getVar(p),0)+v*parI(1,1))) except end;
+  except
    end;
  end; // inc_
  procedure convert();
  var
    dst, s: string;
    c: ansichar;
  begin
-  if sameText(p, 'ansi') and sameText(par(1), 'utf-8') then
+  dst:=par(1);
-    result:=string(ansiToUTF8(ansistring(par(2))))
+  s:=par(2);
-  else if sameText(p, 'utf-8') and sameText(par(1), 'ansi') then
+  if sameText(p, 'ansi') and sameText(dst, 'utf-8') then
-    result:=utf8ToAnsi(ansistring(par(2)))
+    result:=string(ansiToUTF8(ansistring(s)))
  else if sameText(p, 'utf-8') then
    if sameText(dst, 'ansi') then
      result:=utf8ToAnsi(ansistring(s))
    else if dst='dec' then
      begin
      result:='';
      for c in UTF8encode(s) do
        result:=result+intToStr(ord(c))+',';
      setLength(result, length(result)-1);
      end
    else if dst='hex' then
      begin
      result:='';
      for c in UTF8encode(s) do
        result:=result+intToHex(ord(c));
      end;
  if isFalse(par('macros')) then
    result:=noMacrosAllowed(result);
  end; // convert
  procedure encodeuri();
@ -931,9 +957,9 @@ var
    i: integer;
  begin
  code:=macroDequote(par(pars.count-1));
  lines:=TStringList.create();
  with TfastStringAppend.create do
    try
      lines:=TStringList.create();
      lines.text:= getVar(par('var'));
      for line in lines do
        begin
@ -1206,19 +1232,19 @@ var
      'information=64'
    );
  var
-    i, j, code: integer;
+    code: integer;
    decode: TStringDynArray;
-    s: string;
+    s, d: string;
    buttons, icon: boolean;
  begin
  decode:=split(' ',par(1));
  code:=0;
-  for i:=0 to length(decode)-1 do
+  for d in decode do
-    for j:=1 to length(STR2CODE) do
+    for s in STR2CODE do
      if startsStr(d+'=', s) then
        begin
-      s:=STR2CODE[j];
+        inc(code, strToIntDef(substr(s, 2+d.length), 0));
-      if ansiStartsStr(decode[i], s) then
+        Break
        inc(code, strToIntDef(substr(s, 1+pos('=',s)), 0));
        end;
  buttons:=code AND 15 > 0;
  icon:=code SHR 4 > 0;
@ -1348,19 +1374,20 @@ var
  if not satisfied(space) then exit;
  // set the table variable as text
  v:=par(1);
  space.values[p]:=nonEmptyConcat('', space.values[p], CRLF)+v;
  // access the table object
  i:=space.indexOfName(p);
-  h:=space.objects[i] as THashedStringList;
+  if i < 0 then
  if h = NIL then
    begin
    h:=ThashedStringList.create();
-    space.objects[i]:=h;
+    space.AddPair(p, v, h);
-    end;
+    end
  else
    h:=space.objects[i] as THashedStringList;
  // fill the object
  k:=chop('=',v);
  v:=macroDequote(v);
  h.values[k]:=v;
  space.values[p]:=h.text;
  end; // setTable
  procedure disconnect();
@ -1453,7 +1480,8 @@ var
    exit;
    end;
  a:=findEnabledLinkedAccount(a, split(';',s));
-  if assigned(a) then result:=a.user;
+  if assigned(a) then
    result:=a.user;
  end; // memberOf
  procedure canArchive(f:Tfile);
@ -1913,9 +1941,15 @@ try
      disconnect();
    if name = 'stop server' then
      begin
      stopServer();
      exit('');
      end;
    if name = 'start server' then
      begin
      startServer();
      exit('');
      end;
    if name = 'focus' then
@ -1932,10 +1966,7 @@ try
      begin
      try
        if isFalse(parEx('if')) then
-          begin
+          exit('');
          result:='';
          exit;
          end;
      except end;
      result:=md.cd.disconnectReason; // return the previous state
      if pars.count > 0 then md.cd.disconnectReason:=p;
@ -1972,11 +2003,17 @@ try
    if name = 'base64' then
      result:=string(base64encode(UTF8encode(p)));
    if name = 'base64decode' then
      begin
      result:=utf8ToString(base64decode(ansistring(p)));
      if isFalse(par('macros')) then
        result:=noMacrosAllowed(result);
      end;
    if name = 'md5' then
      result:=strMD5(p);
    if name = 'sha1' then
      result:=strSHA1(p);
    if name = 'sha256' then
      result:=strSHA256(p);
    if name = 'vfs select' then
      if pars.count = 0 then
@ -2049,7 +2086,7 @@ try
      encodeuri();
    if name = 'decodeuri' then
-      result:=decodeURL(ansistring(p));
+      result:=noMacrosAllowed(decodeURL(ansistring(p)));
    if name = 'set cfg' then
      trueIf(mainfrm.setcfg(p));
--- a/todo.txt
+++ b/todo.txt
@ -1,11 +1,11 @@
 - update doesn't work without 'only 1 instance' (it's the -q)
 + replace shellExtDlg.gif with transparent png (english system)
 + self-test supporting https
 + expiring links
 * dismiss regexp lib http://docwiki.embarcadero.com/Libraries/Rio/en/System.RegularExpressions.TRegEx
 + load *.events
 + url auth limited to resource
 + global limit speed for downloads (browsing excluded)
 + [tpl id] [SECTION|for-tpl=MASK]
 * consider letting comment "protected" files. Can it really cause harm?
 * flag to enable lnk files in a folder (disabled by default)
 + sign exe http://www.rejetto.com/forum/hfs-~-http-file-server/'unsafe'/msg1061437/#msg1061437
@ -24,14 +24,20 @@
 + macros missing to cache a folder: {.reply|content=|var=|code=|filename=|mime=.}
 - unexpected scripting behavior http://www.rejetto.com/forum/index.php/topic,9728.msg1054517.html#msg1054517
    in handleItem() translate only symbols, and run all macros at the end
 document: [section|ver=MASK|build=MIN-MAX|template=MASK]
 document: {.if|var}
 document: {.exec|out|timeout|exitcode.}
 document: [+section]
 document: {.set item|diff template.}
-document: single line diff templates
+document: {.add header|overwrite=0.}
-document: disconnection reason|if=XXX
+document: {.calc| ][ }
 document: single line diff templates (file path)
 document: {.disconnection reason|if=XXX.}
 document: %url%
 document: commands returning white space: add folder, save, set account, exec, mkdir, chdir, delete, rename, move copy, set
-document: dir, disk free, filetime, file changed, load tpl
+document: pipe, base64, base64decode, dir, disk free, filetime, file changed, load tpl, sha256, for line
 document {.convert|macros|dec|hex.}
 document: new event [login]
 + event to filter logging http://www.rejetto.com/forum/index.php/topic,9784.0.html
 - wrong browser http://www.rejetto.com/forum/index.php/topic,9710.0.html
    solution:
@ -42,18 +48,14 @@ document: dir, disk free, filetime, file changed, load tpl
 + upload to non-browsable folder
 - android doesn't upload http://www.rejetto.com/forum/index.php/topic,9699.0/topicseen.html#msg1054287
 - android doesn't work with passwords http://www.rejetto.com/forum/index.php/topic,9575.msg1054029.html#msg1054029
 ? default tpl: check with IE6
 ? default tpl: consider css data uri http://www.nczonline.net/blog/2010/07/06/data-uris-make-css-sprites-obsolete/
-+ default tpl: support for rawr thumbnails
+ next VFS file format version should be text (yaml or json)
 + next VFS file format version should be XML-based
 + remove the "progress" from "log what", and use [progress|no log] instead
 ? {.rename.} should update descript.ion
 + folder archive depth limit http://www.rejetto.com/forum/index.php/topic,8546.msg1050027.html#msg1050027
 ? in getPage() many %symbols% are translated in a way incompatible with {.section.}
 ? Windows Script Interfaces
 ? {.image|src=file|width=x|dst=outfile.}
-+ replace /~imgXX with ?mode=icon&id=XX
+ user input through {.dialog.} or similar
 + user input through {.dialog.}
 + show missing files in VFS http://www.rejetto.com/forum/index.php/topic,8203.new.html
 * {.cache.} should be able to work on a simple variable
 + plugins system http://www.rejetto.com/wiki/index.php/HFS:_plugins_design
@ -67,8 +69,6 @@ document: dir, disk free, filetime, file changed, load tpl
 + log event to filter www.rejetto.com/forum/?topic=7332.0
 ? integration with mediainfo.dll www.rejetto.com/forum/?topic=7329
 + folder archive log, just as for deletion http://www.rejetto.com/forum/index.php?topic=6904.msg1042974;topicseen#msg1042974
 - upload doesn't work on chinese folders with uneven length  www.rejetto.com/forum/?topic=5382
 - chinese problems since #161 www.rejetto.com/forum/?topic=5344
 - AV with RealVNC on hints by mouse hovering www.rejetto.com/forum/?topic=5261
 - N-Stalker can locally crash HFS
 - AV in #179 http://www.rejetto.com/forum/index.php?topic=5653.msg1033457#msg1033457  www.rejetto.com/forum/?topic=5681
@ -95,7 +95,6 @@ document: dir, disk free, filetime, file changed, load tpl
 + make %list% available in every page
 + support for ALT+F4 with option "Minimize to tray clicking the close button" www.rejetto.com/forum/?topic=6351
 + replace and delete icons http://www.rejetto.com/forum/index.php?topic=6317.msg1038157#msg1038157
 + self-test supporting https
 ? currently the delete permission is only inside a folder. you can't mark a file or delete the marked folder. is this ok?
 + when a link is protected (no access for this user) it may be displayed as a link to the %item-name%, then 401, and if login is successful provide a redirection
 + change folder/link/generic-file icons (via GUI, without editing the template)
--- a/utillib.pas
+++ b/utillib.pas
@ -1,5 +1,5 @@
 {
-Copyright (C) 2002-2012  Massimo Melina (www.rejetto.com)
+Copyright (C) 2002-2020  Massimo Melina (www.rejetto.com)
 This file is part of HFS ~ HTTP File Server.
@ -166,7 +166,7 @@ function replaceString(var ss:TStringDynArray; old, new:string):integer;
 function popString(var ss:TstringDynArray):string;
 procedure insertString(s:string; idx:integer; var ss:TStringDynArray);
 function removeString(var a:TStringDynArray; idx:integer; l:integer=1):boolean; overload;
-function removeString(find:string; var a:TStringDynArray):boolean; overload;
+function removeString(s:string; var a:TStringDynArray; onlyOnce:boolean=TRUE; ci:boolean=TRUE; keepOrder:boolean=TRUE):boolean; overload;
 procedure removeStrings(find:string; var a:TStringDynArray);
 procedure toggleString(s:string; var ss:TStringDynArray);
 function onlyString(s:string; ss:TStringDynArray):boolean;
@ -669,10 +669,6 @@ begin
  until false;
 end; // removeStrings
 // remove first instance of the specified string
 function removeString(find:string; var a:TStringDynArray):boolean;
 begin result:=removeString(a, idxOf(find,a)) end;
 function removeArray(var src:TstringDynArray; toRemove:array of string):integer;
 var
  i, l, ofs: integer;
@ -746,6 +742,35 @@ while idx+l < length(a) do
 setLength(a, idx);
 end; // removestring
 function removeString(s:string; var a:TStringDynArray; onlyOnce:boolean=TRUE; ci:boolean=TRUE; keepOrder:boolean=TRUE):boolean; overload;
 var i, lessen:integer;
 begin
 result:=FALSE;
 if a = NIL then
  exit;
 lessen:=0;
 try
  for i:=length(a)-1 to 0 do
    if ci and sameText(a[i], s)
    or not ci and (a[i]=s) then
      begin
      result:=TRUE;
      if keepOrder then
        removeString(a, i)
      else
        begin
        inc(lessen);
        a[i]:=a[length(a)-lessen];
        end;
      if onlyOnce then
        exit;
      end;
 finally
  if lessen > 0 then
    setLength(a, length(a)-lessen);
  end;
 end;
 function dotted(i:int64):string;
 begin
 result:=intToStr(i);
@ -2195,7 +2220,7 @@ const
 var
  sa            : TSecurityAttributes;
  ReadPipe,WritePipe  : THandle;
-  start               : TStartUpInfoA;
+  start               : TStartUpInfoW;
  ProcessInfo         : TProcessInformation;
  Buffer              : Pansichar;
  TotalBytesRead,
@ -2226,7 +2251,7 @@ else
  timeout:=now()+timeout/SECONDS;
 // Create a Console Child Process with redirected input and output
 try
-  if CreateProcessA(nil, PansiChar(ansistring(DosApp)), @sa, @sa, true, CREATE_NO_WINDOW or NORMAL_PRIORITY_CLASS, nil, nil, start, ProcessInfo) then
+  if CreateProcess(nil, PChar(dosApp), @sa, @sa, true, CREATE_NO_WINDOW or NORMAL_PRIORITY_CLASS, nil, nil, start, ProcessInfo) then
    repeat
    result:=TRUE;
    // wait for end of child process
@ -2236,16 +2261,22 @@ try
    // so that the pipe is not blocked by an overflow. New information
    // can be written from the console app to the pipe only if there is
    // enough buffer space.
-    if not PeekNamedPipe(ReadPipe, @Buffer[TotalBytesRead], ReadBuffer,
+    if not PeekNamedPipe(ReadPipe, @Buffer[TotalBytesRead], ReadBuffer, @BytesRead, @TotalBytesAvail, @BytesLeftThisMessage )
-      @BytesRead, @TotalBytesAvail, @BytesLeftThisMessage ) then
+    or (BytesRead > 0) and not ReadFile(ReadPipe, Buffer[TotalBytesRead], BytesRead, BytesRead, nil ) then
-      break
+      break;
    else if BytesRead > 0 then
      ReadFile(ReadPipe, Buffer[TotalBytesRead], BytesRead, BytesRead, nil );
    inc(TotalBytesRead, BytesRead);
    until (Apprunning <> WAIT_TIMEOUT) or (now() >= timeout);
  if IsTextUnicode(Buffer, TotalBytesRead, NIL) then
    begin
    Pchar(@Buffer[TotalBytesRead])^:= #0;
    output:=pchar(Buffer)
    end
  else
    begin
    Buffer[TotalBytesRead]:= #0;
-  OemToCharA(PansiChar(Buffer),Buffer);
+    OemToCharA(Buffer,Buffer);
    output:=string(ansistrings.strPas(Buffer));
    end;
 finally
  GetExitCodeProcess(ProcessInfo.hProcess, exitcode);
  TerminateProcess(ProcessInfo.hProcess, 0);
@ -2551,7 +2582,8 @@ var
  i:=mImp+dir;
    repeat
    j:=i+dir;
-    if (j > 0) and (j <= length(s)) and charInSet(s[j], ['0'..'9','.']) then
+    if (j > 0) and (j <= length(s))
    and (charInSet(s[j], ['0'..'9','.','E']) or (j>1) and charInSet(s[j],['+','-']) and (s[j-1]='E')) then
      i:=j
    else
      break;
@ -2581,6 +2613,7 @@ begin
      end;
    if (i = 1) // a starting operator is not an operator
    or (s[i-1]='E') // exponential syntax
    or (v <= mImpV) // left-to-right precedence
    then continue;
    // we got a better one, record it
--- a/whatsnew.txt
+++ b/whatsnew.txt
@ -12,20 +12,24 @@ propaganda
  Mobile-friendly template
  Unicode support
  Encrypted login, and logout
  DoS protection
  IPv6
 /propaganda
 + new default template
 + new login system, session based, with logout
 + IPv6 support
 + DoS protection https://rejetto.com/forum/index.php?topic=13060.msg1065962#msg1065962
 + {.set item|name.}
 + {.get item|icon.}
 + {.set cfg.}
 + {.for line.}
 + {.if|var}
 + cache for jquery and template sections
-+ new template commands: base64, base64decode, md5, sha1
+ new template commands: base64, base64decode, md5, sha1, sha256
 + *.diff.tpl in exe's folder
 + default mime-type for mkv
 + 'no list' section flag
 + https client support (not server)
 - fixed template handling of section names with both '+' and '=' present
 - fixed LNK files to deleted items
 - fixed comments files were not updated upon deletion of files
@ -33,6 +37,7 @@ propaganda
 - fixed double "Content-Length" header on compressed pages
 - fixed log text base color not matching system settings http://rejetto.com/forum/index.php?topic=13233.0
 - fixed while renaming a file in the GUI, CTRL+C/V didn't work on the text
 - fixed diff tpl logic: an empty section will now override the inherited one
 VER 2.3m
 propaganda
Author	SHA1	Message	Date
Massimo Melina	6ff458fb73	Merge pull request #41 from divinity76/patch-1 warning about Delphi 10.4 Community being incompatible	2025-01-22 22:25:18 +01:00
divinity76	0d71b9946a	warning about Delphi 10.4 Community being incompatible	2023-03-25 12:45:10 +01:00
Massimo Melina	140528bac8	Create README.md	2023-03-12 17:42:10 +01:00
Massimo Melina	29f6bac31c	default speed limit 50MBps	2020-08-30 23:26:11 +02:00
Massimo Melina	e233f6d29a	fix: search and archive recently broken	2020-08-23 13:45:47 +02:00
Massimo Melina	6e4dcf5b56	fix: avoid dupe files in archive in case of ?search=*	2020-08-04 21:16:37 +02:00
Massimo Melina	61f1a14be6	updated .lng	2020-08-02 18:31:17 +02:00
Massimo Melina	2d1187b6a3	tpl: moved archive button to "selection" sub-menu	2020-08-02 17:44:02 +02:00
Massimo Melina	ca7caab85d	fix: account dialog recently broken	2020-08-02 17:43:13 +02:00
Massimo Melina	9e662960e1	usability: standard ok/cancel buttons for "ask" dialog	2020-08-02 13:10:38 +02:00
Massimo Melina	21349e5c04	experiental ?mode=thumb to append to jpg files	2020-08-01 20:46:46 +02:00
Massimo Melina	db2ad83c77	new tpl syntax [^section] will prepend to [section]	2020-08-01 20:46:07 +02:00
Massimo Melina	a47541286a	fix: unicode support with {.exec\|out.}	2020-07-27 23:29:23 +02:00
Massimo Melina	62c30c8de1	fix: a {.command.} resulting in an empty string could actually produce a false error	2020-07-27 23:27:52 +02:00
Massimo Melina	ad439fa65f	fix: some headers were not customizable with {.add header.}	2020-07-27 12:17:49 +02:00
Massimo Melina	2d131f2c5f	fix: malformed non-ascii post variables when not url-encoded	2020-07-27 11:37:18 +02:00
Massimo Melina	ba2df13122	removed jquery dependency from default tpl	2020-07-08 15:22:35 +02:00
Massimo Melina	da294807ca	removed 'append macros log' option	2020-07-08 13:26:28 +02:00
Massimo Melina	6625f08419	Revert "apply 1 minute timeout to file listing" This reverts commit `d43983e9`	2020-07-08 13:24:27 +02:00
Massimo Melina	d43983e986	apply 1 minute timeout to file listing	2020-06-29 00:03:38 +02:00
Massimo Melina	4b5bffbd83	fix: possible CSRF	2020-06-29 00:02:20 +02:00
Massimo Melina	cf3761b7ed	fix: 2 resource strings with same name	2020-06-28 20:31:25 +02:00
Massimo Melina	b5dc45f214	smarter displaying of 'status' columns (details moved to tooltip)	2020-06-28 14:12:24 +02:00
Massimo Melina	b1a95cd319	introduced 1 minute timeout for archive's files list building	2020-06-28 13:57:53 +02:00
Massimo Melina	6c5139d552	optimization: avoid resetting the array length when unnecessary	2020-06-28 11:34:07 +02:00
Massimo Melina	863c667f1b	fix: apply anti-dos also to archives	2020-06-27 20:46:11 +02:00
Massimo Melina	44f37f92cf	prevent macros coming from commands convert, base64decode, decodeuri	2020-06-23 20:16:12 +02:00
Massimo Melina	308561090f	fix: {.dialog\|\|yesno.} was not working	2020-06-23 20:14:24 +02:00
Massimo Melina	26ddc2b126	fix: {.calc.} not working with very small numbers (because rendered with exponential syntax)	2020-06-16 23:14:45 +02:00
Massimo Melina	65d4a142e4	new 'init' section for events file, executed at each reload	2020-06-16 23:13:22 +02:00
Massimo Melina	07f5f2ca6b	fix: {.disconnect.} and {.disconnection reason.} not working in event 'pre-filter-request'	2020-06-16 23:12:36 +02:00
Massimo Melina	cba235c7b0	fix: {.set table.} duplicating keys instead of updating values	2020-06-16 00:39:11 +02:00
Massimo Melina	9220d33aa4	trigger 'unauthorized' event for new login and url-auth. Also added 'login' event in case of success.	2020-06-16 00:37:31 +02:00
Massimo Melina	efa99e7cbc	new 'public' section flag in place of 'private', inverting logic	2020-06-16 00:35:15 +02:00
Massimo Melina	6729be221a	without this people will have problems editing the tpl	2020-06-14 10:40:26 +02:00
Massimo Melina	8ab5b318a8	tpl must declare api level 2	2020-06-14 09:24:44 +02:00
Massimo Melina	db092e5eab	back to 'selection' for submitting files, to facilitate tpls compatible with 2.3	2020-06-13 21:07:23 +02:00
Massimo Melina	d6d5b8f493	tpl: missing few tooltips	2020-06-13 20:49:53 +02:00
Massimo Melina	151cddad5b	no need to invalidate session in this case, it was not compromised	2020-06-13 20:36:00 +02:00
Massimo Melina	18f0da77d4	fix: (recent) broken ajax() calls	2020-06-13 20:34:19 +02:00
Massimo Melina	70947f179c	tpl: moved changePwd() to lib.js	2020-06-13 17:07:22 +02:00
Massimo Melina	7cc712a245	fix: (recent) broke ajax() calls	2020-06-13 17:06:35 +02:00
Massimo Melina	1e7bf6cfc4	amend previous commit	2020-06-13 17:05:01 +02:00
Massimo Melina	18f7e5177f	fix: problems downloading files with a comma with firefox77	2020-06-13 00:37:58 +02:00
Massimo Melina	6b933acdef	added few mime-types	2020-06-11 23:42:01 +02:00
Massimo Melina	f69251a482	fix: [file.EXT] not working	2020-06-11 23:39:38 +02:00
Massimo Melina	1f713f706e	{.convert\|utf-8\|dec/hex.}	2020-06-11 11:40:12 +02:00
Massimo Melina	4b5e0205a5	fix: empty tpl sections were not overriding	2020-06-11 11:35:53 +02:00
Massimo Melina	7634b96744	tpl: using HFS.sid we can move ajax() where it belongs	2020-06-10 20:34:15 +02:00
Massimo Melina	7facca0306	tpl: save options to localStorage and avoid extra traffic	2020-06-10 16:08:13 +02:00
Massimo Melina	1fab68e4fa	build 315	2020-06-10 16:07:27 +02:00
Massimo Melina	1d9d6fd100	new section flag: ver=MASK	2020-06-10 13:22:31 +02:00
Massimo Melina	7e66a94e37	new section flag: template=MASK	2020-06-10 13:11:58 +02:00
Massimo Melina	5e5122edba	new section flag: build=MIN-MAX	2020-06-10 12:45:32 +02:00
Massimo Melina	6d91b0da6e	fix: 'no list' section flag should be inherited	2020-06-10 12:18:54 +02:00
Massimo Melina	e29e86c0bd	tpl: defaults to dark theme if the OS says so	2020-06-09 00:07:31 +02:00
Massimo Melina	de7f157390	new {.sha256.}	2020-06-08 20:23:29 +02:00
Massimo Melina	1e21013b96	copyright update	2020-06-08 18:50:18 +02:00
Massimo Melina	b028c47f10	added 'no log' section flag to support SAP themes like 'mobil-light'	2020-06-08 12:40:34 +02:00
Massimo Melina	782702c192	smarter DoS-preventing grace period	2020-06-08 12:40:00 +02:00
Massimo Melina	1fc5894204	fix: (recent) error trying to load a VFS with an empty recent-files list	2020-06-08 12:36:05 +02:00
Massimo Melina	33d4d16b0b	better format	2020-06-08 11:00:08 +02:00
Massimo Melina	801ceead5b	build 313	2020-06-08 10:26:38 +02:00
Massimo Melina	a3056ccfd4	fix: possible DoS, as reported by John Page (aka hyp3rlinx) ApparitionSec (CVE-2020-13432)	2020-06-07 12:10:56 +02:00
Massimo Melina	16744d7c6c	tpl: added warning for low-security change-password action	2020-06-07 11:30:40 +02:00
Massimo Melina	7c3f5929fa	fix: chrome fails downloading filenames with commas	2020-06-07 10:59:41 +02:00
Massimo Melina	bdc5991fa1	fix: display ipv6 address with brackets in log	2020-06-06 19:59:10 +02:00
Massimo Melina	74a5710f99	fix: conflicting resource text for translation http://rejetto.com/forum/index.php?topic=13313.msg1065920#msg1065920	2020-06-06 19:32:14 +02:00
Massimo Melina	71b76e3240	updated url	2020-06-05 18:41:42 +02:00
Massimo Melina	30740e372b	build 312	2020-06-04 10:33:01 +02:00
Massimo Melina	23ea63a19e	fix: error hovering VFS file. http://rejetto.com/forum/index.php?topic=13060.msg1065899#msg1065899	2020-06-03 17:23:08 +02:00