1.8.6

Note: This release introduces localization (i18n) support across the
entire application — templates, admin panel, API error responses, JavaScript
UI, and outgoing emails. Localization touches virtually every part of the
system. Testing has been performed, but some areas may have been missed.
If you encounter any text that appears untranslated, displays a raw key
(e.g. ui.some.key), or behaves unexpectedly after upgrading, please report
it at https://github.com/awehttam/binkterm-php/issues.

⚠️ Make sure you've made a backup of your database and files before upgrading.

Summary of Changes

1.8.6 is a major release. The headline feature is full localization (i18n) support across the web interface, admin panel, terminal server, and API — shipping with English, Spanish, and French out of the box. The terminal server receives significant attention: a new pure-PHP SSH-2 daemon joins the existing telnet server, and the terminal experience gains a redesigned message header layout, scroll optimization, ANSI auto-detection, Z-Modem file transfer improvements, and the ability to jump directly to a message by typing its number. File Areas gain a pluggable antivirus layer with VirusTotal cloud scanning alongside ClamAV, a new web-based file editor and move tool, and new .env controls for scanning behaviour. The BBS Directory is introduced as a new public-facing page automatically populated from echomail announcements via a new Echomail Robots framework. Rounding it out are a new Guest Doors page for anonymous door access, DOS door multiplexing improvements, admin language override tools, and miscellaneous bug fixes and stability improvements throughout.

Localization (i18n) Support

• Translation catalogs now support broader UI/API coverage across web pages and admin tools. Ships with English (en), Spanish (es), and French (fr). See docs/Localization.md for a full technical reference and translation contributor workflow.
• Note: The Spanish (es) and French (fr) translations were generated by AI and have not been independently reviewed for accuracy. They may contain errors, awkward phrasing, or incorrect terminology. Community corrections are welcome via pull request.
• API responses are now expected to use error_code / message_code (with optional params), so clients can localize consistently per user locale.
• JavaScript translations use lazy catalog loading (/api/i18n/catalog). Pages that render text dynamically must initialize after user settings + i18n catalogs are loaded to avoid English fallback text.
• The telnet and SSH daemons (through the shared BbsSession class) now support localization. All user-facing strings in the telnet server, shell menus, message editor, echomail/netmail browsers, polls, shoutbox, and door launcher are translated via the terminalserver catalog namespace (config/i18n/<locale>/terminalserver.php). The daemon defaults to the system locale (I18N_DEFAULT_LOCALE) pre-login and switches to the user's saved locale immediately after a successful login.
• scripts/create_translation_catalog.php now supports Anthropic Claude in addition to OpenAI for automated locale generation. Provider is auto-detected from the presence of ANTHROPIC_API_KEY or OPENAI_API_KEY in .env, or set explicitly with --provider=claude|openai. Default Claude model is claude-sonnet-4-6; default OpenAI model is gpt-4o-mini. See docs/Localization.md for full usage.
• New CI checks enforce i18n quality:
  • php scripts/check_i18n_error_keys.php validates error key coverage.
  • php scripts/check_i18n_hardcoded_strings.php blocks new hardcoded UI strings not in the allowlist.

BinktermPHP Terminal Server

The BinktermPHP Terminal Server provides a BBS-style interactive terminal accessible over two protocols:

• Telnet (telnet_daemon.php) — default port 2323; TLS available on port 8023
• SSH (ssh/ssh_daemon.php) — pure-PHP SSH-2 daemon; default port 8022

Both access methods share the same session logic (BbsSession) and deliver identical BBS features: menus, messaging, file areas, doors, polls, shoutbox, and more.

SSH Access

• New SSH-2 server (ssh/ssh_daemon.php) — pure-PHP SSH daemon using only ext-openssl and ext-gmp, no new Composer dependencies. Default port 8022 (configurable via SSH_PORT in .env). Correct SSH credentials skip the BBS login screen; failed auth drops to the login/register screen instead of disconnecting. Host key is auto-generated on first run at data/ssh/ssh_host_rsa_key. See docs/SSHServer.md for full documentation.

Telnet Access

• TLS encryption (experimental): enabled by default on port 8023 with an auto-generated self-signed certificate stored in data/telnet/. Set TELNET_TLS=false in .env to disable, or provide your own certificate via TELNET_TLS_CERT and TELNET_TLS_KEY. Use --no-tls on the command line to disable for a single run.

Terminal Features

• New File Areas section in the BBS terminal (F from the main menu)
• Z-Modem file transfer support has been introduced. Both a native internal Z-Modem implementation and support for lrzsz are available. Native internal is presently recommended.
• Terminal netmail reader now supports downloading file attachments via ZMODEM (Z in the message viewer when attachments exist).
• Terminal mail browser position is now persisted in users_meta using terminal_* keys. Netmail restores the last page + selected message. Echomail restores the echoarea list page and per-area message position (page + selected message).
• New API endpoints for terminal state persistence:
  • GET /api/user/terminal-mail-state
  • POST /api/user/terminal-mail-state
• Optional debug toggle to force unique outbound attachment filenames during terminal ZMODEM sends:
  • TELNET_ZMODEM_DEBUG_UNIQUE_NAMES=true
• The message reader now supports Page Up / Page Down keys for scrolling through long messages a full screen at a time (in addition to the existing Up/Down line-by-line scrolling).
• The message reader now renders LSC-001 MARKUP kludge formatted messages with ANSI terminal formatting. Markdown messages display headings, bold, italic, code blocks, bullet lists, block quotes, and horizontal rules using ANSI escape sequences. StyleCodes messages display bold, italic, underline, and inverse video. Unrecognized formats fall back to plain text. Quoted lines (> ) are always rendered as plain dim text regardless of the declared markup format.
• Markdown strikethrough (~~text~~) now renders as dim -text- in the terminal and <del>text</del> in the web message reader.
• In the message list, you can now type a message number to jump directly to it. The selection highlight updates live as digits are typed; press Enter to open.
• The message reader now displays headers in a styled box instead of plain --- separators. The box uses charset-appropriate line-drawing characters (UTF-8, CP437, or ASCII) and renders with a dark blue background and gray border on ANSI terminals. The subject line is bold; the date and secondary fields are dimmed for visual hierarchy.
• Scroll optimization: Scrolling through a message no longer clears and redraws the entire screen. Only the body rows are repainted in-place using cursor positioning, eliminating flicker on every keypress.- The terminal capability detection wizard now correctly detects ASCII-only terminals. When UTF-8 is not supported, the wizard shows a CP437 box-drawing test; terminals that cannot render CP437 are set to ASCII mode instead of defaulting to CP437.
• Automatic ANSI detection on telnet connect: ANSI color capability is now detected at connection time via the TELNET TTYPE negotiation (RFC 1091). The server sends TTYPE SEND only after the client acknowledges DO TTYPE (proper RFC sequence), then uses the terminal-type string to enable color automatically. Clients reporting DUMB or sending no TTYPE are served plain ASCII with no color escape sequences. The previous ESC[6n DSR/CPR probe has been removed — it caused SyncTerm and similar clients to pause display rendering until a key was pressed. Saved user terminal settings continue to override the auto-detected value after login.
• Telnet connect hang fix: Added stream_set_write_buffer($conn, 0) on accepted sockets to disable PHP's userspace write buffer. Previously, banner text and prompts could sit in an 8 KB buffer and not reach the client until a read operation flushed it — appearing as a blank screen on connect.

File Areas

• Pluggable antivirus layer: Virus scanning now uses a generic Antivirus\ScannerInterface that multiple backends can be plugged into. Built-in backends:
  • ClamAV — unchanged behaviour; local scanning via clamdscan. Files can be manually re-scanned by admins from the file details modal using the Virus Scan button.
  • VirusTotal — new optional cloud scanning backend. Enable by setting VIRUSTOTAL_API_KEY in .env. Performs a hash lookup first; only uploads files whose hash is not already in the VirusTotal database. Note: files uploaded to VirusTotal may be shared with security researchers and should not be considered private — see docs/AntiVirus.md for details.
• The CLAMAV_ALLOW_INFECTED .env variable has been renamed to FILES_ALLOW_INFECTED. Update your .env if you had this set.
• New global antivirus controls in .env:
  • VIRUS_SCAN_DISABLED=true — disables all virus scanning (both automatic and manual).
  • VIRUS_SCAN_NOAUTO=true — disables automatic scanning on upload while keeping the manual Virus Scan button available. See docs/AntiVirus.md for details.
• Virus detection error: When an upload is rejected due to virus detection, the UI now shows a specific "File r...

1.8.5

New Features

• Economy viewer: admins now have a dedicated Admin -> Economy Viewer page that summarizes the credits economy with circulation totals, period transaction flow, transaction-type breakdowns, top earners/spenders, richest accounts, and recent ledger activity
• Native Doors: run Linux programs natively as BBS doors with no emulator required; manage via Admin → Native Doors (see below)
• Door launch_command: all door types (DOS and native) now support a {user_number} placeholder that is substituted with the BBS user's numeric ID at launch time; native doors also receive it as the DOOR_USER_NUMBER environment variable
• Telnet gateway: native doors now appear alongside DOS doors in the telnet door menu
• Polls and shoutbox: both features now have dedicated user pages (/polls and /shoutbox) and telnet equivalents; the telnet interface now supports reading and voting in polls plus viewing and posting shoutbox messages
• Echo area importer: Echo Areas Management now includes an Import page for CSV uploads in ECHOTAG,DESCRIPTION,DOMAIN format; blank DOMAIN values import the area as local-only, and the importer validates the full file before applying changes atomically
• Markup kludge: outbound messages now use ^AMARKUP: Markdown 1.0 per LSC-001 Draft 2; the legacy ^AMARKDOWN: kludge continues to be recognised in received messages for backwards compatibility
• StyleCodes rendering: messages with ^AMARKUP: StyleCodes 1.0 (Synchronet Message Markup) are now rendered in the message reader; supported codes: *bold*, /italics/, _underlined_, #inverse#
• Compose screen: the "Send as Markdown" checkbox is replaced with a Markup Format selector that lets you choose Plain text, Markdown, or StyleCodes when composing messages

Improvements

• Outbound dispatch: newly spooled netmail and echomail now trigger an immediate poll of the specific routed uplink instead of waiting for the scheduler's next loop
• Outbound dispatch: web message sends no longer block waiting for the outbound poll to complete before returning success to the browser
• Scheduler config reload: binkp_scheduler.php now reloads config/binkp.json during its daemon loop so schedule and uplink changes are picked up without restarting the scheduler
• Admin daemon: now forks a child process per connection so long-running commands such as manual polls no longer block other admin requests
• MRC daemon: logging now goes to data/logs/mrc_daemon.log instead of the PHP error log; log level is controllable via --log-level
• BBS menu shell: when polls or shoutbox are enabled, the main menu now exposes links to their dedicated pages without changing the standard web shell dashboard layout, which continues to show those features inline
• Games page leaderboard: Top Scores (All Games) now includes month navigation arrows so users can browse previous months; the table reflects the selected month and shows an empty-state row when no scores exist
• Echomail and netmail posting identity: outbound posting now supports per-uplink posting_name_policy (real_name or username/alias); echomail additionally supports per-echoarea override; default behavior remains posting with real name
• Compose guidelines: composition now shows whether the selected echomail area or netmail destination will post using Real Name or Username/Alias based on the effective posting-name policy
• Outgoing MSGID: newly generated outbound netmail and echomail MSGID kludges now append @domain when the network domain is known, and inbound parsing accepts the suffixed format
• Message reader: ANSI art in message bodies no longer displays inside a black box with a scrollbar; styling is now consistent with standalone ANSI art displays
• BinkP session: binkp_poll now completes promptly after sending mail to non-conformant remotes (those that send M_EOB without M_GOT); sessions terminate after 30 seconds of inactivity rather than the full session timeout, while preserving a window for areafix and similar systems to process an inbound packet and return a response in the same session; sent packets are cleaned up correctly regardless of whether the remote sends M_GOT before or after M_EOB
• TIC processor: FILE_ID.DIZ inside ZIP archives is now read (case-insensitively) to populate file descriptions when the TIC file provides none

Removed

• BBSLink WebDoor (public_html/webdoors/bbslink/) has been removed. It is replaced by the BBSLink native door (bbslinknative), which runs natively. If you had BBSLink configured as a WebDoor, disable it in Admin → WebDoors before upgrading, then set up the native door version as described in the Native Door Support section below.

Configuration Changes

• binkp.json: the uplink key allow_markdown has been renamed to allow_markup to reflect that the setting controls all markup formats, not just Markdown. The upgrade migration (v1.10.17) renames the key automatically in data/binkp.json. If you manage your config manually, update any allow_markdown keys to allow_markup.

Security Fixes

• DOS door bridge: dropfile_path values in dosdoor.jsn manifests are now validated to prevent directory traversal; paths containing .. segments or absolute paths are rejected and fall back to the default per-node drop directory
• Admin daemon: save_native_doors_config and save_dosdoors_config now reject non-object JSON payloads (e.g. scalars such as true or 1) that would previously cause a fatal error when passed to the config writer
• Admin daemon: config write helpers now throw on mkdir or file_put_contents failure instead of silently returning success to the caller
• BBSLink native door: bbslink.sh now validates that both required arguments (door code and user number) are provided before proceeding, and checks for telnet at startup alongside the existing curl check; vars.sh is now resolved relative to the script's own directory rather than the working directory

Documentation

• docs/FileAreas.md: updated with file system permissions and group ownership requirements for shared web server and BinkP daemon access to file areas; clarified TAG@DOMAIN key usage for file area rules

Bug Fixes

• Markdown renderer: fixed inline code parsing so identifiers with underscores such as send_domain_in_addr and M_ADR render correctly in upgrade notes and other locally rendered Markdown documents
• Markdown renderer: fixed wrapped unordered-list items so Upgrade Notes render correctly in the admin viewer instead of splitting a single bullet into separate paragraphs
• BinkP scheduler: fixed outbound-triggered polling so the scheduler no longer polls every enabled uplink once per minute whenever any outbound packet exists; outbound polls now only target uplinks that actually have queued outbound traffic for them
• Scheduler logging: corrected outbound polling log messages so "triggering poll" is only logged when an uplink will actually be polled
• Scheduler shutdown: fixed Ctrl-C/SIGINT handling so binkp_scheduler.php exits immediately instead of continuing into the next polling loop
• Admin daemon client: fixed stale reused connections that could produce intermittent "Admin daemon closed connection" errors after the daemon timed out an idle socket
• Bundle processing: fixed inbound ArcMail day-bundle detection so files such as .sua are recognized and extracted instead of being rejected as an unknown bundle format
• Cron schedule clarification: * */1 * * * means every minute of every hour, not hourly; use 0 * * * * or 0 */1 * * * for hourly polling
• Packet processor: fixed echomail misclassified as netmail when the incoming packet is missing its AREA: line; the secondary scan loop had a logic error causing it to exit after one iteration, and SEEN-BY/PATH detection now scans the full message instead of only the first ten lines
• Packet processor: fixed broadcast echomail (addressed To: All with no Private attribute) from newsletter-style gateways being stored as netmail when the message lacks AREA:/SEEN-BY:/PATH: headers; such messages are now correctly identified as echomail and dropped with a log entry rather than polluting the netmail inbox
• TIC processor: fixed TIC files from DOS-era FTN software being rejected with "Missing required TIC field: Area" when field names are uppercase (e.g. AREA instead of Area); field names are now matched case-insensitively; also fixed TIC files with bare \r line endings failing to parse
• Mobile message reader: fixed swipe-to-navigate triggering while scrolling wide ANSI art horizontally; the boundary check now uses the scroll position captured at touch start rather than the position after native scrolling has already occurred
• BinkP server: fixed inbound sessions not including the network domain in the M_ADR address; the send_domain_in_addr flag was only applied to outbound calls — inbound connections now respect it too
• Echomail compose: fixed posting to local echo areas with no domain association from the compose screen; local areas no longer submit as @null, and server-side parsing now treats blank or missing domains correctly
• Echomail area navigation: fixed local echo area links in /echomail appending a trailing @ (%40) when the area has no domain; local areas now navigate using tag-only identifiers

1.8.4

Summary of Changes

Security Fixes

• Username and real name are now cross-checked for uniqueness at the
  database level to prevent misrouting of netmail

MRC Improvements

• Added /register, /identify, /update, /motd, /help, and /msg commands
• Trust commands, /motd, and /help can now be used before joining a room
• Unknown /commands are passed through to the server instead of showing an error
• MOTD now displays inline in the chat area instead of a popup modal
• Sent private messages are echoed locally so you can see what you sent
• Input history: use up/down arrow keys to scroll through previously sent messages
• Removed "MRC Under Development" warning modal
• Fixed: black text on dark background when using the default theme
• Fixed: initial room list not populated on daemon connect
• Fixed: LIST response was misrouted as a private message, preventing room list population

BinkP / Packet Improvements

• FTN packet passwords are now supported via a new pkt_password field per uplink in binkp.json (separate from the BinkP session password)
• TIC file passwords now support an uplink-level default via a new tic_password field per uplink in binkp.json; per-area passwords still take precedence when set
• New uplink option send_domain_in_addr (default false) controls whether @domain is appended to the M_ADR address during BinkP handshake for uplinks that require domain-qualified addresses. See config/binkp.json.example for the full schema.

Enhancements

• Compose: sidebar panel can now be collapsed sideways to give the editor more width, with state persisted across page loads
• Echo list: areas can now be opened in a new tab via right-click

1.8.3

New Features

• MRC (Multi Relay Chat): experimental WebDoor for real-time multi-BBS chat via the MRC network
• Echomail: bulk "Mark as Read" action for selected messages in the echomail reader
• Markdown Messages: opt-in Markdown rendering for netmail/echomail when a MARKDOWN kludge is present; GUI toolbar editor in the compose window with Edit/Preview tabs; local echo areas always allow Markdown
• Message Reader: scrollable body enabled by default — message header stays fixed while body scrolls; configurable in Admin → Appearance → Message Reader
• Gemini Browser: built-in start page (about:home) with curated Geminispace links
• Gemini Capsule Hosting: users can publish personal Gemini capsules at gemini://host/home/username/
• Gemini Capsule: echo areas can be exposed as read-only public Gemini content
• Friendly URLs for shared echomail messages (e.g. /shared/test@lovlynet/hello-world)
• Appearance System: shells, branding, announcements, system news/house rules, custom nav links, and SEO metadata managed through Admin → Appearance
• BBS Menu Shell: mobile improvements — ANSI scaling, tap-to-reveal shortcuts, context-aware hint text
• Address Book: "Always use crashmail" per-contact option
• File Share Links: share individual files via public /shared/file/AREA/FILENAME URLs
• Crashmail: binkp_zone DNS fallback — nodes not in the nodelist can be reached via a DNS zone (e.g. binkp.net)
• Netmail: file attachment sending via crashmail — attach a file to an outbound netmail for direct delivery in the same binkp session
• Crashmail: scheduler polls every 5 minutes; new crashmail triggers immediate delivery via admin daemon

Bug Fixes

• MarkdownRenderer: fixed link rendering across soft line breaks; added support for root-relative URLs
• FidoNet INTL kludge: removed point number from INTL line; added missing FMPT/TOPT in fallback packet path
• Binkp packet header: corrected FSC-0048 Type-2+ capability word (capWord/cwCopy); clearer error when no me address is configured
• Pipe codes: Mystic BBS letter-based control and information codes (e.g. |AO, |PO) now stripped correctly; Mystic hex colour codes (|0A, |1F, etc.) now parsed correctly; |PI and |CD rendered
• About page: network addresses were displayed as "Array" instead of formatted address strings
• Scheduler: cron expression parser now tolerates leading/trailing whitespace and multiple spaces between fields

1.8.2

New Features

• CSRF Protection: All state-changing API requests (POST/PUT/PATCH/DELETE) are
  now protected by a synchronizer token. The token is stored per-user in the
  database and is automatically attached to AJAX requests by the web client.
  The telnet daemon receives the token in the login response and sends it with
  outgoing requests.

• Telnet Bind Configuration: The telnet daemon's bind host and port can now be
  set via .env variables (TELNET_HOST, TELNET_PORT), removing the need to edit
  the script directly.

• Telnet Anti-Bot ESC Challenge: New connections receive an ESC-key challenge
  before the login prompt, blocking automated scanners. Failed login attempts
  are now logged.

• Activity Stats Timezone: Dates and times on the activity statistics page are
  now displayed in the logged-in user's preferred timezone.

• Persistent Echolist Filter: The unread-only filter on the forum-style echo
  list is now persisted across sessions alongside the subscribed-only
  preference.

• Gemini Browser: A built-in WebDoor that lets users browse Geminispace from
  within the BBS. The Gemini protocol is a lightweight, privacy-focused
  alternative to the web that uses a plain-text markup format called Gemtext.

Bug Fixes

FTN / Messaging:

• Echomail MSGID addr@domain Format: Incoming echomail with a MSGID in
  address@domain format (e.g. 618:618/1@micronet 6695bee3) logged a warning
  and failed to record the originating address. The parser now handles this
  format alongside existing forms.

• Origin Line Restricted to Echomail: Outgoing netmail packets no longer
  include an Origin line. Per FTS-0004, origin lines are an echomail
  convention; netmail routing is conveyed via kludge lines.

• Pipe Code Decimal Parsing: Pipe colour codes are now parsed as decimal
  values, correcting a blink rendering bug introduced by treating them as
  octal/hex.

Telnet Daemon:

• Message Reader Flash: Opening a message from the list no longer immediately
  exits. The bug was caused by terminals sending CR+LF for Enter; the trailing
  LF was being read as a second keypress by the message reader.

• Door List Display: The door list now shows the door name instead of its
  internal ID.

• Multiplexor Log Timestamps: All multiplexor log output now includes
  timestamps using local server time.

Message Display:

• Signature Block Detection: Signature styling is now only applied to
  separators found in the bottom third of a message. Previously any bare dash
  separator triggered dimmed styling for the rest of the message. Long
  decorative dash lines are also no longer mistaken for signature separators.

Admin / Daemon:

• reload_binkp_config Response: The admin daemon's reload_binkp_config command
  now correctly returns an array response, fixing a parsing error in the web
  interface.

• Fresh Install Migrations: Database migrations now run correctly during a
  fresh installation (previously only ran on upgrades).

• Auto Feed User Selector: The "Post As User" dropdown in the auto feed
  configuration now lists all users instead of being capped at 25.

File Areas:

• %basedir% Macro Shell Quoting: The Feb 18 security fix wrapped all file area
  rule macro values in escapeshellarg(), which was correct for network-derived
  values but broke %basedir%. Because %basedir% is used as a path component in
  rule templates, pre-quoting it produced a split path like
  '/home/user/app'/scripts/foo.php. The basedir value is now substituted raw;
  all network-derived macros retain their escapeshellarg() protection.

Web Interface:

• Netmail Sent Count on Profile: The "Netmail Sent" statistic on user profiles
  was incorrectly counting received messages. The count now filters by
  is_sent = TRUE so only dispatched messages are counted.

• Echomail Sidebar Selected Item Contrast: Network name, description, and
  message count badges in the echo area list were unreadable when an area was
  selected. Selected items now render all text and badges in high-contrast
  colours.

• Who's Online Idle Timer: An Idle column (admin-only) has been added to the
  Who's Online page showing time elapsed since each user's last activity. The
  timer updates every 10 seconds without additional server requests.

• Echomail Sort Order Dropdown: The sort order dropdown (Newest First, Oldest
  First, By Subject, By Author) was non-functional. Sorting now works correctly
  in both standard and threaded views.

• Random Tagline: Users can now select "Random tagline" as their default
  tagline in user settings. A tagline is picked at random each time the compose
  window is opened.

Security Fixes

• Binkp M_GOT Path Traversal: A malicious authenticated peer could send a
  crafted M_GOT filename containing ../ sequences to delete arbitrary files on
  the server. The filename is now sanitised with basename() before use.

• File Area Rule Command Injection: Filenames received via Binkp are
  substituted into admin-configured rule scripts as shell macros. Network-
  derived values are now wrapped with escapeshellarg() before substitution,
  preventing remote code execution via a crafted filename.

• Gateway Token Debug Logging: A leftover debug block in verifyGatewayToken()
  was logging raw token values to the PHP error log and issuing a redundant
  database query on every call. Both have been removed.

• XSS in <script> Data Islands: window.currentUser and userTimezone were
  serialised with plain json_encode, which does not encode < or >. These now
  use JSON_HEX_TAG and related flags to prevent </script> injection.

• Password Hash in Client-Side Object: window.currentUser included the user's
  password_hash field. The hash is now stripped before it reaches any template.

• TIC File Path Traversal: A malicious peer could supply a crafted File: field
  in a .tic file containing ../ sequences to write a received file to an
  arbitrary location. The filename is now sanitised with basename() before the
  storage path is constructed.

• Binkp Plaintext Password Timing: The plaintext password fallback path used a
  non-constant-time comparison. This is now done with hash_equals() to prevent
  timing oracle attacks.

• Case-Insensitive Username Matching: Registration and login now compare
  usernames case-insensitively, preventing two accounts with names that differ
  only by case. The reserved username list has been extended to cover common
  authority-implying names (admin, administrator, sysadmin, moderator, staff,
  support, and others).

Docker Improvements

• Switched to dosbox-x (headless-capable) instead of vanilla dosbox, enabling
  correct headless DOS door operation inside the container.

• The telnet daemon is now managed by supervisord. Port 2323 is exposed by
  default (configurable via TELNET_PORT).

• ADMIN_DAEMON_SECRET is now auto-generated on first start if not set in .env.

• postgresql-client is now included in the image for easier database
  maintenance from within the container.

• pcntl and posix PHP extensions are now compiled into the image.

NOTE: The database password environment variable has been renamed from
DB_PASSWORD to DB_PASS. Update your .env file and deployment scripts before
restarting the container.

DOS Door Improvements

• Doorway launcher now passes user information via DOOR.SYS instead of
  command-line arguments.

• Registered version of Doorway receives the /o flag for correct operation.

• DOORWAYU.EXE (unregistered Doorway) is now bundled and used by default;
  placing DOORWAY.EXE alongside it will override automatically.

• Added a README for the built-in Admin door.

• Suppressed repetitive idle-status entries in the multiplexor daemon log.

Developer Tooling

• test_filearea_rules.php --from-filebase: The file area rule test script can
  now resolve a file's actual storage path from the database, allowing
  --execute mode to run against a real file already received into the file
  base.

• test_filearea_rules.php --execute skip reporting: When --execute is used but
  the file does not exist on disk, the script now reports a clear per-rule skip
  warning and an accurate summary.

1.8.1

New Features

• DOS Door Integration — Classic BBS door games now playable in the browser via DOSBox-X and a multiplexing WebSocket bridge. Sessions are scoped per-door so multiple doors can be open in separate tabs simultaneously. See docs/DOSDoors.md for full setup instructions.
• Activity Tracking & Statistics — A new admin statistics page surfaces usage analytics: popular echoareas, door plays, file activity, nodelist lookups, top users, and hourly distribution. Configurable period filter (7d / 30d / 90d / all time).
• Referral System — Users receive a personal referral link and earn BBS credits when a referred user is approved.
• WebDoor SDK — Shared client/server SDK for WebDoors. Games like Blackjack and CWN now automatically update the credit balance shown in the top navigation.
• Pipecode Color Support — Pipe codes in messages are converted to ANSI color sequences.

Messaging

• Bottom Kludge Storage — PATH, SEEN-BY, and VIA lines are now stored separately in a bottom_kludges column rather than inline with message text, for both echomail and netmail.
• Outbound VIA Kludge — VIA is now correctly placed in the bottom kludge block during outbound message transmission.
• Netmail Download — Press d while reading a netmail to download the message as a file.
• Insecure Netmail Warning — Netmails received via an insecure BinkP session are now flagged with a visible warning.
• Echomail Duplicate Prevention — MSGID is now checked on incoming echomail to prevent duplicate entries (required for %rescan support).
• Configurable Echomail Landing Page — The default landing page is now the forum-style echo list. Sysops can set the system-wide default (reader or echo list), and users can override their own preference.
• Echo List Filtering — The forum-style echo list can now be filtered to show subscribed areas only, or areas with unread messages.

Nodelist

• Custom BinkP Port Fix — Node entries with a custom BinkP port no longer bleed that port into the SSH/Telnet/HTTPS links in the node popup; standard ports are used for those protocols.
• IPv6 Support — IPv6 addresses in nodelist entries now parse correctly.

BinkP / Networking

• Insecure Session Fix — Corrected an issue where incoming insecure BinkP sessions would fail.
• Plaintext Auth Restored — Reverts a 1.7.9 change that enforced CRYPT-MD5 even when plaintext was specified in configuration. Plaintext sessions work again.

UI / UX

• Dashboard Loading Indicators — Netmail and echomail stat widgets on the admin dashboard now show a loading indicator while fetching counts.
• Ad Generator Gradient Borders — The BBS advertisement generator now supports gradient border styles.
• Blackjack Leaderboard — Now tracks credits won from winning hands only (losses do not subtract). Score is independent of BBS credits earned elsewhere. Leaderboard resets each calendar month.

Database

• UTC Timestamp Normalisation — All timestamps are now stored as TIMESTAMPTZ with a connection default of UTC. Previously the system used whatever timezone Postgres or PHP defaulted to. Run php scripts/setup.php to apply the migration.

1.7.9

• LovlyNet automatic provisioning
• New subscribe users tool lets sysops force join users to certain echo areas (like ANNOUNCE)
• New NetRealm RPG WebDoor game
• Fix for upper case file names in received packet bundles and tics
• Add "Reload Config" button to binkp configuration page
• Implement telnet user registration
• Misc fixes in telnet daemon
• BinkP password handling protocol update
• Outgoing Tic file compliance with FSC-87
• Added basic Ad generator with ANSI colouring
• Various fixes and enhancements

1.7.8

Make file area rules fully domain scoped
Fix file are access when the system creates new directories
Echo areas now show in order of Local, LovlyNet, other networks
Add bulk message deletion to netmail
Enhance netmail filtering for sent and unsent tabs to help reduce clutter
Netmail now has navigation arrows and also supports keyboard left/right navigation
Netmail messages now use per-user soft delete for independent message deletion
Add Auto Feed RSS poster for automatically posting RSS feed updates to echo areas
Two new game proposals: ChessHive and Netrealm RPG
Sysop notifications are now sent to the sysop's email address
User registration now has a password strength meter and anti bot protection
Reorganized Admin menu now has nested sub-menus for BBS Settings and Area Management
Echomail now supports cross posting
Miscellaneous other fixes and improvements

1.7.7

• Added support for display_name and display_description webdoor config keys to override the name and description listed in a webdoors manifest. This allows sysops to customize the display name
• Made revpol webdoor support telnet
• Add idle timeout support to the unloved telnet daemon
• Move docs around in docs
• Make Webdoors proposal low priority and add documentation for how we're actually using it
• Fix nodelist import with respect to node # assignments for region and host
• Add file area file upload action processing. Runs on web uploads as well as incoming tic files.
• Signatures and taglines for outgoing netmail and echomail. User settings allow setting a signature and default tag line
• UI enhancements to Telnet server
• Miscellaneous improvements and fixes

1.7.6

• Improves TZUTC offset calculations on processing incoming echomail
• Usability improvements for new /echolist (forum style) echo area listing page
• Reduce aggressiveness of ASCII art detection so that regular mails are rendered as HTML instead of preformatted text
• Miscellaneous bug fixes and improvements