user account updates

- move user accounts to subdir
- add password support
- implemented basics of multi-user support
- Can add users, edit them, and log in with them (password or not)
- Cannot delete users (with service) yet

zefie_wtvp_minisrv/ServiceVault/wtv-1800/noflash.js

@@ -15,6 +15,7 @@ if (wtvsec_login) {
 headers = `200 OK
 Connection: Keep-Alive
 minisrv-use-carriage-return: false
+minisrv-no-mail-count: true
 wtv-initial-key: ` + wtvsec_login.challenge_key.toString(CryptoJS.enc.Base64) + `
 Content-Type: text/tellyscript
 wtv-service: reset

zefie_wtvp_minisrv/ServiceVault/wtv-1800/offer-open-isp-suggest.js

@@ -10,6 +10,7 @@ if (request_headers["wtv-ticket"]) {
 
 headers = `200 OK
 Connection: Keep-Alive
+minisrv-no-mail-count: true
 wtv-expire-all: wtv-
 wtv-open-isp-disabled: false
 wtv-visit: `+ gourl + `

zefie_wtvp_minisrv/ServiceVault/wtv-1800/preregister.js

@@ -150,6 +150,7 @@ if (ssid_sessions[socket.ssid].data_store.wtvsec_login) {
 
 
 	headers = "200 OK\n"
+	headers += "minisrv-no-mail-count: true\n";
 	if (bf0app_update) headers += "minisrv-use-carriage-return: false\n";
 	headers += "Connection: Keep-Alive\n";
 	headers += "wtv-initial-key: " + ssid_sessions[socket.ssid].data_store.wtvsec_login.challenge_key.toString(CryptoJS.enc.Base64) + "\n";

zefie_wtvp_minisrv/ServiceVault/wtv-1800/unauthorized.js

@@ -1,7 +1,8 @@
 var minisrv_service_file = true;
 
 headers = `200 OK
-Content-type: text/html`;
+Content-type: text/html
+minisrv-no-mail-count: true`;
 
 data = `<html>
 <head>
@@ -16,7 +17,7 @@ hspace=0 vspace=0 fontsize="large"
 <table cellspacing=0 cellpadding=0^C>
 <tr>
 <td width=104 height=74 valign=middle align=center bgcolor="3B3A4D">
-<img src="file://ROM/Cache/WebTVLogoJewel.gif" width=86 height=64>
+<img src="${minisrv_config.config.service_logo}" width=86 height=64>
 <td width=20 valign=top align=left bgcolor="3B3A4D">
 <img src="ROMCache/Spacer.gif"
 width=1 height=1>

zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/ValidateLogin.js

@@ -0,0 +1,83 @@
+var minisrv_service_file = true;
+
+var challenge_response, challenge_header = '';
+var gourl;
+var wtvsec_login = null;
+
+var user_id = (request_headers.query.user_id) ? request_headers.query.user_id : ssid_sessions[socket.ssid].user_id;
+
+if (socket.ssid !== null && user_id !== null) ssid_sessions[socket.ssid].switchUserID(user_id);
+
+if (socket.ssid !== null && !ssid_sessions[socket.ssid].get("wtvsec_login")) {
+	wtvsec_login = new WTVSec(minisrv_config);
+	wtvsec_login.IssueChallenge();
+	wtvsec_login.set_incarnation(request_headers["wtv-incarnation"]);
+	ssid_sessions[socket.ssid].set("wtvsec_login", wtvsec_login);
+} else {
+	wtvsec_login = ssid_sessions[socket.ssid].get("wtvsec_login");
+}
+
+if (socket.ssid !== null) {
+	if (wtvsec_login.ticket_b64 == null) {
+		challenge_response = wtvsec_login.challenge_response;
+		var client_challenge_response = request_headers["wtv-challenge-response"] || null;
+		if (challenge_response && client_challenge_response) {
+			if (challenge_response.toString(CryptoJS.enc.Base64) == client_challenge_response) {
+				console.log(" * wtv-challenge-response success for " + wtvshared.filterSSID(socket.ssid));
+				wtvsec_login.PrepareTicket();
+				gourl = "wtv-head-waiter:/login-stage-two?";
+			} else {
+				console.log(" * wtv-challenge-response FAILED for " + wtvshared.filterSSID(socket.ssid));
+				if (minisrv_config.config.debug_flags.debug) console.log("Response Expected:", challenge_response.toString(CryptoJS.enc.Base64));
+				if (minisrv_config.config.debug_flags.debug) console.log("Response Received:", client_challenge_response)
+				gourl = "wtv-head-waiter:/login?reissue_challenge=true";
+			}
+		} else {
+			gourl = "wtv-head-waiter:/login?no_response=true";
+		}
+	} else {
+		gourl = "wtv-head-waiter:/login-stage-two?";
+    }
+}
+
+if (user_id && !request_headers.query.initial_login && !request_headers.query.user_login) {
+	if (request_headers.query.password == "") {
+		headers = `500 Please enter your password and try again
+minisrv-no-mail-count: true
+`;
+	} else if (ssid_sessions[socket.ssid].validateUserPassword(request_headers.query.password)) {
+		ssid_sessions[socket.ssid].setSessionData('password_valid', true)
+		headers = `200 OK
+minisrv-no-mail-count: true
+Content-Type: text/html
+wtv-visit: ${gourl}
+`;
+	} else {
+		headers = `500 The password you entered was incorrect. Please retype it and try again.
+minisrv-no-mail-count: true
+`;
+	}
+} else {
+	if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > 1 && user_id === 0 && request_headers.query.initial_login) {
+		gourl = "wtv-head-waiter:/choose-user?"
+	} else {
+		var limitedLogin = (!ssid_sessions[socket.ssid].lockdown && (!ssid_sessions[socket.ssid].getSessionData('password_valid') && ssid_sessions[socket.ssid].getUserPasswordEnabled()));
+		var limitedLoginRegistered = (limitedLogin && ssid_sessions[socket.ssid].isRegistered());
+	}
+	headers = `200 OK
+wtv-connection-close: true
+Connection: close
+minisrv-no-mail-count: true
+Content-Type: text/html`;
+	if (client_challenge_response) {
+		headers += `
+wtv-encrypted: true
+wtv-ticket: ${wtvsec_login.ticket_b64}
+`;
+	}
+	console.log(ssid_sessions[socket.ssid])
+	if (limitedLoginRegistered) gourl = "wtv-head-waiter:/password?";
+	headers += `
+wtv-visit: ${gourl}`;
+
+}

zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/choose-user.js

@@ -0,0 +1,141 @@
+var minisrv_service_file = true;
+if (socket.ssid !== null) ssid_sessions[socket.ssid].switchUserID(0);
+
+headers = `200 OK
+minisrv-no-mail-count: true
+wtv-expire-all: wtv-head-waiter:/ValidateLogin
+wtv-noback-all: wtv-
+Content-Type: text/html`
+
+data = `
+<HTML>
+<HEAD>
+<title>
+Choose your name
+</title>
+<display nooptions nostatus switchtowebmode>
+</HEAD>
+<sidebar width=144> <table cellspacing=0 cellpadding=0 bgcolor="30364D">
+<tr>
+<td width=138 absheight=109 valign=top align=center>
+<img src="ROMCache/Spacer.gif" width=1 height=8><br>
+<img src="ROMCache/Spacer.gif" width=7 height=1>
+<img src="${minisrv_config.config.service_logo}" width=127 height=98>
+<td rowspan=99 width=6 absheight=420 valign=top align=left>
+<img src="ROMCache/Shadow.gif" width=6 height=420>
+<tr>
+<td absheight=5>
+<table cellspacing=0 cellpadding=0>
+<tr><td abswidth=138 absheight=2 valign=middle align=center bgcolor="1C1E28">
+<img src="ROMCache/Spacer.gif" width=1 height=1>
+<tr><td abswidth=138 absheight=1 valign=top align=left>
+<tr><td abswidth=138 absheight=2 valign=top align=left bgcolor="4D5573">
+<img src="ROMCache/Spacer.gif" width=1 height=1>
+</table>
+<tr>
+<td absheight=170>
+<tr>
+<td align=right>
+<img src="images/NameBanner.gif" width=50 height=125>
+<tr>
+<td absheight=8>
+</table>
+</sidebar>
+<body background="wtv-content:/ROMCache/NameStrip.gif"
+novtilebg
+nohtilebg
+bgcolor=191919
+text="AA9B4A" link=189cd6 vlink=189cd6 hspace=0 fontsize="large">
+<LINK href="wtv-content:/ROMCache/TopBackground_Classic.jpg" rel=next>
+<LINK href="wtv-content:/ROMCache/Community.gif" rel=next>
+<LINK href="wtv-content:/ROMCache/UtilityBullet.gif" rel=next>
+<LINK href="wtv-content:/ROMCache/BackgroundWebTVToday_a.swf" rel=next>
+<form action=/ValidateLogin enctype="x-www-form-encoded" method=post>
+<input type="hidden" NAME="target-url" VALUE="">
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td width=20>
+<td valign=center absheight=104 colspan=3>
+<font size="+1" color="E7CE4A"><blackface><shadow>
+Choose your name
+</shadow></blackface>
+<tr>
+<td>
+<td bgcolor=2b2b2b width=400 absheight=2 colspan=3>
+<img src="ROMCache/Spacer.gif" width=1 height=1>
+<tr>
+<td>
+<td absheight=1 colspan=3>
+<tr>
+<td>
+<td bgcolor=000000 width=400 absheight=2 colspan=3>
+<img src="ROMCache/Spacer.gif" width=1 height=1>
+</table>
+<table cellspacing=0 cellpadding=0 width=416>
+<tr><td width=20>
+<tr><td absheight=39>`;
+
+var accounts = ssid_sessions[socket.ssid].listPrimaryAccountUsers();
+var accounts_listed = 0;
+for (const [key, value] of Object.entries(accounts)) {
+    data += "<td valign=middle abswidth=50% maxlines=1>";
+    if (key == "subscriber") var user_id = 0
+    else var user_id = key.replace("user", '');
+    data += `<a href=/ValidateLogin?user_id=${user_id}&user_login=true nocancel>`;
+    if (key == "subscriber") data += `<font size=+1><b>${value['subscriber_username']}</b></font></a>`;
+    else data += `<font size=+1>${value['subscriber_username']}</font>`
+    data += "<td width=15><td nowrap>	<font color=42BD52>";
+    data += "<!-- do mailcheck here -->" // todo
+    data += `</font>
+<tr>
+<td>
+<td bgcolor=1e1e1e width=400 absheight=2 colspan=3>
+<img src="ROMCache/Spacer.gif" width=1 height=1>
+<tr>
+<td>
+<td absheight=1 colspan=3>
+<tr>
+<td>
+<td bgcolor=121212 width=400 absheight=2 colspan=3>
+<img src="ROMCache/Spacer.gif" width=1 height=1>
+<tr>
+<td absheight=37>
+`;
+    accounts_listed++;
+};
+
+while (accounts_listed < minisrv_config.config.user_accounts.max_users_per_account) {
+    data += `<tr>
+<td>
+<td bgcolor=1e1e1e width=400 absheight=2 colspan=3>
+<img src="ROMCache/Spacer.gif" width=1 height=1>
+<tr>
+<td>
+<td absheight=1 colspan=3>
+<tr>
+<td>
+<td bgcolor=121212 width=400 absheight=2 colspan=3>
+<img src="ROMCache/Spacer.gif" width=1 height=1>`;
+    if (accounts_listed != minisrv_config.config.user_accounts.max_users_per_account - 1) {
+        data += `<tr>
+<td>
+<td absheight=37>`;
+    } 
+    accounts_listed++;
+}
+
+data += `
+<tr>
+<td height=5>
+<tr>
+<td>
+<td colspan=3 valign=bottom align=right>
+<font color=e7ce4a size=-1><shadow>
+<img src="ROMCache/Spacer.gif" width=20 height=1>
+<!-- Only show this button on plus, since classic has no useful purpose offline -->
+<input type=submit name=hangup value="Hang Up" borderimage="file://ROM/Borders/ButtonBorder2.bif" useStyle width=110><spacer width=20 type=horizontal>
+</table>
+</form>
+</body>
+</html>
+`; 

zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js

@@ -1,47 +1,14 @@
 var minisrv_service_file = true;
+var gourl = null;
 
-var challenge_response, challenge_header = '';
+if (!ssid_sessions[socket.ssid].isRegistered() && (!request_headers.query.guest_login || !minisrv_config.config.allow_guests)) gourl = "wtv-register:/splash?";
-var gourl;
-
-if (socket.ssid != null && !ssid_sessions[socket.ssid].get("wtvsec_login")) {
-	var wtvsec_login = new WTVSec(minisrv_config);
-	wtvsec_login.IssueChallenge();
-	wtvsec_login.set_incarnation(request_headers["wtv-incarnation"]);
-	ssid_sessions[socket.ssid].set("wtvsec_login", wtvsec_login);
-} else {
-	var wtvsec_login = ssid_sessions[socket.ssid].get("wtvsec_login");
-}
-
-if (socket.ssid !== null) {
-	if (wtvsec_login.ticket_b64 == null) {
-		challenge_response = wtvsec_login.challenge_response;
-		var client_challenge_response = request_headers["wtv-challenge-response"] || null;
-		if (challenge_response && client_challenge_response) {
-			if (challenge_response.toString(CryptoJS.enc.Base64) == client_challenge_response) {
-				console.log(" * wtv-challenge-response success for " + wtvshared.filterSSID(socket.ssid));
-				wtvsec_login.PrepareTicket();
-
-			} else {
-				console.log(" * wtv-challenge-response FAILED for " + wtvshared.filterSSID(socket.ssid));
-				if (minisrv_config.config.debug_flags.debug) console.log("Response Expected:", challenge_response.toString(CryptoJS.enc.Base64));
-				if (minisrv_config.config.debug_flags.debug) console.log("Response Received:", client_challenge_response)
-				gourl = "wtv-head-waiter:/login?reissue_challenge=true";
-			}
-		} else {
-			gourl = "wtv-head-waiter:/login?no_response=true";
-		}
-	}
-}
-
-if (!ssid_sessions[socket.ssid].getSessionData("registered") && (!request_headers.query.guest_login || !minisrv_config.config.allow_guests)) gourl = "wtv-register:/splash?";
 
 if (gourl) {
 	headers = `200 OK
 wtv-open-isp-disabled: false
 `;
-	if (!ssid_sessions[socket.ssid].getSessionData("registered") && (!request_headers.query.guest_login || !minisrv_config.config.allow_guests)) {
+	if (!ssid_sessions[socket.ssid].isRegistered() && (!request_headers.query.guest_login || !minisrv_config.config.allow_guests)) {
 		headers += `wtv-encrypted: true
-wtv-ticket: ${wtvsec_login.ticket_b64}
 ${getServiceString('wtv-register')}
 ${getServiceString('wtv-head-waiter')}
 ${getServiceString('wtv-star')}
@@ -77,91 +44,111 @@ else {
 		var messenger_authorized = ssid_sessions[socket.ssid].getSessionData("messenger_authorized") || 0;
 		var home_url = "wtv-home:/splash?";
 	}
+	var limitedLogin = ssid_sessions[socket.ssid].lockdown;
+	var limitedLoginRegistered = (limitedLogin || (ssid_sessions[socket.ssid].isRegistered() && ssid_sessions[socket.ssid].getSessionData('password_valid')));
 	var offline_user_list = CryptoJS.enc.Latin1.parse("<user-list>\n\t<user userid=\"" + userid + " user-name=\"" + nickname + "\" first-name=\"" + minisrv_config.config.service_name + "User \" last-name=\\" + namerand + "\" password=\"\" mail-enabled=\"true\" />\n</user-list>").toString(CryptoJS.enc.Base64);
+
+	if (limitedLoginRegistered) var home_url = "wtv-head-waiter:/password?";
+
 	data = '';
+
 	headers = `200 OK
 Connection: Keep-Alive
-wtv-encrypted: true
+wtv-expire-all: wtv-head-waiter:
-wtv-client-time-zone: GMT -0000
+`;
+
+	if (!limitedLogin) {
+		headers += `wtv-client-time-zone: GMT -0000
 wtv-client-time-dst-rule: GMT
 wtv-client-date: `+ strftime("%a, %d %b %Y %H:%M:%S", new Date(new Date().toUTCString())) + ` GMT
 wtv-country: US
 wtv-language-header: en-US,en
+wtv-noback-all: wtv-
 wtv-visit: client:closeallpanels
 wtv-expire-all: client:closeallpanels
 wtv-transition-override: off
-wtv-force-lightweight-targets: webtv.net:/
 wtv-smartcard-inserted-message: Contacting service
-wtv-bypass-proxy: false`;
+wtv-ssl-timeout: 240
-	if (!ssid_sessions[socket.ssid].lockdown) {
+wtv-login-timeout: 7200
-		headers += `
-wtv-offline-user-list: ${offline_user_list}
-wtv-messenger-authorized: ${messenger_authorized}
-wtv-messenger-enable: ${messenger_enabled}`;
-	}
-	headers += `
-wtv-noback-all: wtv-
-wtv-service: reset
 `;
-	if (!ssid_sessions[socket.ssid].lockdown) {
+		if (!limitedLogin) {
-		headers += getServiceString('all', { "exceptions": ["wtv-register"] });
+
-	} else {
+			headers += getServiceString('all', { "exceptions": ["wtv-register"] });
-		headers += getServiceString('wtv-1800') + "\n";
+			headers += `wtv-offline-user-list: ${offline_user_list}
-		headers += getServiceString('wtv-head-waiter') + "\n";
+wtv-messenger-authorized: ${messenger_authorized}
-		headers += getServiceString('wtv-star') + "\n";
+wtv-messenger-enable: ${messenger_enabled}
-	}
+wtv-messagewatch-checktimeoffset: off
-	headers += `
+`;
-wtv-ticket: ${wtvsec_login.ticket_b64}`;
+		} else {
-	if (!ssid_sessions[socket.ssid].lockdown) {
+			/*
-		headers += `
+			headers += getServiceString('wtv-1800') + "\n";
+			headers += getServiceString('wtv-head-waiter') + "\n";
+			headers += getServiceString('wtv-log') + "\n";
+			headers += getServiceString('wtv-star') + "\n";
+			headers += getServiceString('wtv-flashrom') + "\n";
+			*/
+			headers += `wtv-messenger-authorized: 0
+wtv-messenger-enable: 0
+`;
+		}
+
+		headers += `wtv-log-url: wtv-log:/log
+wtv-ssl-log-url: wtv-log:/log
+`;
+
+		if (!limitedLogin) {
+			headers += `wtv-bypass-proxy: false
 user-id: ${userid}
 wtv-human-name: ${human_name}
 ${ssid_sessions[socket.ssid].setIRCNick(nickname)}
 wtv-domain: ${minisrv_config.config.domain_name}
-wtv-messagewatch-checktimeoffset: off
 wtv-input-timeout: 14400
 wtv-connection-timeout: 1440
 wtv-fader-timeout: 1440
-wtv-inactive-timeout: 1440`;
+wtv-inactive-timeout: 1440
-	} else {
+`;
-		headers += `
+		}
-user-id: 0
+		/*
-wtv-human-name: Unauthorized User
+		else {
-wtv-domain: ${minisrv_config.config.domain_name}
+			headers += `wtv-bypass-proxy: true
-wtv-input-timeout: 30
+	user-id: 0
-wtv-connection-timeout: 60
+	wtv-human-name: Unauthorized User
-wtv-fader-timeout: 60
+	wtv-domain: ${minisrv_config.config.domain_name}
-wtv-inactive-timeout: 60`;
+	wtv-input-timeout: 30
-	}
+	wtv-connection-timeout: 60
+	wtv-fader-timeout: 60
+	wtv-inactive-timeout: 60`;
+		}
+		*/
 
-	headers += "\nwtv-relogin-url: wtv-head-waiter:/relogin?relogin=true";
+		if (!limitedLogin) {
-	if (request_headers.query.guest_login) headers += "&guest_login=true";
+			headers += "\nwtv-relogin-url: wtv-head-waiter:/relogin?relogin=true";
+			if (request_headers.query.guest_login) headers += "&guest_login=true";
 
-	headers += "\nwtv-reconnect-url: wtv-head-waiter:/login-stage-two?reconnect=true";
+			headers += "\nwtv-reconnect-url: wtv-head-waiter:/login-stage-two?reconnect=true";
-	if (request_headers.query.guest_login) headers += "&guest_login=true";
+			if (request_headers.query.guest_login) headers += "&guest_login=true";
 
-	headers += "\nwtv-boot-url: wtv-head-waiter:/relogin?relogin=true";
+			headers += "\nwtv-boot-url: wtv-head-waiter:/relogin?relogin=true";
-	if (request_headers.query.guest_login) headers += "&guest_login=true";
+			if (request_headers.query.guest_login) headers += "&guest_login=true";
 
-	if (!ssid_sessions[socket.ssid].lockdown) headers += "\nwtv-home-url: wtv-home:/home?";	
+			headers += "\nwtv-home-url: wtv-home:/home?";
+		}
 
-	if (ssid_sessions[socket.ssid].get('wtv-need-upgrade') != 'true' && !request_headers.query.reconnect && !ssid_sessions[socket.ssid].lockdown)
+		if (ssid_sessions[socket.ssid].get('wtv-need-upgrade') != 'true' && !request_headers.query.reconnect && !limitedLogin)
-		headers += "\nwtv-settings-url: wtv-setup:/get";
+			headers += "\nwtv-settings-url: wtv-setup:/get\n";
 
-	headers += `
+		if (!limitedLogin) {
+			headers += `wtv-force-lightweight-targets: webtv.net:/
 wtv-show-time-enabled: true
 wtv-allow-dsc: true
 wtv-tourist-enabled: true
-wtv-log-url: wtv-log:/log
-wtv-ssl-log-url: wtv-log:/log
-wtv-ssl-timeout: 240
-wtv-login-timeout: 7200
 wtv-open-isp-disabled: false
 wtv-offline-mail-enable: false
 wtv-demo-mode: 0
 wtv-wink-deferrer-retries: 3
 wtv-name-server: 8.8.8.8`;
-
+		}
+	}
 	if (!request_headers.query.reconnect) headers += "\nwtv-visit: " + home_url;
 	headers += "\nContent-Type: text/html";
 }

zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login.js

@@ -1,8 +1,9 @@
 var minisrv_service_file = true;
 
 var challenge_response, challenge_header = "";
+if (socket.ssid !== null) ssid_sessions[socket.ssid].switchUserID(0);
 
-var gourl = "wtv-head-waiter:/login-stage-two?";
+var gourl = "wtv-head-waiter:/ValidateLogin?initial_login=true&";
 if (request_headers.query.relogin) gourl += "relogin=true";
 else if (request_headers.query.reconnect) gourl += "reconnect=true";
 
@@ -55,6 +56,8 @@ wtv-expire-all: wtv-head-waiter:
 wtv-log-url: wtv-log:/log`;
 	if (challenge_header != "") headers += "\n" + challenge_header;
 	headers += `
+wtv-country: US
+wtv-language-header: en-US,en
 wtv-relogin-url: wtv-head-waiter:/relogin?relogin=true
 wtv-reconnect-url: wtv-head-waiter:/relogin?reconnect=true
 wtv-visit: ${gourl}

zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/password.js

@@ -0,0 +1,58 @@
+var minisrv_service_file = true;
+
+headers = `200 OK
+Connection: Keep-Alive
+Content-Type: text/html
+wtv-visit: client:closeallpanels
+wtv-expire-all: client:closeallpanels`;
+
+data = `<html><HEAD><title>Password</title> 
+<DISPLAY noscroll nooptions nostatus switchtowebmode> </HEAD> <sidebar width=144> <table cellspacing=0 cellpadding=0 bgcolor="30364D"> <tr> <td width=138 absheight=109 valign=top align=center> <img src="ROMCache/Spacer.gif" width=1 height=8><br> <img src="ROMCache/Spacer.gif" width=7 height=1>
+<img src="${minisrv_config.config.service_logo}" width=127 height=98>
+<td rowspan=99 width=6 absheight=420 valign=top align=left> <img src="ROMCache/Shadow.gif" width=6 height=420> <tr> <td absheight=5>
+<table cellspacing=0 cellpadding=0> 
+<tr><td abswidth=138 absheight=2 valign=middle align=center bgcolor="1C1E28"> <img src="ROMCache/Spacer.gif" width=1 height=1> <tr><td abswidth=138 absheight=1 valign=top align=left> <tr><td abswidth=138 absheight=2 valign=top align=left bgcolor="4D5573"> <img src="ROMCache/Spacer.gif" width=1 height=1> </table> <tr> 
+<td absheight=106>
+<tr>
+<td align=right> 
+<img src="images/PasswordBanner.gif" width=50 height=191> <tr> <td absheight=8> 
+</table>
+</sidebar>
+<body background="images/NameStrip.gif"
+novtilebg
+nohtilebg
+bgcolor=191919 
+text="AA9B4A" link=189cd6 vlink=189cd6 hspace=0 fontsize="large"> <form action=/ValidateLogin enctype="x-www-form-encoded" method=post> <input type="hidden" NAME="target-url" VALUE=""> <table cellspacing=0 cellpadding=0> 
+<tr>
+<td width=20>
+<td valign=center absheight=104> 
+<font size="+1" color="E7CE4A"><blackface><shadow> Type your password </shadow></blackface> 
+<tr>
+<td> 
+<td bgcolor=2b2b2b abswidth=400 absheight=2> <img src="ROMCache/Spacer.gif" width=1 height=1> <tr> <td> 
+<td absheight=1>
+<tr>
+<td> 
+<td bgcolor=000000 abswidth=400 absheight=2> <img src="ROMCache/Spacer.gif" width=1 height=1> <tr> <td> 
+<td height=125 valign=center>
+<font size=+1 color=42bd52>Password 
+<img src="ROMCache/Spacer.gif" width=4 height=1> <input type=password size=26 maxlength=10 name="password" bgcolor=#444444 text=#ffdd33 cursor=#cc9933 id="password" selected >
+<input type=hidden name="user_id" id="user_id" value=${ssid_sessions[socket.ssid].user_id}> <tr> <td>
+<td>
+<tr>
+<td> 
+<td bgcolor=2b2b2b abswidth=400 absheight=2> <img src="ROMCache/Spacer.gif" width=1 height=1> <tr> <td> 
+<td absheight=1>
+<tr>
+<td> 
+<td bgcolor=000000 abswidth=400 absheight=2> <img src="ROMCache/Spacer.gif" width=1 height=1> <tr> <td height=8> 
+<tr>
+<td>
+<td align=right width=100%> 
+<font COLOR="#E7CE4A" SIZE=-1><shadow><input type=submit borderimage="file://ROM/Borders/ButtonBorder2.bif" value="Continue" usestyle>
+</shadow></font> 
+<img src="ROMCache/Spacer.gif" width=20 height=1> </table>
+</form> 
+</body>
+</html>
+`; 

zefie_wtvp_minisrv/ServiceVault/wtv-home/Credits-Legal.js

@@ -0,0 +1,109 @@
+var minisrv_service_file = true;
+
+headers = `200 OK
+Connection: Keep-Alive
+wtv-mail-count: ${ssid_sessions[socket.ssid].mailstore.countUnreadMessages(0)}
+Content-Type: text/html`
+
+data = `
+<HTML>
+<HEAD>
+<TITLE>
+WebTV Terms of Service
+</TITLE>
+<DISPLAY >
+</HEAD>
+<sidebar width=110> <table cellspacing=0 cellpadding=0 BGCOLOR="8C6A2E">
+<tr>
+<td colspan=3 abswidth=104 absheight=4>
+<td rowspan=99 width=6 absheight=420 valign=top align=left>
+<img src="wtv-home:/ROMCache/Shadow.gif" width=6 height=420>
+<tr>
+<td abswidth=6>
+<td abswidth=92 absheight=76>
+<table href="wtv-home:/home" absheight=76 cellspacing=0 cellpadding=0>
+<tr>
+<td align=right>
+<img src="wtv-home:/ROMCache/WebTVLogoJewel.gif" width=87 height=67>
+</table>
+<td abswidth=6>
+<tr><td absheight=5 colspan=3>
+<table cellspacing=0 cellpadding=0>
+<tr><td abswidth=104 absheight=2 valign=middle align=center bgcolor="5a4521">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+<tr><td abswidth=104 absheight=1 valign=top align=left>
+<tr><td abswidth=104 absheight=2 valign=top align=left bgcolor="c0954a">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+</table>
+<tr><td absheight=100>
+<tr><td absheight=244 align=right colspan=3>
+<img src="ROMCache/TermsBanner.gif" width=48 height=136>
+<tr><td absheight=41>
+</table>
+</sidebar>
+<print blackandwhite>
+<print blackandwhite>
+<BODY BGCOLOR="#191919" TEXT="#44cc55" LINK="189CD6" VLINK="189CD6" HSPACE=0 VSPACE=0 FONTSIZE="large"
+>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=14>
+<td abswidth=416 absheight=80 valign=center>
+<font size="+2" color="E7CE4A"><blackface><shadow>
+<font size="+1">
+<CENTER><B>WebTV Terms of Service</B></font><br>
+<B><font size="-1">(Release date January 21, 2022)</B></CENTER></font>
+<td abswidth=20>
+<tr>
+<td>
+<td valign=top align=left>
+<p><b>General</b><br>
+<p>This is a recreation of the WebTV service, originally hosted by WebTV Networks, Inc. This server has no affiliation with WebTV Networks, and all original assets and pages belong to them.</p>
+  <p><b>Rules</b><br>
+<p>You must follow these rules, or your privilege to access this service may be revoked.</p>
+<ul>
+    <li>Do not harass other users</li>
+    <li>Do not impersonate others on the network</li>
+	<li>Do not send spam e-mail</li>
+    <li>Do not attempt to access unauthorized areas of the network</li>
+    <li>Do not attempt to disrupt or otherwise negatively impact the service for others</li>
+	<li>All users must be over 13 years of age, or be accompanied by a parent or guardian at all times</li>
+  </ul> 
+  <p>Failure to abide by one or more of these rules may require your access to be terminated.</p>
+  <p><b>Service Termination</b><br>
+<p>If you break one or more of the rules listed above, your access to the service may be revoked. Disclosure of your termination reason will be decided on a case-by-case basis. Any attempt for a banned user to regain access to the server will be dealt with immediately. If you know of a banned user who is still on the network, please report it to us on Discord at JarHead#3922. All decisions are final, and will not be reverted.</p>
+  
+<p>These terms can change at any time, without warning. Your continued usage of the service is an agreement to these Terms of Service. If you do not agree to these terms, please disconnect immediately and get in contact on Discord at JarHead#3922 so your account can be terminated.</p>
+<td>
+<tr>
+<td absheight=7>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="2B2B2B">
+<img src="ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=1>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="0D0D0D">
+<img src="ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=4>
+</table>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=430 valign=top align=right>
+<form
+action=client:goback>
+<font color="#E7CE4A" size=-1><shadow>
+<input
+selected
+type=submit borderimage="file://ROM/Borders/ButtonBorder2.bif" value=Done name="Done" usestyle width=103>
+</shadow></font></form>
+<td abswidth=20>
+<tr>
+<td absheight=15>
+</table>
+</body>
+</html>
+`;

zefie_wtvp_minisrv/ServiceVault/wtv-home/Credits-Privacy.js

@@ -0,0 +1,118 @@
+var minisrv_service_file = true;
+
+headers = `200 OK
+Connection: Keep-Alive
+wtv-mail-count: ${ssid_sessions[socket.ssid].mailstore.countUnreadMessages(0)}
+Content-Type: text/html`
+
+data = `
+<HTML>
+<HEAD>
+<TITLE>
+WebTV Service Privacy Statement
+</TITLE>
+<DISPLAY >
+</HEAD>
+<sidebar width=110> <table cellspacing=0 cellpadding=0 BGCOLOR="8C6A2E">
+<tr>
+<td colspan=3 abswidth=104 absheight=4>
+<td rowspan=99 width=6 absheight=420 valign=top align=left>
+<img src="wtv-home:/ROMCache/Shadow.gif" width=6 height=420>
+<tr>
+<td abswidth=6>
+<td abswidth=92 absheight=76>
+<table href="wtv-home:/home" absheight=76 cellspacing=0 cellpadding=0>
+<tr>
+<td align=right>
+<img src="wtv-home:/ROMCache/WebTVLogoJewel.gif" width=87 height=67>
+</table>
+<td abswidth=6>
+<tr><td absheight=5 colspan=3>
+<table cellspacing=0 cellpadding=0>
+<tr><td abswidth=104 absheight=2 valign=middle align=center bgcolor="5a4521">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+<tr><td abswidth=104 absheight=1 valign=top align=left>
+<tr><td abswidth=104 absheight=2 valign=top align=left bgcolor="c0954a">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+</table>
+<tr><td absheight=100>
+<tr><td absheight=244 align=right colspan=3>
+<img src="ROMCache/TermsBanner.gif" width=48 height=136>
+<tr><td absheight=41>
+</table>
+</sidebar>
+<print blackandwhite>
+<print blackandwhite>
+<BODY BGCOLOR="#191919" TEXT="#44cc55" LINK="189CD6" VLINK="189CD6" HSPACE=0 VSPACE=0 FONTSIZE="large"
+>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=14>
+<td abswidth=416 absheight=80 valign=center>
+<font size="+2" color="E7CE4A"><blackface><shadow>
+<font size="+1">
+<CENTER><B>WebTV Service Privacy Statement</B></font><br>
+<B><font size="-1">(Release date January 21, 2022)</B></CENTER></font>
+<td abswidth=20>
+<tr>
+<td>
+<td valign=top align=left>
+<p>The purpose of this WebTV server is to recreate the 1999 WebTV experience using pages and assets from that era. There will be inaccuracies in some areas. If you do find any, please report them to JarHead#3922 on Discord.</p>
+<p><b>With Whom Personal Information Is Shared and What Is Collected</b><br>
+<p>When you register with a WebTV account on this server, you are sharing the following:</p>
+<ul>
+    <li>Your WebTV SSID (Silicon Serial ID)</li>
+    <li>Your name</li>
+	<li>Your ZIP Code</li>
+    <li>Pages you access</li>
+  </ul> 
+  <p>This information is shared with the server operators.</p>
+  <p><b>Your Silicon Serial ID</b><br>
+<p>Your Silicon Serial ID (SSID) is used to identify you on the network. Anyone with your SSID can impersonate you on the network, so don't share it. This ID is stored on our servers when you sign up, however it will not be shared with anyone except the server operators.</p>
+  <p><b>Your Name</b><br>
+<p>The name that you enter while signing up will be stored on our servers, however it will not be shared with anyone except the server operators.</p>
+  <p><b>Your ZIP Code</b><br>
+<p>The ZIP Code you enter to set weather info will be stored on our servers, and will only be sent to The Weather Channel to get current data. You are not required to enter a ZIP code, however it is required to fully utilize weather forecasting.</p>
+  <p><b>Pages you access</b><br>
+<p>All pages you visit and images you download will be temporarily logged for security reasons. This includes WebTV Network pages and Internet Web sites. This information can not be traced back to you, and will only be viewable to server operators for a short time. IRC Chat messages will <b><i>not</i></b> be logged, however server operators can see what servers you are connecting to.</p>
+<p><b>How We Help Protect Children's Privacy</b><br>
+<p>We do not knowingly collect information from children under the age of 13 to comply with COPPA. If the account creator is under 13, the main user and all secondary accounts will be terminated. All secondary users under 13 must be accompanied by a parent or guardian while using this service.</p>
+<!-- <p><font size="-1"><i>MSN Privacy<br>
+Microsoft Corporation<br>
+One Microsoft Way<br>
+Redmond, Washington 98052<br>
+425-882-8080<br></i></font> -->
+<p>This Privacy Statement can change at any time, and without warning. If you do not agree with this Privacy Statement, please disconnect and contact JarHead#3922 on Discord to terminate your account.</p>
+<td>
+<tr>
+<td absheight=7>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="2B2B2B">
+<img src="ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=1>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="0D0D0D">
+<img src="ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=4>
+</table>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=430 valign=top align=right>
+<form
+action=client:goback>
+<font color="#E7CE4A" size=-1><shadow>
+<input
+selected
+type=submit borderimage="file://ROM/Borders/ButtonBorder2.bif" value=Done name="Done" usestyle width=103>
+</shadow></font></form>
+<td abswidth=20>
+<tr>
+<td absheight=15>
+</table>
+</body>
+</html>
+`;

zefie_wtvp_minisrv/ServiceVault/wtv-register/ValidateAccountInfo.js

@@ -11,8 +11,8 @@ if (!request_headers.query.registering) {
     if (!request_headers.query.registering) errpage = wtvshared.doErrorPage(400);
     else if (!request_headers.query.subscriber_name) errpage = wtvshared.doErrorPage(400, "Please enter your name. This can be your real name, or your well-known online alias.");
     else if (!request_headers.query.subscriber_username) errpage = wtvshared.doErrorPage(400, "Please enter a username.");
-    else if (request_headers.query.subscriber_username.length < 5) errpage = wtvshared.doErrorPage(400, "Please choose a username with 5 or more characters.");
+    else if (request_headers.query.subscriber_username.length < minisrv_config.config.user_accounts.min_length) errpage = wtvshared.doErrorPage(400, "Please choose a username with " + minisrv_config.config.user_accounts.min_length + " or more characters.");
-    else if (request_headers.query.subscriber_username.length > 16) errpage = wtvshared.doErrorPage(400, "Please choose a username with 16 or less characters.");
+    else if (request_headers.query.subscriber_username.length > minisrv_config.config.user_accounts.max_length) errpage = wtvshared.doErrorPage(400, "Please choose a username with " + minisrv_config.config.user_accounts.max_length + " or less characters.");
     else if (!wtvr.checkUsernameSanity(request_headers.query.subscriber_username)) errpage = wtvshared.doErrorPage(400, "The username you have chosen contains invalid characters. Please choose a username with only <b>letters</b>, <b>numbers</b>, <b>_</b> or <b>-</b>. Also, please be sure your username begins with a letter.");
     else if (!wtvr.checkUsernameAvailable(request_headers.query.subscriber_username, ssid_sessions)) errpage = wtvshared.doErrorPage(400, "The username you have selected is already in use. Please select another username.");
     else if (!request_headers.query.subscriber_contact) errpage = wtvshared.doErrorPage(400, "Please enter your contact information.");

zefie_wtvp_minisrv/ServiceVault/wtv-setup/accounts.js

@@ -0,0 +1,133 @@
+var minisrv_service_file = true;
+ssid_sessions[socket.ssid].loadSessionData();
+
+if (ssid_sessions[socket.ssid].user_id != 0) {
+    var errpage = doErrorPage(400, "You are not authorized to edit the primary account.");
+    headers = errpage[0];
+    data = errpage[1];
+} else {
+    headers = `200 OK
+Connection: Keep-Alive
+Content-Type: text/html`
+
+    data = `<HTML>
+<HTML>
+<HEAD>
+<TITLE>
+Users setup
+</TITLE>
+<DISPLAY >
+</HEAD>
+<sidebar width=110> <table cellspacing=0 cellpadding=0 BGCOLOR="30364D">
+<tr>
+<td colspan=3 abswidth=104 absheight=4>
+<td rowspan=99 width=6 absheight=420 valign=top align=left>
+<img src="wtv-home:/ROMCache/Shadow.gif" width=6 height=420>
+<tr>
+<td abswidth=6>
+<td abswidth=92 absheight=76>
+<table href="wtv-home:/home" absheight=76 cellspacing=0 cellpadding=0>
+<tr>
+<td align=right>
+<img src="${minisrv_config.config.service_logo}" width=87 height=67>
+</table>
+<td abswidth=6>
+<tr><td absheight=5 colspan=3>
+<table cellspacing=0 cellpadding=0>
+<tr><td abswidth=104 absheight=2 valign=middle align=center bgcolor="1C1E28">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+<tr><td abswidth=104 absheight=1 valign=top align=left>
+<tr><td abswidth=104 absheight=2 valign=top align=left bgcolor="4D5573">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+</table>
+<tr><td absheight=37>
+<tr><td absheight=263 align=right colspan=3>
+<img src="ROMCache/AccountBanner.gif" width=53 height=263>
+<tr><td absheight=41>
+</table>
+</sidebar>
+<BODY NOHTILEBG BGCOLOR="#191919" TEXT="#42CC55" LINK="36d5ff" VLINK="36d5ff" HSPACE=0 VSPACE=0 FONTSIZE="large"
+>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=14>
+<td colspan=3>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td valign=center absheight=80>
+<font size="+2" color="E7CE4A"><blackface><shadow>
+WebTV users
+</table>
+<td abswidth=20>
+<TR>
+<td>
+<td WIDTH=198 HEIGHT=244 VALIGN=top ALIGN=left>
+<FONT COLOR="44cc55"><B>
+Subscriber:
+<P>`;
+    var accounts = ssid_sessions[socket.ssid].listPrimaryAccountUsers();
+
+    if (Object.keys(accounts).length > 1) data += "Additional users:</B></FONT>";
+
+    data += "<TD WIDTH=20><TD WIDTH=198 VALIGN=top ALIGN=left>";
+
+    data += `<FORM>
+<FONT COLOR="189CD6"><B>
+<A HREF="wtv-setup:/edit-user-begin?user_id=0">${accounts.subscriber.subscriber_username}</A>
+</B></FONT>
+<P>`;
+
+    if (Object.keys(accounts).length > 1) {
+        delete accounts.subscriber;
+        for (const [key, value] of Object.entries(accounts)) {
+            data += `<FONT COLOR="189CD6"><B>
+<A HREF="wtv-setup:/edit-user-begin?user_id=${key.replace("user", '')}">${value.subscriber_username}</A>
+`;
+
+        };
+    }
+    data += `
+</B></FONT>
+<BR>
+<TR>
+<TD>
+<TD COLSPAN=4 HEIGHT=4 VALIGN=top ALIGN=left>
+<tr>
+<TD>
+<td colspan=4 height=2 valign=middle align=center bgcolor="2B2B2B">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=436 height=1>
+<tr>
+<TD>
+<td colspan=4 height=1 valign=top align=left>
+<tr>
+<TD>
+<td colspan=4 height=2 valign=top align=left bgcolor="0D0D0D">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=436 height=1>
+<TR>
+<TD>
+<TD COLSPAN=4 HEIGHT=4 VALIGN=top ALIGN=left>
+<TR>
+<TD>
+<TD COLSPAN=3 VALIGN=top ALIGN=right>
+<FONT COLOR="#E7CE4A" SIZE=-1><SHADOW>
+<INPUT action="/remove-users?user-count=x"
+name="RemoveUser" value="Remove User" WIDTH=140 ${(Object.keys(accounts).length <= 1) ? 'USESTYLE' : 'disabled="disabled" text=gray' }
+TYPE=SUBMIT BORDERIMAGE="file://ROM/Borders/ButtonBorder2.bif" NAME="Button1" WIDTH=103>
+<IMG SRC="wtv-home:/ROMCache/Spacer.gif" WIDTH=4 HEIGHT=1>
+<INPUT action="/add-user?user_count=${Object.keys(accounts).length}"
+name="AddUser" value="Add User" WIDTH=120 ${(Object.keys(accounts).length >= minisrv_config.config.user_accounts.max_users_per_account) ? 'disabled="disabled" text=gray' : 'USESTYLE'}
+TYPE=SUBMIT BORDERIMAGE="file://ROM/Borders/ButtonBorder2.bif" NAME="Button2" WIDTH=103>
+<IMG SRC="wtv-home:/ROMCache/Spacer.gif" WIDTH=4 HEIGHT=1>
+<INPUT action="client:goback"
+name="Done"
+value="Done"
+WIDTH=120
+selected
+TYPE=SUBMIT BORDERIMAGE="file://ROM/Borders/ButtonBorder2.bif" NAME="Button3" USESTYLE WIDTH=103>
+</SHADOW></FONT></FORM>
+<TD>
+</TABLE>
+</BODY>
+</HTML>
+`;
+}

zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user-name.js

@@ -0,0 +1,136 @@
+var minisrv_service_file = true;
+
+
+if (ssid_sessions[socket.ssid].user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
+else if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + " account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.");
+else if (!request_headers.query.user_name) errpage = wtvshared.doErrorPage(400, "Please enter a username.");
+
+if (errpage) {
+    headers = errpage[0];
+    data = errpage[1];
+} else {
+    headers = `200 OK
+Connection: Keep-Alive
+Content-Type: text/html`
+
+    data = `<HTML>
+<HTML>
+<HEAD>
+<TITLE>
+Adding a User
+</TITLE>
+<DISPLAY nosave
+noscroll>
+</HEAD>
+<sidebar width=110> <table cellspacing=0 cellpadding=0 BGCOLOR="30364D">
+<tr>
+<td colspan=3 abswidth=104 absheight=4>
+<td rowspan=99 width=6 absheight=420 valign=top align=left>
+<img src="wtv-home:/ROMCache/Shadow.gif" width=6 height=420>
+<tr>
+<td abswidth=6>
+<td abswidth=92 absheight=76>
+<table href="wtv-home:/home" absheight=76 cellspacing=0 cellpadding=0>
+<tr>
+<td align=right>
+<img src="${minisrv_config.config.service_logo}" width=87 height=67>
+</table>
+<td abswidth=6>
+<tr><td absheight=5 colspan=3>
+<table cellspacing=0 cellpadding=0>
+<tr><td abswidth=104 absheight=2 valign=middle align=center bgcolor="1C1E28">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+<tr><td abswidth=104 absheight=1 valign=top align=left>
+<tr><td abswidth=104 absheight=2 valign=top align=left bgcolor="4D5573">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+</table>
+<tr><td absheight=37>
+<tr><td absheight=263 align=right colspan=3>
+<img src="ROMCache/AccountBanner.gif" width=53 height=263>
+<tr><td absheight=41>
+</table>
+</sidebar>
+<BODY BGCOLOR="#191919" TEXT="#44cc55" LINK="189CD6" VLINK="189CD6" HSPACE=0 VSPACE=0 FONTSIZE="large"
+>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=14>
+<td abswidth=416 absheight=80 valign=center>
+<font size="+2" color="E7CE4A"><blackface><shadow>
+User's Internet name
+<td abswidth=20>
+<tr>
+<td>
+<td absheight=244 valign=top align=left>
+<form action="wtv-setup:/add-user-password">
+<INPUT TYPE="hidden" NAME="display_name" VALUE="${request_headers.query.display_name || ''}">
+<table cellspacing=0 cellpadding=0 border=0>
+<tr>
+<td align=left valign=top abswidth=198>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td align=left>
+Type an Internet<br>
+name`;
+    if (request_headers.query.display_name) {
+        data += ` for <b>${request_headers.query.display_name}</b>.`
+    } else {
+        data += "."
+    } data += `
+<p>Internet names can<br>
+contain letters and<br>
+numbers, but no<br>
+spaces.
+</a>
+</table>
+</td>
+<td align=left valign=top width=6>
+</td>
+<td align=left valign=top abswidth=210>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td colspan=3 align=left>
+Internet name<br>
+<INPUT noSubmit name="user_name" id="user_name" Value="${request_headers.query.display_name || ''}"
+bgcolor=#444444 text=#ffdd33 cursor=#cc9933
+TYPE="text" ASCIIONLY
+SIZE="18"
+MAXLENGTH="18">
+<tr>
+<td height=6>
+<tr>
+<td colspan=3 align=left>
+</a>
+</table>
+</table>
+<td>
+<tr>
+<td absheight=7>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="2B2B2B">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=1>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="0D0D0D">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=4>
+</table>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=430 valign=top align=right>
+<font color="#E7CE4A" size=-1><shadow>
+<input
+selected
+type=submit borderimage="file://ROM/Borders/ButtonBorder2.bif"
+value=Continue name="Continue" usestyle width=103>
+</shadow></font></form>
+<td abswidth=20>
+</table>
+      </body>
+</html>
+`;
+}

zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user-password.js

@@ -0,0 +1,150 @@
+var minisrv_service_file = true;
+var errpage = null;
+
+const WTVRegister = require("./WTVRegister.js")
+const wtvr = new WTVRegister(minisrv_config, SessionStore);
+
+if (ssid_sessions[socket.ssid].user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
+else if (!request_headers.query.user_name) errpage = doErrorPage(400, "Please enter a username.");
+else if (request_headers.query.user_name.length < minisrv_config.config.user_accounts.min_length) errpage = wtvshared.doErrorPage(400, "Please choose a username with " + minisrv_config.config.user_accounts.min_length + " or more characters.");
+else if (request_headers.query.user_name.length > minisrv_config.config.user_accounts.max_length) errpage = wtvshared.doErrorPage(400, "Please choose a username with " + minisrv_config.config.user_accounts.max_length + " or less characters.");
+else if (!wtvr.checkUsernameSanity(request_headers.query.user_name)) errpage = wtvshared.doErrorPage(400, "The username you have chosen contains invalid characters. Please choose a username with only <b>letters</b>, <b>numbers</b>, <b>_</b> or <b>-</b>. Also, please be sure your username begins with a letter.");
+else if (!wtvr.checkUsernameAvailable(request_headers.query.user_name, ssid_sessions)) errpage = wtvshared.doErrorPage(400, "The username you have selected is already in use. Please select another username.");
+else if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + " account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.");
+
+
+
+if (errpage) {
+    headers = errpage[0];
+    data = errpage[1];
+} else {
+
+    headers = `200 OK
+Connection: Keep-Alive
+Content-Type: text/html`
+
+    data = `<HTML>
+<HTML>
+<HEAD>
+<TITLE>
+Adding a User
+</TITLE>
+<DISPLAY nosave
+noscroll>
+</HEAD>
+<sidebar width=110> <table cellspacing=0 cellpadding=0 BGCOLOR="30364D">
+<tr>
+<td colspan=3 abswidth=104 absheight=4>
+<td rowspan=99 width=6 absheight=420 valign=top align=left>
+<img src="wtv-home:/ROMCache/Shadow.gif" width=6 height=420>
+<tr>
+<td abswidth=6>
+<td abswidth=92 absheight=76>
+<table href="wtv-home:/home" absheight=76 cellspacing=0 cellpadding=0>
+<tr>
+<td align=right>
+<img src="${minisrv_config.config.service_logo}" width=87 height=67>
+</table>
+<td abswidth=6>
+<tr><td absheight=5 colspan=3>
+<table cellspacing=0 cellpadding=0>
+<tr><td abswidth=104 absheight=2 valign=middle align=center bgcolor="1C1E28">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+<tr><td abswidth=104 absheight=1 valign=top align=left>
+<tr><td abswidth=104 absheight=2 valign=top align=left bgcolor="4D5573">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+</table>
+<tr><td absheight=37>
+<tr><td absheight=263 align=right colspan=3>
+<img src="ROMCache/AccountBanner.gif" width=53 height=263>
+<tr><td absheight=41>
+</table>
+</sidebar>
+<BODY BGCOLOR="#191919" TEXT="#44cc55" LINK="189CD6" VLINK="189CD6" HSPACE=0 VSPACE=0 FONTSIZE="large"
+>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=14>
+<td abswidth=416 absheight=80 valign=center>
+<font size="+2" color="E7CE4A"><blackface><shadow>
+Optional password
+<td abswidth=20>
+<tr>
+<td>
+<td absheight=244 valign=top align=left>
+<form action="wtv-setup:/validate-add-user">
+<INPUT TYPE="hidden" NAME="display_name" VALUE="${request_headers.query.display_name}">
+<INPUT TYPE="hidden" NAME="user_name" VALUE="${request_headers.query.user_name}">
+<table cellspacing=0 cellpadding=0 border=0>
+<tr>
+<td align=left valign=top abswidth=198>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td align=left>
+Type an optional<br>
+password from ${minisrv_config.config.passwords.min_length} to
+<br>${minisrv_config.config.passwords.max_length} characters long.
+<p>You'll need to type<br>
+the password<br>
+Whenever you switch to <b>${request_headers.query.user_name}</b>.<br>
+<p>Leave the spaces<br>
+blank if you don't<br>
+want a password.
+</a>
+</table>
+</td>
+<td align=left valign=top width=6>
+</td>
+<td align=left valign=top abswidth=210>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td colspan=3 align=left>
+Password<br>
+<INPUT noSubmit name="user_password" id="user_password" Value=""
+bgcolor=#444444 text=#ffdd33 cursor=#cc9933
+TYPE="password" ASCIIONLY
+SIZE="${minisrv_config.config.passwords.form_size}"
+MAXLENGTH="${minisrv_config.config.passwords.max_length}">
+<tr>
+<td height=6>
+<tr>
+<td colspan=3 align=left>
+<br>Type again to confirm<br>
+<INPUT noSubmit name="user_password2" id="user_password2" Value=""
+bgcolor=#444444 text=#ffdd33 cursor=#cc9933
+TYPE="password" ASCIIONLY
+SIZE="${minisrv_config.config.passwords.form_size}"
+MAXLENGTH="${minisrv_config.config.passwords.max_length}">
+</table>
+</table>
+<td>
+<tr>
+<td absheight=7>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="2B2B2B">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=1>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="0D0D0D">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=4>
+</table>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=430 valign=top align=right>
+<font color="#E7CE4A" size=-1><shadow>
+<input
+selected
+type=submit borderimage="file://ROM/Borders/ButtonBorder2.bif"
+value=Continue name="Continue" usestyle width=103>
+</shadow></font></form>
+<td abswidth=20>
+</table>
+      </body>
+</html>
+`;
+}

zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user.js

@@ -0,0 +1,134 @@
+var minisrv_service_file = true;
+
+if (Object.keys(ssid_sessions[socket.ssid].listPrimaryAccountUsers()).length >= minisrv_config.config.user_accounts.max_users_per_account) {
+    errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + " account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.");
+}
+else if (ssid_sessions[socket.ssid].user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
+
+
+if (errpage) {
+    headers = errpage[0];
+    data = errpage[1];
+} else {
+
+    headers = `200 OK
+Connection: Keep-Alive
+Content-Type: text/html`
+
+    data = `<HTML>
+<HTML>
+<HEAD>
+<TITLE>
+Adding person's name
+</TITLE>
+<DISPLAY nosave
+noscroll>
+</HEAD>
+<sidebar width=110> <table cellspacing=0 cellpadding=0 BGCOLOR="30364D">
+<tr>
+<td colspan=3 abswidth=104 absheight=4>
+<td rowspan=99 width=6 absheight=420 valign=top align=left>
+<img src="wtv-home:/ROMCache/Shadow.gif" width=6 height=420>
+<tr>
+<td abswidth=6>
+<td abswidth=92 absheight=76>
+<table href="wtv-home:/home" absheight=76 cellspacing=0 cellpadding=0>
+<tr>
+<td align=right>
+<img src="${minisrv_config.config.service_logo}" width=87 height=67>
+</table>
+<td abswidth=6>
+<tr><td absheight=5 colspan=3>
+<table cellspacing=0 cellpadding=0>
+<tr><td abswidth=104 absheight=2 valign=middle align=center bgcolor="1C1E28">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+<tr><td abswidth=104 absheight=1 valign=top align=left>
+<tr><td abswidth=104 absheight=2 valign=top align=left bgcolor="4D5573">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+</table>
+<tr><td absheight=37>
+<tr><td absheight=263 align=right colspan=3>
+<img src="ROMCache/AccountBanner.gif" width=53 height=263>
+<tr><td absheight=41>
+</table>
+</sidebar>
+<BODY BGCOLOR="#191919" TEXT="#44cc55" LINK="189CD6" VLINK="189CD6" HSPACE=0 VSPACE=0 FONTSIZE="large"
+>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=14>
+<td abswidth=416 absheight=80 valign=center>
+<font size="+2" color="E7CE4A"><blackface><shadow>
+User's name
+<td abswidth=20>
+<tr>
+<td>
+<td absheight=244 valign=top align=left>
+<form
+action="wtv-setup:/add-user-name"
+>
+<P>
+<table cellspacing=0 cellpadding=0 border=0>
+<tr>
+<td align=left valign=top abswidth=198>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td align=left>
+Type the person's<br>
+display name<br>
+here. They are<br>
+included when the<br>
+user sends mail.
+<p>Leave the space<br>
+blank if you don't<br>
+want to type this<br>
+person's name.
+</a>
+</table>
+</td>
+<td align=left valign=top width=6>
+</td>
+<td align=left valign=top abswidth=210>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td colspan=3 align=left>
+Display name<br>
+<INPUT noSubmit name="display_name" id="display_name" Value=""
+bgcolor=#444444 text=#ffdd33 cursor=#cc9933
+TYPE="text" ASCIIONLY
+SIZE="18"
+MAXLENGTH="18">
+</a>
+</table>
+</table>
+<td>
+<tr>
+<td absheight=7>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="2B2B2B">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=1>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="0D0D0D">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=4>
+</table>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=430 valign=top align=right>
+<font color="#E7CE4A" size=-1><shadow>
+<input
+selected
+type=submit borderimage="file://ROM/Borders/ButtonBorder2.bif"
+value=Continue name="Continue" usestyle width=103>
+</shadow></font></form>
+<td abswidth=20>
+</table>
+      </body>
+</html>
+`;
+}

zefie_wtvp_minisrv/ServiceVault/wtv-setup/edit-password.js

@@ -0,0 +1,167 @@
+var minisrv_service_file = true;
+
+ssid_sessions[socket.ssid].loadSessionData();
+
+var user_id = (request_headers.query.user_id) ? request_headers.query.user_id : ssid_sessions[socket.ssid].user_id;
+
+// security
+if (ssid_sessions[socket.ssid].user_id != 0 && ssid_sessions[socket.ssid].user_id != user_id) {
+    user_id = null; // force unset
+    var errpage = wtvshared.doErrorPage(400, "You are not authorized to change the selected user's password.");
+    headers = errpage[0];
+    data = errpage[1];
+}
+
+if (user_id != null) {
+    var userSession = null;
+    if (ssid_sessions[socket.ssid].user_id == request_headers.query.user_id) userSession = ssid_sessions[socket.ssid];
+    else {
+        userSession = new WTVClientSessionData(minisrv_config, socket.ssid);
+        userSession.user_id = user_id;
+    }
+
+
+    if (!userSession.loadSessionData()) {
+        var errpage = wtvshared.doErrorPage(400, "Invalid user ID.");
+        headers = errpage[0];
+        data = errpage[1];
+    }
+    else {
+        headers = `200 OK
+Connection: Keep-Alive
+Content-Type: text/html`;
+
+        data = `
+<HTML>
+<HEAD>
+<TITLE>
+Change ${(user_id == ssid_sessions[socket.ssid].user_id) ? 'your' : 'user'} password
+</TITLE>
+<DISPLAY nosave
+noscroll>
+</HEAD>
+<sidebar width=110> <table cellspacing=0 cellpadding=0 BGCOLOR="30364D">
+<tr>
+<td colspan=3 abswidth=104 absheight=4>
+<td rowspan=99 width=6 absheight=420 valign=top align=left>
+<img src="wtv-home:/ROMCache/Shadow.gif" width=6 height=420>
+<tr>
+<td abswidth=6>
+<td abswidth=92 absheight=76>
+<table href="wtv-home:/home" absheight=76 cellspacing=0 cellpadding=0>
+<tr>
+<td align=right>
+<img src="${minisrv_config.config.service_logo}" width=87 height=67>
+</table>
+<td abswidth=6>
+<tr><td absheight=5 colspan=3>
+<table cellspacing=0 cellpadding=0>
+<tr><td abswidth=104 absheight=2 valign=middle align=center bgcolor="1C1E28">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+<tr><td abswidth=104 absheight=1 valign=top align=left>
+<tr><td abswidth=104 absheight=2 valign=top align=left bgcolor="4D5573">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+</table>
+<tr><td absheight=37>
+<tr><td absheight=263 align=right colspan=3>
+<img src="ROMCache/AccountBanner.gif" width=53 height=263>
+<tr><td absheight=41>
+</table>
+</sidebar>
+<BODY BGCOLOR="#191919" TEXT="#44cc55" LINK="189CD6" VLINK="189CD6" HSPACE=0 VSPACE=0 FONTSIZE="large"
+>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=14>
+<td abswidth=416 absheight=80 valign=center>
+<font size="+2" color="E7CE4A"><blackface><shadow>
+Change ${(user_id == ssid_sessions[socket.ssid].user_id) ? 'your' : 'user'} password
+<td abswidth=20>
+<tr>
+<td>
+<td absheight=244 valign=top align=left>
+<form
+action="wtv-setup:/validate-change-password"
+>
+<P>
+<table cellspacing=0 cellpadding=0 border=0>
+<tr>
+<td align=left valign=top abswidth=198>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td align=left>
+Type a password<br>
+from ${minisrv_config.config.passwords.min_length} to ${minisrv_config.config.passwords.max_length} <br>
+characters long.
+<p>This password will be<br>
+required to access<br>
+this account. If you<br>
+don't want this<br>
+account to have a<br>
+password, leave<br>
+these spaces blank.
+</a>
+</table>
+</td>
+<td align=left valign=top width=6>
+</td>
+<td align=left valign=top abswidth=210>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td colspan=3 align=left>
+Password<br>
+<INPUT type="hidden" name="user_id" value="${user_id}">`;
+        if (request_headers.Referer) data += `
+<INPUT type="hidden" name="return_to" value="${request_headers.Referer}">`;
+
+data += `<INPUT noSubmit name="password" id="password" Value=""
+bgcolor=#444444 text=#ffdd33 cursor=#cc9933
+TYPE="password" ASCIIONLY
+SIZE="${minisrv_config.config.passwords.form_size}"
+MAXLENGTH="${minisrv_config.config.passwords.max_length}">
+<tr>
+<td height=6>
+<tr>
+<td colspan=3 align=left>
+<br>Type again to confirm<br>
+<INPUT noSubmit name="verify" id="verify" Value=""
+bgcolor=#444444 text=#ffdd33 cursor=#cc9933
+TYPE="password" ASCIIONLY
+SIZE="${minisrv_config.config.passwords.form_size}"
+MAXLENGTH="${minisrv_config.config.passwords.max_length}">
+</a>
+</table>
+</table>
+<td>
+<tr>
+<td absheight=7>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="2B2B2B">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=1>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="0D0D0D">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=4>
+</table>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=430 valign=top align=right>
+<font color="#E7CE4A" size=-1><shadow>
+<input
+selected
+type=submit borderimage="file://ROM/Borders/ButtonBorder2.bif"
+value=Done name="Done" usestyle width=103>
+</shadow></font></form>
+<td abswidth=20>
+</table>
+      </body>
+</html>
+`;
+    }
+}
+if (userSession) userSession = null;

zefie_wtvp_minisrv/ServiceVault/wtv-setup/edit-user-begin.js

@@ -0,0 +1,164 @@
+var minisrv_service_file = true;
+ssid_sessions[socket.ssid].loadSessionData();
+
+var user_id = null;
+if (request_headers.query.user_id) {
+    user_id = request_headers.query.user_id;
+} else {
+    user_id = ssid_sessions[socket.ssid].user_id;
+}
+
+// security
+if (ssid_sessions[socket.ssid].user_id != 0 && ssid_sessions[socket.ssid].user_id != request_headers.query.user_id) {
+    user_id = null; // force unset
+    var errpage = doErrorPage(400, "You are not authorized to edit the selected user.");
+    headers = errpage[0];
+    data = errpage[1];
+}
+
+if (user_id != null) {
+    headers = `200 OK
+Connection: Keep-Alive
+wtv-mail-count: ${ssid_sessions[socket.ssid].mailstore.countUnreadMessages(0)}
+Content-Type: text/html`
+    var userSession = null;
+    if (ssid_sessions[socket.ssid].user_id == request_headers.query.user_id) userSession = ssid_sessions[socket.ssid];
+    else {
+        userSession = new WTVClientSessionData(minisrv_config, socket.ssid);
+        userSession.user_id = user_id;
+    }
+
+    if (!userSession.loadSessionData()) {
+        var errpage = doErrorPage(400, "Invalid user ID.");
+        headers = errpage[0];
+        data = errpage[1];
+    } else {
+
+        data = `
+<HTML>
+<HEAD>
+<TITLE>
+Changing ${(user_id == 0) ? 'subscriber' : 'user'} information
+</TITLE>
+<DISPLAY nosave
+noscroll>
+</HEAD>
+<sidebar width=110> <table cellspacing=0 cellpadding=0 BGCOLOR="30364D">
+<tr>
+<td colspan=3 abswidth=104 absheight=4>
+<td rowspan=99 width=6 absheight=420 valign=top align=left>
+<img src="wtv-home:/ROMCache/Shadow.gif" width=6 height=420>
+<tr>
+<td abswidth=6>
+<td abswidth=92 absheight=76>
+<table href="wtv-home:/home" absheight=76 cellspacing=0 cellpadding=0>
+<tr>
+<td align=right>
+<img src="${minisrv_config.config.service_logo}" width=87 height=67>
+</table>
+<td abswidth=6>
+<tr><td absheight=5 colspan=3>
+<table cellspacing=0 cellpadding=0>
+<tr><td abswidth=104 absheight=2 valign=middle align=center bgcolor="1C1E28">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+<tr><td abswidth=104 absheight=1 valign=top align=left>
+<tr><td abswidth=104 absheight=2 valign=top align=left bgcolor="4D5573">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+</table>
+<tr><td absheight=37>
+<tr><td absheight=263 align=right colspan=3>
+<img src="ROMCache/AccountBanner.gif" width=53 height=263>
+<tr><td absheight=41>
+</table>
+</sidebar>
+<BODY BGCOLOR="#191919" TEXT="#44cc55" LINK="189CD6" VLINK="189CD6" HSPACE=0 VSPACE=0 FONTSIZE="large"
+>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=14>
+<td abswidth=416 absheight=80 valign=center>
+<font size="+2" color="E7CE4A"><blackface><shadow>
+${(user_id == 0) ? 'Subscriber' : 'User'} information
+<td abswidth=20>
+<tr>
+<td>
+<td absheight=244 valign=top align=left>
+<form
+action="wtv-setup:/serve-billing-overview"
+>
+<P>
+<table cellspacing=0 cellpadding=0 border=0>
+<tr>
+<td align=left valign=top abswidth=198>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td align=left>
+Choose any item to
+change the
+information.
+<p>Choose <b>Done</b> when
+you're finished.
+</a>
+</table>
+</td>
+<td align=left valign=top width=6>
+</td>
+<td align=left valign=top abswidth=210>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td colspan=3 align=left>
+<b>Username:</b><br>
+${userSession.getSessionData("subscriber_username")}
+</a>
+<tr>
+<td height=6>
+<tr>
+<td colspan=3 align=left>
+<b>Display Name:</b><br>
+<a href="wtv-setup:/edit-user-name?user_id=${user_id}">
+${userSession.getSessionData("subscriber_name")}
+</a>
+<tr>
+<td height=6>
+<tr>
+<td colspan=3 align=left>
+<b>Password:</b>
+<br>
+<a href="wtv-setup:/edit-password?user_id=${user_id}">
+${(userSession.getUserPasswordEnabled()) ? "Change Password" : "Set Password"}
+</a>
+</table>
+</table>
+<td>
+<tr>
+<td absheight=7>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="2B2B2B">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=1>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="0D0D0D">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=4>
+</table>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=430 valign=top align=right>
+<font color="#E7CE4A" size=-1><shadow>
+<input
+selected
+type=submit borderimage="file://ROM/Borders/ButtonBorder2.bif"
+value=Done name="Done" usestyle width=103>
+</shadow></font></form>
+<td abswidth=20>
+</table>
+      </body>
+</html>
+`;
+    }
+}
+if (userSession) userSession = null;

zefie_wtvp_minisrv/ServiceVault/wtv-setup/edit-user-name.js

@@ -0,0 +1,151 @@
+var minisrv_service_file = true;
+
+ssid_sessions[socket.ssid].loadSessionData();
+
+var user_id = (request_headers.query.user_id) ? request_headers.query.user_id : ssid_sessions[socket.ssid].user_id;
+
+// security
+if (ssid_sessions[socket.ssid].user_id != 0 && ssid_sessions[socket.ssid].user_id != request_headers.query.user_id) {
+    user_id = null; // force unset
+    var errpage = wtvshared.doErrorPage(400, "You are not authorized to change the selected user's password.");
+    headers = errpage[0];
+    data = errpage[1];
+}
+
+if (user_id != null) {
+    var userSession = null;
+    if (ssid_sessions[socket.ssid].user_id == request_headers.query.user_id) userSession = ssid_sessions[socket.ssid];
+    else {
+        userSession = new WTVClientSessionData(minisrv_config, socket.ssid);
+        userSession.user_id = user_id;
+    }
+
+    if (!userSession.loadSessionData()) {
+        var errpage = wtvshared.doErrorPage(400, "Invalid user ID.");
+        headers = errpage[0];
+        data = errpage[1];
+    }
+    else {
+        headers = `200 OK
+Connection: Keep-Alive
+Content-Type: text/html`;
+
+        data = `
+<HTML>
+<HEAD>
+<TITLE>
+Changing your name
+</TITLE>
+<DISPLAY nosave
+noscroll>
+</HEAD>
+<sidebar width=110> <table cellspacing=0 cellpadding=0 BGCOLOR="30364D">
+<tr>
+<td colspan=3 abswidth=104 absheight=4>
+<td rowspan=99 width=6 absheight=420 valign=top align=left>
+<img src="wtv-home:/ROMCache/Shadow.gif" width=6 height=420>
+<tr>
+<td abswidth=6>
+<td abswidth=92 absheight=76>
+<table href="wtv-home:/home" absheight=76 cellspacing=0 cellpadding=0>
+<tr>
+<td align=right>
+<img src="${minisrv_config.config.service_logo}" width=87 height=67>
+</table>
+<td abswidth=6>
+<tr><td absheight=5 colspan=3>
+<table cellspacing=0 cellpadding=0>
+<tr><td abswidth=104 absheight=2 valign=middle align=center bgcolor="1C1E28">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+<tr><td abswidth=104 absheight=1 valign=top align=left>
+<tr><td abswidth=104 absheight=2 valign=top align=left bgcolor="4D5573">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+</table>
+<tr><td absheight=37>
+<tr><td absheight=263 align=right colspan=3>
+<img src="ROMCache/AccountBanner.gif" width=53 height=263>
+<tr><td absheight=41>
+</table>
+</sidebar>
+<BODY BGCOLOR="#191919" TEXT="#44cc55" LINK="189CD6" VLINK="189CD6" HSPACE=0 VSPACE=0 FONTSIZE="large"
+>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=14>
+<td abswidth=416 absheight=80 valign=center>
+<font size="+2" color="E7CE4A"><blackface><shadow>
+Your name
+<td abswidth=20>
+<tr>
+<td>
+<td absheight=244 valign=top align=left>
+<form
+action="wtv-setup:/validate-change-name"
+>
+<P>
+<table cellspacing=0 cellpadding=0 border=0>
+<tr>
+<td align=left valign=top abswidth=198>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td align=left>
+Change your display<br>
+name here.
+<p>Your name is<br>
+included on your<br>
+mail and news posts.<br>
+<br>
+Leave the field blank<br>
+to set your display name to<br>
+<b>${userSession.getSessionData('subscriber_username')}</b>.
+</a>
+</table>
+</td>
+<td align=left valign=top width=6>
+</td>
+<td align=left valign=top abswidth=210>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td colspan=3 align=left>
+Display name<br>
+<INPUT noSubmit name="display_name" id="display_name" Value="${userSession.getSessionData('subscriber_name')}"
+bgcolor=#444444 text=#ffdd33 cursor=#cc9933
+TYPE="text" ASCIIONLY
+SIZE="18"
+MAXLENGTH="18">
+<INPUT type="hidden" name="user_id" value="${user_id}">
+</table>
+</table>
+<td>
+<tr>
+<td absheight=7>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="2B2B2B">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=1>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="0D0D0D">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=4>
+</table>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=430 valign=top align=right>
+<font color="#E7CE4A" size=-1><shadow>
+<input
+selected
+type=submit borderimage="file://ROM/Borders/ButtonBorder2.bif"
+value=Done name="Done" usestyle width=103>
+</shadow></font></form>
+<td abswidth=20>
+</table>
+      </body>
+</html>
+`;
+    }
+}
+if (userSession) userSession = null;

zefie_wtvp_minisrv/ServiceVault/wtv-setup/serve-billing-overview.js

@@ -10,7 +10,7 @@ data = `
 <HTML>
 <HEAD>
 <TITLE>
-Your WebTV account
+Your ${minisrv_config.config.service_name} account
 </TITLE>
 <DISPLAY noscroll>
 </HEAD>
@@ -51,36 +51,28 @@ Your WebTV account
 <tr>
 <td valign=center absheight=80>
 <font size="+2" color="E7CE4A"><blackface><shadow>
-Your WebTV account
+Your ${minisrv_config.config.service_name} account
 </table>
 <td abswidth=20>
 <TR>
 <td>
 <td WIDTH=198 HEIGHT=236 VALIGN=top ALIGN=left>
-<A HREF="JavaScript:alert('This feature is not available.')"><BLACKFACE>Subscriber info</BLACKFACE></A><BR>
+<A HREF="wtv-setup:/edit-user-begin?user_id=0"><BLACKFACE>Subscriber info</BLACKFACE></A><BR>
 <IMG SRC="wtv-home:/ROMCache/Spacer.gif" WIDTH=1 HEIGHT=1><BR>
-<FONT SIZE="-1">Change your address, phone number, and password</FONT><BR>
+<FONT SIZE="-1">Change your display name and/or password</FONT><BR>
 <IMG SRC="wtv-home:/ROMCache/Spacer.gif" WIDTH=1 HEIGHT=11><BR>
-<A HREF="JavaScript:alert('This feature is not available.')"><BLACKFACE>How you pay</BLACKFACE></A><BR>
+<A HREF="wtv-setup:/accounts"><BLACKFACE>Additional Users</BLACKFACE></A><BR>
 <IMG SRC="wtv-home:/ROMCache/Spacer.gif" WIDTH=1 HEIGHT=1><BR>
-<FONT SIZE="-1">Change the way you pay for WebTV service</FONT><BR>
+<FONT SIZE="-1">Manage additional user accounts</FONT><BR>
-<IMG SRC="wtv-home:/ROMCache/Spacer.gif" WIDTH=1 HEIGHT=11><BR>
-<A HREF="JavaScript:alert('This feature is not available.')"><BLACKFACE>ISP options</BLACKFACE></A><BR>
-<IMG SRC="wtv-home:/ROMCache/Spacer.gif" WIDTH=1 HEIGHT=1><BR>
-<FONT SIZE="-1">Save money if you dial long-distance to WebTV</FONT><BR>
 <TD WIDTH=20>
 <TD WIDTH=198 VALIGN=top ALIGN=left>
-<A HREF="JavaScript:alert('This feature is not available.')"><BLACKFACE>Billing statement</BLACKFACE></A><BR>
-<IMG SRC="wtv-home:/ROMCache/Spacer.gif" WIDTH=1 HEIGHT=1><BR>
-<FONT SIZE="-1">For your account</FONT><BR>
-<IMG SRC="wtv-home:/ROMCache/Spacer.gif" WIDTH=1 HEIGHT=11><BR>
 <A HREF="wtv-home:/Credits-Legal"><BLACKFACE>Terms of service</BLACKFACE></A><BR>
 <IMG SRC="wtv-home:/ROMCache/Spacer.gif" WIDTH=1 HEIGHT=1><BR>
 <FONT SIZE="-1">Rules and regulations</FONT><BR>
 <IMG SRC="wtv-home:/ROMCache/Spacer.gif" WIDTH=1 HEIGHT=11><BR>
 <A HREF="wtv-home:/Credits-Privacy"><BLACKFACE>Privacy policy</BLACKFACE></A><BR>
 <IMG SRC="wtv-home:/ROMCache/Spacer.gif" WIDTH=1 HEIGHT=1><BR>
-<FONT SIZE="-1">Your personal information</FONT><BR>
+<FONT SIZE="-1">How we use your personal information</FONT><BR>
 
 <TR>
 <TD>
@@ -102,7 +94,7 @@ Your WebTV account
 <TR>
 <TD>
 <TD COLSPAN=3 VALIGN=top ALIGN=right>
-<FORM action="client:goback">
+<FORM action="wtv-setup:/setup">
 <FONT COLOR="#E7CE4A" SIZE=-1><SHADOW>
 <INPUT TYPE=SUBMIT BORDERIMAGE="file://ROM/Borders/ButtonBorder2.bif" Value=Done NAME="Done" USESTYLE WIDTH=103>
 </SHADOW></FONT></FORM>

zefie_wtvp_minisrv/ServiceVault/wtv-setup/setup.js

@@ -86,11 +86,13 @@ for ${ssid_sessions[socket.ssid].getSessionData("subscriber_username") || "You"}
 <img src="ROMCache/BulletArrow.gif" width=6 height=13 valign=absmiddle><spacer type=block width=6 height=1>
 <a href="wtv-setup:/mail">Mail</a><BR>
 <spacer type=block width=1 height=5><BR>`;
-// password
+
-if (!minisrv_config.config.hide_incomplete_features) {
+if (minisrv_config.config.passwords) {
-	data += `<img src="ROMCache/BulletArrow.gif" width=6 height=13 valign=absmiddle><spacer type=block width=6 height=1>
+	if (minisrv_config.config.passwords.enabled) {
-<a href="${notImplementedAlert}"><strike>Password</strike></a><BR>
+		data += `<img src="ROMCache/BulletArrow.gif" width=6 height=13 valign=absmiddle><spacer type=block width=6 height=1>
+<a href="wtv-setup:/edit-password">Password</a><BR>
 <spacer type=block width=1 height=5><BR>`;
+	}
 }
 
 data += `
@@ -114,10 +116,10 @@ data += `
 <img src="ROMCache/BulletArrow.gif" width=6 height=13 valign=absmiddle><spacer type=block width=6 height=1>
 <a href="wtv-setup:/keyboard">Keyboard</a><BR>
 <spacer type=block width=1 height=5><BR>`;
-// extra users
+
-if (!minisrv_config.config.hide_incomplete_features) {
+if (ssid_sessions[socket.ssid].user_id == 0) {
 	data += `<img src="ROMCache/BulletArrow.gif" width=6 height=13 valign=absmiddle><spacer type=block width=6 height=1>
-<a href="${notImplementedAlert}"><strike>Extra users</strike></a><BR>
+<a href="wtv-setup:/serve-billing-overview">Account</a><BR>
 <spacer type=block width=1 height=5><BR>`;
 }
 
@@ -130,13 +132,10 @@ data += `
 <TD WIDTH=300 VALIGN=top ALIGN=left>
 <spacer type=block width=6 height=14><font size="2"><br>
 Signature <strike>and more</strike><BR>
-<spacer type=block width=6 height=5><font size="2"><br>`;
+<spacer type=block width=6 height=5><font size="2"><br>
-// password
+Change your password<BR>
-if (!minisrv_config.config.hide_incomplete_features) {
+<spacer type=block width=6 height=5><font size="2"><br>
-	data += `<strike>Change your password</strike><BR>
+Options for your TV<BR>
-<spacer type=block width=6 height=5><font size="2"><br>`;
-}
-data += `Options for your TV<BR>
 <spacer type=block width=6 height=5><font size="2"><br>
 Make text bigger or smaller<BR>
 <spacer type=block width=6 height=5><font size="2"><br>
@@ -147,14 +146,13 @@ if (!minisrv_config.config.hide_incomplete_features) {
 	data += `<strike>Change how you print</strike><BR>
 <spacer type=block width=6 height=5><font size="2"><br>`;
 }
-data += `Choose an on-screen keyboard<BR>
+data += `Choose an on-screen keyboard<BR>`;
-<spacer type=block width=6 height=5><font size="2"><br>`;
+if (ssid_sessions[socket.ssid].user_id == 0) {
-// extra users
+	data += `<spacer type=block width=6 height=5><font size="2"><br>
-if (!minisrv_config.config.hide_incomplete_features) {
+Add, change, or remove users<BR>`;
-	data += `<strike>Add, change, or remove users</strike><BR>
-<spacer type=block width=6 height=6><font size="2"><br>`;
 }
-	data += `
+
+data += `<spacer type=block width=6 height=6><font size="2"><br>
 Connecting to WebTV<BR>
 
 

zefie_wtvp_minisrv/ServiceVault/wtv-setup/validate-add-user-done.js

@@ -0,0 +1,63 @@
+var minisrv_service_file = true;
+var userSession = null;
+var errpage = null;
+
+if (ssid_sessions[socket.ssid].user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
+
+// seperate if statements as to not overwrite the first error if multiple occur
+
+if (!errpage) {
+    if (request_headers.query.user_password) {
+        if (request_headers.query.user_password.length < minisrv_config.config.passwords.min_length) errpage = wtvshared.doErrorPage(400, "Your password must contain at least " + minisrv_config.config.passwords.min_length + " characters.");
+    }
+    else {
+        if (request_headers.query.user_password.length > minisrv_config.config.passwords.max_length) errpage = wtvshared.doErrorPage(400, "Your password must contain no more than than " + minisrv_config.config.passwords.max_length + " characters.");
+        else if (request_headers.query.user_password !== request_headers.query.user_password2) errpage = wtvshared.doErrorPage(400, "The passwords you entered did not match. Please check them and try again.");
+    }
+}
+
+if (!errpage) {
+    if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + " account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.");
+    else if (!request_headers.query.user_name) errpage = wtvshared.doErrorPage(400, "Please enter a username.");
+    else if (!request_headers.query.display_name) request_headers.query.display_name = request_headers.query.username;
+}
+
+if (errpage) {
+    headers = errpage[0];
+    data = errpage[1];
+} else {
+    userSession = new WTVClientSessionData(minisrv_config, socket.ssid);
+    var freeUserId = ssid_sessions[socket.ssid].findFreeUserSlot(ssid_sessions[socket.ssid]);
+    if (freeUserId) {
+        userSession.user_id = freeUserId;
+        userSession.setSessionData("subscriber_name", request_headers.query.display_name);
+        userSession.setSessionData("subscriber_username", request_headers.query.user_name);
+        userSession.setSessionData("registered", true);
+        mailstore_exists = userSession.mailstore.mailstoreExists();
+        if (!mailstore_exists) mailstore_exists = userSession.mailstore.createMailstore();
+        if (mailstore_exists) {
+            if (!userSession.mailstore.mailboxExists(mailbox)) {
+                // mailbox does not yet exist, create it
+                var mailbox_exists = userSession.mailstore.createMailbox(0);
+                if (mailbox_exists) {
+                    // Just created Inbox for the first time, so create the welcome message
+                    userSession.mailstore.createWelcomeMessage();
+                }
+            }
+        }
+        if (!userSession.saveSessionData(true)) {
+            var errpage = wtvshared.doErrorPage(400);
+            headers = errpage[0];
+            data = errpage[1];
+        } else {
+            if (request_headers.query.user_password)
+                userSession.setUserPassword(request_headers.query.user_password);
+
+            headers = `300 OK
+Content-type: text/html
+Location: wtv-setup:/accounts`;
+        }
+    }    
+}
+
+if (userSession) userSession = null;

zefie_wtvp_minisrv/ServiceVault/wtv-setup/validate-add-user.js

@@ -0,0 +1,184 @@
+var minisrv_service_file = true;
+var errpage = null;
+
+if (ssid_sessions[socket.ssid].user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
+
+// seperate if statements as to not overwrite the first error if multiple occur
+
+if (!errpage) {
+    if (request_headers.query.user_password) {
+        if (request_headers.query.user_password.length < minisrv_config.config.passwords.min_length) errpage = wtvshared.doErrorPage(400, "Your password must contain at least " + minisrv_config.config.passwords.min_length + " characters.");
+    }
+    else {
+        if (request_headers.query.user_password.length > minisrv_config.config.passwords.max_length) errpage = wtvshared.doErrorPage(400, "Your password must contain no more than than " + minisrv_config.config.passwords.max_length + " characters.");
+        else if (request_headers.query.user_password !== request_headers.query.user_password2) errpage = wtvshared.doErrorPage(400, "The passwords you entered did not match. Please check them and try again.");
+    }
+}
+
+if (!errpage) {
+    if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + " account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.");
+    else if (!request_headers.query.user_name) errpage = wtvshared.doErrorPage(400, "Please enter a username.");
+}
+
+if (errpage) {
+    headers = errpage[0];
+    data = errpage[1];
+} else {
+
+    headers = `200 OK
+Connection: Keep-Alive
+Content-Type: text/html`
+
+    data = `<HTML>
+<HTML>
+<HEAD>
+<TITLE>
+Adding a user
+</TITLE>
+<DISPLAY nosave
+noscroll>
+</HEAD>
+<sidebar width=110> <table cellspacing=0 cellpadding=0 BGCOLOR="30364D">
+<tr>
+<td colspan=3 abswidth=104 absheight=4>
+<td rowspan=99 width=6 absheight=420 valign=top align=left>
+<img src="wtv-home:/ROMCache/Shadow.gif" width=6 height=420>
+<tr>
+<td abswidth=6>
+<td abswidth=92 absheight=76>
+<table href="wtv-home:/home" absheight=76 cellspacing=0 cellpadding=0>
+<tr>
+<td align=right>
+<img src="${minisrv_config.config.service_logo}" width=87 height=67>
+</table>
+<td abswidth=6>
+<tr><td absheight=5 colspan=3>
+<table cellspacing=0 cellpadding=0>
+<tr><td abswidth=104 absheight=2 valign=middle align=center bgcolor="1C1E28">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+<tr><td abswidth=104 absheight=1 valign=top align=left>
+<tr><td abswidth=104 absheight=2 valign=top align=left bgcolor="4D5573">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=1 height=1>
+</table>
+<tr><td absheight=37>
+<tr><td absheight=263 align=right colspan=3>
+<img src="ROMCache/AccountBanner.gif" width=53 height=263>
+<tr><td absheight=41>
+</table>
+</sidebar>
+<BODY BGCOLOR="#191919" TEXT="#44cc55" LINK="189CD6" VLINK="189CD6" HSPACE=0 VSPACE=0 FONTSIZE="large"
+>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=14>
+<td abswidth=416 absheight=80 valign=center>
+<font size="+2" color="E7CE4A"><blackface><shadow>
+Adding a user
+<td abswidth=20>
+<tr>
+<td>
+<td absheight=244 valign=top align=left>
+<form
+action="/validate-add-user-done"
+>
+<P>
+<table cellspacing=0 cellpadding=0 border=0>
+<tr>
+<td align=left valign=top abswidth=198>
+<table cellspacing=0 cellpadding=0>
+<INPUT TYPE="hidden" NAME="display_name" VALUE="${request_headers.query.display_name}">
+<INPUT TYPE="hidden" NAME="user_name" VALUE="${request_headers.query.user_name}">
+<INPUT TYPE="hidden" NAME="user_password" VALUE="${request_headers.query.user_password}">
+<INPUT TYPE="hidden" NAME="user_password2" VALUE="${request_headers.query.user_password2}">
+<tr>
+<td align=left>
+You are adding
+<a href="wtv-setup:/add-user-name?
+user-human-name-first=Joe&
+user-human-name-last=blow&
+user-name=xxxxxxx&
+user-password=xxxx&
+user-password2=xxxx&
+restricted-web-access=unrestricted-access&
+restricted-chat-access=unrestricted-access&
+email-access-denied=&
+cant-connect-past-cap=&
+review-only='TRUE'">
+${request_headers.query.user_name}<br>
+</a>
+to your account.
+<tr>
+<td height=11>
+<tr>
+<td align=left0 abswidth=198 maxlines=2>
+Display Name:
+<a href="wtv-setup:/add-user-name?
+display_name=${request_headers.query.display_name}&
+user_name=${request_headers.query.user_name}&
+user_password=${request_headers.query.user_password}&
+user_password2=${request_headers.query.user_password2}&
+review-only='TRUE'">
+${request_headers.query.display_name || request_headers.query.user_name}
+</a>
+<tr>
+<td height=6>
+<tr>
+<td align=left abswidth=188 maxlines=2>
+</table>
+</td>
+<td align=left valign=top width=6>
+</td>
+<td align=left valign=top abswidth=210>
+<table cellspacing=0 cellpadding=0>
+<input type=hidden name=display_name value="${request_headers.query.display_name}">
+<input type=hidden name=user_name value="${request_headers.query.user_name}">
+<input type=hidden name=user-password value="${request_headers.query.user_password}">
+<input type=hidden name=user-password2 value="${request_headers.query.user_password2}">
+<tr>
+<td colspan=3 align=left>
+<a href="wtv-setup:/add-user-password?
+display_name=${request_headers.query.display_name}&
+user_name=${request_headers.query.user_name}&
+user_password=${request_headers.query.user_password}&
+user_password2=${request_headers.query.user_password2}">`;
+    if ((request_headers.query.user_password) == "") {
+        data += `No password`;
+    } else {
+        data += `Has password`;
+    }
+    data += `
+</a>
+</table>
+</table>
+<td>
+<tr>
+<td absheight=7>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="2B2B2B">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=1>
+<tr>
+<td>
+<td colspan=2 absheight=2 bgcolor="0D0D0D">
+<img src="wtv-home:/ROMCache/Spacer.gif" width=426 height=1>
+<tr>
+<td absheight=4>
+</table>
+<table cellspacing=0 cellpadding=0>
+<tr>
+<td abswidth=430 valign=top align=right>
+<font color="#E7CE4A" size=-1><shadow>
+<input
+selected
+type=submit borderimage="file://ROM/Borders/ButtonBorder2.bif"
+value=Done name="Done" usestyle width=103>
+</shadow></font></form>
+<td abswidth=20>
+</table>
+      </body>
+</html>
+
+`;
+}

zefie_wtvp_minisrv/ServiceVault/wtv-setup/validate-change-name.js

@@ -0,0 +1,39 @@
+var minisrv_service_file = true;
+
+ssid_sessions[socket.ssid].loadSessionData();
+
+var user_id = (request_headers.query.user_id) ? request_headers.query.user_id : ssid_sessions[socket.ssid].user_id;
+
+// security
+if (ssid_sessions[socket.ssid].user_id != 0 && ssid_sessions[socket.ssid].user_id != request_headers.query.user_id) {
+    user_id = null; // force unset
+    var errpage = wtvshared.doErrorPage(400, "You are not authorized to change the selected user's password.");
+    headers = errpage[0];
+    data = errpage[1];
+}
+
+if (user_id != null) {
+    var userSession;
+    if (ssid_sessions[socket.ssid].user_id == request_headers.query.user_id) userSession = ssid_sessions[socket.ssid];
+    else {
+        userSession = new WTVClientSessionData(minisrv_config, socket.ssid);
+        userSession.user_id = user_id;
+    }
+
+    if (!userSession.loadSessionData()) {
+        var errpage = wtvshared.doErrorPage(400, "Invalid user ID.");
+        headers = errpage[0];
+        data = errpage[1];
+    }
+    else {
+        var user_name = userSession.getSessionData('subscriber_username');
+        userSession.setSessionData('subscriber_name', (request_headers.query.display_name) ? request_headers.query.display_name : user_name);
+        userSession.saveSessionData();
+        headers = `300 OK
+Content-type: text/html
+wtv-expire: wtv-setup:/edit-user-begin?user_id=${user_id}
+wtv-expire: wtv-setup:/edit-user-name?user_id=${user_id}
+Location: wtv-setup:/edit-user-begin?user_id=${user_id}`;
+    }
+}
+if (userSession) userSession = null;

zefie_wtvp_minisrv/ServiceVault/wtv-setup/validate-change-password.js

@@ -0,0 +1,75 @@
+var minisrv_service_file = true;
+var userSession = null;
+
+ssid_sessions[socket.ssid].loadSessionData();
+
+var user_id = null;
+if (request_headers.query.user_id) {
+    user_id = request_headers.query.user_id;
+} else {
+    var errpage = doErrorPage(400, "User was not specified.");
+    headers = errpage[0];
+    data = errpage[1];
+}
+
+if (ssid_sessions[socket.ssid].user_id != 0 && ssid_sessions[socket.ssid].user_id != request_headers.query.user_id) {
+    user_id = null; // force unset
+    var errpage = doErrorPage(400, "You are not authorized to edit the selected user.");
+    headers = errpage[0];
+    data = errpage[1];
+}
+
+if (user_id) {
+    headers = `200 OK
+Connection: Keep-Alive
+wtv-mail-count: ${ssid_sessions[socket.ssid].mailstore.countUnreadMessages(0)}
+Content-Type: text/html`
+    var userSession = null;
+    if (ssid_sessions[socket.ssid].user_id == request_headers.query.user_id) userSession = ssid_sessions[socket.ssid];
+    else {
+        userSession = new WTVClientSessionData(minisrv_config, socket.ssid);
+        userSession.user_id = user_id;
+    }
+
+    if (!userSession.loadSessionData()) {
+        var errpage = doErrorPage(400, "Invalid user ID.");
+        headers = errpage[0];
+        data = errpage[1];
+    }
+    else {
+        if (request_headers.query.password.length == 0 && request_headers.query.verify.length == 0) {
+            userSession.disableUserPassword();
+            headers = `300 OK
+Content-type: text/html
+wtv-expire: wtv-setup:/setup
+`;
+            if (request_headers.query.return_to) {
+                headers += `wtv-expire: ${request_headers.query.return_to}
+Location: ${request_headers.query.return_to}`;
+            }
+            else headers += "Location: " + (ssid_sessions[socket.ssid].user_id === user_id) ? 'wtv-setup:/setup' : 'wtv-setup:/accounts';
+        }
+        else if (request_headers.query.password.length < minisrv_config.config.passwords.min_length) errpage = wtvshared.doErrorPage(400, "Your password must contain at least " + minisrv_config.config.passwords.min_length + " characters.");
+        else if (request_headers.query.password.length > minisrv_config.config.passwords.max_length) errpage = wtvshared.doErrorPage(400, "Your password must contain no more than than " + minisrv_config.config.passwords.max_length + " characters.");
+        else if (request_headers.query.password !== request_headers.query.verify) errpage = wtvshared.doErrorPage(400, "The passwords you entered did not match. Please check them and try again.");
+        else {
+            if (errpage) {
+                headers = errpage[0];
+                data = errpage[1];
+            } else {
+                userSession.setUserPassword(request_headers.query.password);
+                headers = `300 OK
+Content-type: text/html
+wtv-expire: wtv-setup:/setup
+`;
+                if (request_headers.query.return_to) {
+                    headers += `wtv-expire: ${request_headers.query.return_to}
+Location: ${request_headers.query.return_to}`;
+                }
+                else headers += "Location: "+ (ssid_sessions[socket.ssid].user_id === user_id) ? 'wtv-setup:/setup' : 'wtv-setup:/accounts';
+            }
+        }
+    }
+}
+
+if (userSession) userSession = null;

zefie_wtvp_minisrv/WTVClientSessionData.js

@@ -1,4 +1,5 @@
 const { lib } = require('crypto-js');
+const CryptoJS = require('crypto-js');
 
 class WTVClientSessionData {
 
@@ -20,6 +21,7 @@ class WTVClientSessionData {
     lockdownWhitelist = null;
     baddisk = false;
     clientAddress = null;
+    user_id = 0;
 
     constructor(minisrv_config, ssid) {
         if (!minisrv_config) throw ("minisrv_config required");
@@ -36,22 +38,98 @@ class WTVClientSessionData {
         this.lockdownWhitelist = [
             "wtv-1800:/preregister",
             "wtv-head-waiter:/login",
-            "wtv-head-waiter:/relogin",
+            "wtv-head-waiter:/password",
+            "wtv-head-waiter:/ValidateLogin",
             "wtv-head-waiter:/login-stage-two",
+            "wtv-head-waiter:/relogin",
             "wtv-head-waiter:/bad-disk",
-            "wtv-log:/log"
+            "wtv-head-waiter:/images/PasswordBanner.gif",
+            "wtv-log:/log",
         ];
         this.lockdownWhitelist.push(minisrv_config.config.unauthorized_url);
+        this.lockdownWhitelist.push(minisrv_config.config.service_logo);
+
+        this.loginWhitelist = Object.assign([], this.lockdownWhitelist); // clone lockdown whitelist into login whitelist
         this.mailstore = new WTVMail(minisrv_config, ssid, this);
     }
 
+
+    switchUserID(user_id) {
+        this.user_id = user_id;
+        var wtvsec_tmp = this.get("wtvsec_login");
+        this.loadSessionData();
+        this.set("wtvsec_login", wtvsec_tmp);
+        wtvsec_tmp = null;
+    }
+
+    findFreeUserSlot() {
+        if (this.user_id != 0) return false; // subscriber only command
+        var master_directory = this.getUserStoreDirectory(true);
+        if (this.fs.existsSync(master_directory)) {
+            for (var i = 0; i < this.minisrv_config.config.user_accounts.max_users_per_account; i++) {
+                var test_dir = master_directory + this.path.sep + "user" + i;
+                if (!this.fs.existsSync(test_dir)) {
+                    return i;
+                    break;
+                }
+            }
+        }
+        return false;
+    }
+
+    getDisplayName() {
+        return (this.user_id == 0) ? this.getSessionData("subscriber_name") : this.getSessionData("display_name");
+    }
+
+    getNumberOfUserAccounts() {
+        if (this.user_id != 0) return false; // subscriber only command
+        return Object.keys(this.listPrimaryAccountUsers()).length;
+    }
+
+    listPrimaryAccountUsers() {
+        if (this.user_id != 0) return false; // subscriber only command
+
+        var master_directory = this.getUserStoreDirectory(true);
+        var account_data = [];
+        var self = this;
+        this.fs.readdirSync(master_directory).forEach(f => {
+            if (self.fs.lstatSync(master_directory + self.path.sep + f).isDirectory()) {
+                if (f.substr(0, 4) == "user") {
+                    var user_file = master_directory + self.path.sep + f + self.path.sep + f + ".json";
+                    if (self.fs.existsSync(user_file)) {
+                        if (f == "user0") account_data['subscriber'] = JSON.parse(this.fs.readFileSync(user_file));
+                        else account_data[f] = JSON.parse(this.fs.readFileSync(user_file));
+                    }
+                }
+            }
+        });
+        return account_data;
+    }
+
+
+    mkdirRecursive(thedir) {
+        thedir.split(this.path.sep).reduce(
+            (directories, directory) => {
+                directories += directory + this.path.sep;
+                if (!this.fs.existsSync(directories)) {
+                    this.fs.mkdirSync(directories);
+                }
+                return directories;
+            },
+            '',
+        );
+    }
+
     /**
      * Returns the absolute path to the user's file store, or false if unregistered
+     * @param subscriber {boolean} Returns the parent subscriber directory instead of the user's directory
      * @returns {string|boolean} Absolute path to the user's file store, or false if unregistered
      */
-    getUserStoreDirectory() {
+    getUserStoreDirectory(subscriber = false) {
-        if (!this.isRegistered()) return false;
+        //if (!this.isRegistered()) return false;
-        return this.minisrv_config.config.SessionStore + this.path.sep + this.ssid + this.path.sep;
+        var userstore = this.minisrv_config.config.SessionStore + this.path.sep + this.ssid + this.path.sep;
+        if (!subscriber) userstore += "user" + this.user_id + this.path.sep;
+        return userstore;
     }
 
     /**
@@ -249,8 +327,8 @@ class WTVClientSessionData {
 
     loadSessionData(raw_data = false) {
         try {
-            if (this.fs.lstatSync(this.minisrv_config.config.SessionStore + this.path.sep + this.ssid + ".json")) {
+            if (this.fs.lstatSync(this.getUserStoreDirectory() + "user" + this.user_id + ".json")) {
-                var json_data = this.fs.readFileSync(this.minisrv_config.config.SessionStore + this.path.sep + this.ssid + ".json", 'Utf8')
+                var json_data = this.fs.readFileSync(this.getUserStoreDirectory() + "user" + this.user_id + ".json", 'Utf8')
                 if (raw_data) return json_data;
 
                 var session_data = JSON.parse(json_data);
@@ -264,6 +342,41 @@ class WTVClientSessionData {
         }
     }
 
+    encodePassword(passwd) {
+        var encoded_passwd = CryptoJS.SHA512(passwd);
+        return encoded_passwd.toString(CryptoJS.enc.Base64);
+    }
+
+    setUserPassword(passwd) {
+        var encoded_passwd = this.encodePassword(passwd);
+        this.setSessionData("subscriber_password", encoded_passwd);
+        this.saveSessionData();
+    }
+
+    disableUserPassword() {
+        this.setSessionData("subscriber_password", null);
+        this.saveSessionData();
+    }
+
+    getUserPasswordEnabled() {
+        if (!this.minisrv_config.config.passwords.enabled) return false; // master config override
+        var enabled = this.getSessionData("subscriber_password");
+        return (enabled); // true if set, false if null/disabled
+    }
+
+    validateUserPassword(passwd) {
+        if (!this.getUserPasswordEnabled()) return true; // no password is set so always validate
+
+        var encoded_passwd = this.encodePassword(passwd);
+        return (encoded_passwd == this.getSessionData("subscriber_password"));
+    }
+
+    isUserLoggedIn() {
+        if (!this.getUserPasswordEnabled()) return true; // no password is set so always validate
+        var password_valid = this.getSessionData("password_valid");
+        return (password_valid);
+    }
+
     saveSessionData(force_write = false) {
         if (this.isRegistered()) {
             // load data from disk and merge new data
@@ -281,7 +394,11 @@ class WTVClientSessionData {
             // only save if file has changed
             var json_save_data = JSON.stringify(this.session_store);
             var json_load_data = this.loadSessionData(true);
-            if (json_save_data != json_load_data) this.fs.writeFileSync(this.minisrv_config.config.SessionStore + this.path.sep + this.ssid + ".json", JSON.stringify(this.session_store), "Utf8");
+            var storeDir = this.getUserStoreDirectory();
+            if (!this.fs.existsSync(storeDir)) this.mkdirRecursive(storeDir);
+            var sessionToStore = this.session_store;
+            if (sessionToStore.password_valid) delete sessionToStore.password_valid; // do not save validity state of password login, resets when session expires
+            if (json_save_data != json_load_data) this.fs.writeFileSync(storeDir + "user" + this.user_id + ".json", JSON.stringify(sessionToStore), "Utf8");
             return true;
         } catch (e) {            
             console.error(" # Error saving session data for", this.wtvshared.filterSSID(this.ssid), e);
@@ -305,14 +422,7 @@ class WTVClientSessionData {
     }
 
     isRegistered() {
-        var self = this;
+        return (this.getSessionData("registered") && this.fs.existsSync(this.getUserStoreDirectory()));
-        var ssid_match = false;
-        this.fs.readdirSync(this.minisrv_config.config.SessionStore).forEach(file => {
-            if (!file.match(/.*\.json/ig)) return;
-            if (ssid_match) return;
-            if (file.split('.')[0] == self.ssid) ssid_match = true;
-        });
-        return ssid_match;
     }
 
     unregisterBox() {
@@ -540,16 +650,25 @@ class WTVClientSessionData {
     }
 
 
-    isAuthorized(url) {
+    isAuthorized(url, whitelist = 'lockdown') {
         // not in lockdown so just return true
         if (!this.lockdown) return true;
 
         // in lockdown, check whitelisted urls
         var self = this;
         var authorized = false;
-        Object.keys(this.lockdownWhitelist).forEach(function (k) {
+        switch (whitelist) {
-            if (self.lockdownWhitelist[k].substring(0, url.length) == url) authorized = true;
+            case "lockdown":
-        });
+                Object.keys(this.lockdownWhitelist).forEach(function (k) {
+                    if (self.lockdownWhitelist[k].substring(0, url.length) == url) authorized = true;
+                });
+                break;
+            case "login":
+                Object.keys(this.loginWhitelist).forEach(function (k) {
+                    if (self.loginWhitelist[k].substring(0, url.length) == url) authorized = true;
+                });
+                break;
+        }
         return authorized;
     }
 

zefie_wtvp_minisrv/WTVMail.js

@@ -134,7 +134,7 @@ class WTVMail {
 
             var mailbox_path = this.getMailboxStoreDir(mailboxid);
             var message_id = this.createMessageID();
-            var message_file = messageid + this.msgFileExt;
+            var message_file = message_id + this.msgFileExt;
             var message_file_out = mailbox_path + message_file;
             var message_data = {
                 "from_addr": from_addr,

zefie_wtvp_minisrv/WTVRegister.js

@@ -28,13 +28,19 @@ class WTVRegister {
         return (check1 && check2);
     }
 
-    checkUsernameAvailable(username, ssid_sessions) {
+    checkUsernameAvailable(username, ssid_sessions, directory = null) {
         var username_match = false;
-        this.fs.readdirSync(this.session_store_dir).forEach(file => {
+        var search_dir = this.session_store_dir;
+        var self = this;
+        if (directory) search_dir = directory;
+        this.fs.readdirSync(search_dir).forEach(file => {
+            if (self.fs.lstatSync(search_dir + self.path.sep + file).isDirectory()) {
+                return self.checkUsernameAvailable(username, ssid_sessions, search_dir + self.path.sep + file);
+            }
             if (!file.match(/.*\.json/ig)) return;
             if (username_match) return;
             try {
-                var temp_session_data_file = this.fs.readFileSync(this.session_store_dir + this.path.sep + file, 'Utf8');
+                var temp_session_data_file = this.fs.readFileSync(search_dir + this.path.sep + file, 'Utf8');
                 var temp_session_data = JSON.parse(temp_session_data_file);
                 if (temp_session_data.subscriber_username.toLowerCase() == username.toLowerCase()) username_match = true;
             } catch (e) {

zefie_wtvp_minisrv/app.js

@@ -395,6 +395,17 @@ async function processURL(socket, request_headers) {
             }
         }
 
+        if (!ssid_sessions[socket.ssid].isUserLoggedIn() && !ssid_sessions[socket.ssid].isAuthorized(shortURL, 'login')) {
+            // lockdown mode and URL not authorized
+            headers = "300 Unauthorized\n";
+            headers += "Location: " + minisrv_config.config.unauthorized_url + "\n";
+            data = "";
+            sendToClient(socket, headers, data);
+            console.log(" * Rejected login bypass request for " + shortURL + " on socket ID", socket.id);
+            return;
+        }
+
+
         // Check URL for :/, but not :// (to differentiate wtv urls)
         if (shortURL.indexOf(':/') >= 0 && shortURL.indexOf('://') == -1) {
             var ssid = socket.ssid;
@@ -671,6 +682,17 @@ async function sendToClient(socket, headers_obj, data) {
     var wtv_connection_close = (headers_obj["wtv-connection-close"]) ? true : false;
     if (typeof (headers_obj["wtv-connection-close"]) != 'undefined') delete headers_obj["wtv-connection-close"];
 
+    if (!headers_obj['minisrv-no-mail-count']) {
+        if (ssid_sessions[socket.ssid]) {
+            if (ssid_sessions[socket.ssid].mailstore) {
+                headers_obj['wtv-mail-count'] = ssid_sessions[socket.ssid].mailstore.countUnreadMessages(0);
+            }
+        }
+    } else {
+        if (headers_obj['wtv-mail-count']) delete headers_obj['wtv-mail-count'];
+        delete headers_obj['minisrv-no-mail-count'];
+    }
+
     // add Connection header if missing, default to Keep-Alive
     if (!headers_obj.Connection) {
         headers_obj.Connection = "Keep-Alive";
@@ -1507,6 +1529,16 @@ if (minisrv_config.config.error_log_file) {
     process.stderr.write = writeError
 }
 
+if (minisrv_config.config.passwords) {
+    if (minisrv_config.config.passwords.enabled) {
+        if (!minisrv_config.config.passwords.encryption_key) {
+            console.log(" * WARNING: passwords.encryption_key not defined, using default. Consider setting a unique key before setting passwords.");
+            console.log(" * WARNING: Changing the encryption key after users have set passwords will invalidate and lock out all users who have set passwords, without your manual intervention.");
+            minisrv_config.config.passwords.encryption_key = minisrv_config.config.passwords.default_encryption_key;
+        }
+    }
+}
+
 process.on('uncaughtException', function (err) {
     console.error((err && err.stack) ? err.stack : err);
 });

zefie_wtvp_minisrv/config.json

@@ -27,7 +27,19 @@
     "show_diskmap": false,
     "unauthorized_url": "wtv-1800:/unauthorized?",
     "allow_guests": true,
-    "domain_name": "wtv.zefie.com"
+    "domain_name": "wtv.zefie.com",
+    "user_accounts": {
+      "max_users_per_account": 6,
+      "min_username_length": 5,
+      "max_username_length": 18
+    },
+    "passwords": {
+      "enabled": true,
+      "min_length": 5,
+      "max_length": 32,
+      "form_size": 16,
+      "default_encryption_key": "S4WZvVfoQ77fovegdO7olln0P0ZNAMWe"
+    }
   },
   "services": {
     "wtv-head-waiter": {

zefie_wtvp_minisrv/zefie_wtvp_minisrv.njsproj

@@ -88,9 +88,12 @@
     <Content Include="ServiceVault\wtv-flashrom\ROMCache\WebTVLogoJewel.gif" />
     <Content Include="ServiceVault\wtv-flashrom\willie.js" />
     <Content Include="ServiceVault\wtv-head-waiter\bad-disk.js" />
+    <Content Include="ServiceVault\wtv-head-waiter\choose-user.js" />
+    <Content Include="ServiceVault\wtv-head-waiter\password.js" />
     <Content Include="ServiceVault\wtv-head-waiter\relogin.js">
       <SubType>Code</SubType>
     </Content>
+    <Content Include="ServiceVault\wtv-head-waiter\ValidateLogin.js" />
     <Content Include="ServiceVault\wtv-mail\DiplomaMail.js" />
     <Content Include="ServiceVault\wtv-mail\listmail.js">
       <SubType>Code</SubType>
@@ -245,12 +248,19 @@
     </Content>
     <Content Include="ServiceVault\wtv-register\splash.js" />
     <Content Include="ServiceVault\wtv-1800\unauthorized.js" />
+    <Content Include="ServiceVault\wtv-setup\accounts.js" />
+    <Content Include="ServiceVault\wtv-setup\add-user-name.js" />
+    <Content Include="ServiceVault\wtv-setup\add-user-password.js" />
+    <Content Include="ServiceVault\wtv-setup\add-user.js" />
     <Content Include="ServiceVault\wtv-setup\adjust-brightness.js" />
     <Content Include="ServiceVault\wtv-setup\adjust-contrast.js" />
     <Content Include="ServiceVault\wtv-setup\adjust-display-intro.js" />
     <Content Include="ServiceVault\wtv-setup\adjust-sharpness.js" />
     <Content Include="ServiceVault\wtv-setup\center-display.js" />
     <Content Include="ServiceVault\wtv-setup\choose-bg-songs.js" />
+    <Content Include="ServiceVault\wtv-setup\edit-password.js" />
+    <Content Include="ServiceVault\wtv-setup\edit-user-begin.js" />
+    <Content Include="ServiceVault\wtv-setup\edit-user-name.js" />
     <Content Include="ServiceVault\wtv-setup\get-playlist.js" />
     <Content Include="ServiceVault\wtv-setup\get.js">
       <SubType>Code</SubType>
@@ -277,9 +287,15 @@
     <Content Include="ServiceVault\wtv-setup\setup.js" />
     <Content Include="ServiceVault\wtv-setup\sound.js" />
     <Content Include="ServiceVault\wtv-setup\text.js" />
+    <Content Include="ServiceVault\wtv-setup\validate-add-user-done.js">
+      <SubType>Code</SubType>
+    </Content>
+    <Content Include="ServiceVault\wtv-setup\validate-add-user.js" />
     <Content Include="ServiceVault\wtv-setup\validate-bg-song-category.js">
       <SubType>Code</SubType>
     </Content>
+    <Content Include="ServiceVault\wtv-setup\validate-change-name.js" />
+    <Content Include="ServiceVault\wtv-setup\validate-change-password.js" />
     <Content Include="ServiceVault\wtv-setup\validate-mail-signature.js" />
     <Content Include="ServiceVault\wtv-setup\validate-screen-border.js">
       <SubType>Code</SubType>