includes/clientside/static/login.js
author Dan
Mon, 08 Feb 2010 17:04:08 -0500
changeset 1220 fbfd6c852c89
parent 1210 ad49fa34ff3c
child 1227 bdac73ed481e
permissions -rw-r--r--
Fixed unescaped ampersands in "&enano_version" cache breaking
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     1
/*
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     2
 * AJAX-based intelligent login interface
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     3
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     4
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     5
/*
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     6
 * FRONTEND
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     7
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     8
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     9
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    10
 * Performs a logon as a regular member.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    11
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    12
582
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
    13
window.ajaxLogonToMember = function()
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    14
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    15
  // IE <6 pseudo-compatibility
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    16
  if ( KILL_SWITCH )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    17
    return true;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    18
  if ( auth_level >= USER_LEVEL_MEMBER )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    19
    return true;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    20
  ajaxLoginInit(function(k)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    21
    {
1026
f0431eb8161e AJAX login: fixed improper run of login_submit_early; fixed failure to redirect if main_page_members == current page
Dan
parents: 1002
diff changeset
    22
      if ( on_main_page && main_page_members != physical_title )
741
a216e412c439 Added ability to have alternate main page for members
Dan
parents: 728
diff changeset
    23
      {
a216e412c439 Added ability to have alternate main page for members
Dan
parents: 728
diff changeset
    24
        window.location = makeUrl(main_page_members);
a216e412c439 Added ability to have alternate main page for members
Dan
parents: 728
diff changeset
    25
      }
a216e412c439 Added ability to have alternate main page for members
Dan
parents: 728
diff changeset
    26
      else
a216e412c439 Added ability to have alternate main page for members
Dan
parents: 728
diff changeset
    27
      {
a216e412c439 Added ability to have alternate main page for members
Dan
parents: 728
diff changeset
    28
        window.location.reload();
a216e412c439 Added ability to have alternate main page for members
Dan
parents: 728
diff changeset
    29
      }
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    30
    }, USER_LEVEL_MEMBER);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    31
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    32
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    33
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    34
 * Authenticates to the highest level the current user is allowed to go to.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    35
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    36
582
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
    37
window.ajaxLogonToElev = function()
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    38
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    39
  if ( auth_level == user_level )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    40
    return true;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    41
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    42
  ajaxLoginInit(function(k)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    43
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    44
      ENANO_SID = k;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    45
      var url = String(' ' + window.location).substr(1);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    46
      url = append_sid(url);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    47
      window.location = url;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    48
    }, user_level);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    49
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    50
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    51
/*
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    52
 * BACKEND
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    53
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    54
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    55
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    56
 * Holding object for various AJAX authentication information.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    57
 * @var object
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    58
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    59
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    60
var logindata = {};
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    61
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    62
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    63
 * Path to the image used to indicate loading progress
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    64
 * @var string
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    65
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    66
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    67
if ( !ajax_login_loadimg_path )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    68
  var ajax_login_loadimg_path = false;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    69
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    70
if ( !ajax_login_successimg_path )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    71
  var ajax_login_successimg_path = false;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    72
887
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
    73
if ( !ajax_login_lockimg_path )
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
    74
  var ajax_login_lockimg_path = false;
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
    75
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    76
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    77
 * Status variables
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    78
 * @var int
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    79
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    80
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    81
var AJAX_STATUS_LOADING_KEY = 1;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    82
var AJAX_STATUS_GENERATING_KEY = 2;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    83
var AJAX_STATUS_LOGGING_IN = 3;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    84
var AJAX_STATUS_SUCCESS = 4;
718
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
    85
var AJAX_STATUS_ERROR = 5;
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    86
var AJAX_STATUS_DESTROY = 65535;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    87
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    88
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    89
 * State constants
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    90
 * @var int
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    91
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    92
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    93
var AJAX_STATE_EARLY_INIT = 1;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    94
var AJAX_STATE_LOADING_KEY = 2;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    95
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    96
/**
887
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
    97
 * Switch to decide if DiffieHellman shows a "browser incompatible" error
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
    98
 * @var bool
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
    99
 */
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
   100
1077
7f621a3a9cbf Login: enabled DiffieHellman on IE8
Dan
parents: 1076
diff changeset
   101
var ajax_login_prevent_dh = ( IE && !IE_8 ) || ( is_iPhone && !is_iPhone_3 );
887
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
   102
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
   103
/**
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   104
 * Performs the AJAX request to get an encryption key and from there spawns the login form.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   105
 * @param function The function that will be called once authentication completes successfully.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   106
 * @param int The security level to authenticate at - see http://docs.enanocms.org/Help:Appendix_B
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   107
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   108
582
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
   109
window.ajaxLoginInit = function(call_on_finish, user_level)
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   110
{
780
f65e35566b63 A few fixes to the most recently added feature: more efficiency tweaks, tweaked l10n to have beetter fetch-on-demand support to ensure that stubs are never returned
Dan
parents: 779
diff changeset
   111
  load_component(['messagebox', 'flyin', 'fadefilter', 'jquery', 'jquery-ui', 'l10n', 'crypto']);
582
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
   112
  
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   113
  logindata = {};
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   114
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   115
  var title = ( user_level > USER_LEVEL_MEMBER ) ? $lang.get('user_login_ajax_prompt_title_elev') : $lang.get('user_login_ajax_prompt_title');
550
685e839d934e Added ability to delete the draft revision; [SECURITY] fixed lack of permission check on draft save; renamed messagebox() constructor to MessageBox() (backward compat. maintained)
Dan
parents: 532
diff changeset
   116
  logindata.mb_object = new MessageBox(MB_OKCANCEL | MB_ICONLOCK, title, '');
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   117
  
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   118
  //
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   119
  // Cancel function: called when the "Cancel" button is clicked
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   120
  //
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   121
  logindata.mb_object.onclick['Cancel'] = function()
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   122
  {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   123
    // Hide the error message, if any
1176
5c98b9f181f0 AJAX login: Fixed error box failure to destroy upon cancel. Fixes issue 8.
Dan
parents: 1136
diff changeset
   124
    $('#ajax_login_error_box').remove();
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   125
    // Hide the captcha, if any
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   126
    if ( document.getElementById('autoCaptcha') )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   127
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   128
      var to = fly_out_top(document.getElementById('autoCaptcha'), false, true);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   129
      setTimeout(function() {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   130
          var d = document.getElementById('autoCaptcha');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   131
          d.parentNode.removeChild(d);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   132
        }, to);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   133
    }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   134
    // Ask the server to delete the encryption key we're using
471
7906fb190fc1 Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
parents: 461
diff changeset
   135
    ajaxLoginPerformRequest({
7906fb190fc1 Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
parents: 461
diff changeset
   136
        mode: 'clean_key',
7906fb190fc1 Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
parents: 461
diff changeset
   137
        key_aes: logindata.key_aes,
7906fb190fc1 Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
parents: 461
diff changeset
   138
        key_dh: logindata.key_dh
7906fb190fc1 Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
parents: 461
diff changeset
   139
    });
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   140
  };
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   141
  
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   142
  // Clicking OK will not cause the box to destroy, as this function returns true.
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   143
  logindata.mb_object.onbeforeclick['OK'] = function()
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   144
  {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   145
    // Just call the submitter and let it take care of everything
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   146
    ajaxLoginSubmitForm();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   147
    return true;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   148
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   149
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   150
  // Fetch the inner content area
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   151
  logindata.mb_inner = document.getElementById('messageBox').getElementsByTagName('div')[0];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   152
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   153
  // Initialize state
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   154
  logindata.showing_status = false;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   155
  logindata.user_level = user_level;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   156
  logindata.successfunc = call_on_finish;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   157
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   158
  // Build the "loading" window
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   159
  ajaxLoginSetStatus(AJAX_STATUS_LOADING_KEY);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   160
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   161
  // Request the key
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   162
  ajaxLoginPerformRequest({ mode: 'getkey' });
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   163
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   164
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   165
/**
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   166
 * For compatibility only. Really, folks, it's ajaxLoginInit. If you need a
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   167
 * mnemonic device, use "two 'in's."
532
03429d7b1537 Finally fixed link coloring settings in Oxygen Bleu; added compatibility wrapper for people that "ajaxLogonInit" over "ajaxLoginInit"
Dan
parents: 509
diff changeset
   168
 */
03429d7b1537 Finally fixed link coloring settings in Oxygen Bleu; added compatibility wrapper for people that "ajaxLogonInit" over "ajaxLoginInit"
Dan
parents: 509
diff changeset
   169
582
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
   170
window.ajaxLogonInit = function(call_on_finish, user_level)
532
03429d7b1537 Finally fixed link coloring settings in Oxygen Bleu; added compatibility wrapper for people that "ajaxLogonInit" over "ajaxLoginInit"
Dan
parents: 509
diff changeset
   171
{
03429d7b1537 Finally fixed link coloring settings in Oxygen Bleu; added compatibility wrapper for people that "ajaxLogonInit" over "ajaxLoginInit"
Dan
parents: 509
diff changeset
   172
  return ajaxLoginInit(call_on_finish, user_level);
03429d7b1537 Finally fixed link coloring settings in Oxygen Bleu; added compatibility wrapper for people that "ajaxLogonInit" over "ajaxLoginInit"
Dan
parents: 509
diff changeset
   173
}
03429d7b1537 Finally fixed link coloring settings in Oxygen Bleu; added compatibility wrapper for people that "ajaxLogonInit" over "ajaxLoginInit"
Dan
parents: 509
diff changeset
   174
03429d7b1537 Finally fixed link coloring settings in Oxygen Bleu; added compatibility wrapper for people that "ajaxLogonInit" over "ajaxLoginInit"
Dan
parents: 509
diff changeset
   175
/**
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   176
 * Sets the contents of the AJAX login window to the appropriate status message.
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   177
 * @param int One of AJAX_STATUS_* constants
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   178
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   179
582
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
   180
window.ajaxLoginSetStatus = function(status)
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   181
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   182
  if ( !logindata.mb_inner )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   183
    return false;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   184
  if ( logindata.showing_status )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   185
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   186
    var div = document.getElementById('ajax_login_status');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   187
    if ( div )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   188
      logindata.mb_inner.removeChild(div);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   189
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   190
  switch(status)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   191
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   192
    case AJAX_STATUS_LOADING_KEY:
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   193
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   194
      // Create the status div
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   195
      var div = document.createElement('div');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   196
      div.id = 'ajax_login_status';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   197
      div.style.marginTop = '10px';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   198
      div.style.textAlign = 'center';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   199
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   200
      // The circly ball ajaxy image + status message
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   201
      var status_msg = $lang.get('user_login_ajax_fetching_key');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   202
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   203
      // Insert the status message
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   204
      div.appendChild(document.createTextNode(status_msg));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   205
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   206
      // Append a br or two to space things properly
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   207
      div.appendChild(document.createElement('br'));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   208
      div.appendChild(document.createElement('br'));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   209
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   210
      var img = document.createElement('img');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   211
      img.src = ( ajax_login_loadimg_path ) ? ajax_login_loadimg_path : scriptPath + '/images/loading-big.gif';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   212
      div.appendChild(img);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   213
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   214
      // Another coupla brs
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   215
      div.appendChild(document.createElement('br'));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   216
      div.appendChild(document.createElement('br'));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   217
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   218
      // The link to the full login form
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   219
      var small = document.createElement('small');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   220
      small.innerHTML = $lang.get('user_login_ajax_link_fullform', { link_full_form: makeUrlNS('Special', 'Login/' + title) });
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   221
      div.appendChild(small);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   222
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   223
      // Insert the entire message into the login window
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   224
      logindata.mb_inner.innerHTML = '';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   225
      logindata.mb_inner.appendChild(div);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   226
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   227
      break;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   228
    case AJAX_STATUS_GENERATING_KEY:
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   229
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   230
      // Create the status div
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   231
      var div = document.createElement('div');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   232
      div.id = 'ajax_login_status';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   233
      div.style.marginTop = '10px';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   234
      div.style.textAlign = 'center';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   235
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   236
      // The circly ball ajaxy image + status message
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   237
      var status_msg = $lang.get('user_login_ajax_generating_key');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   238
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   239
      // Insert the status message
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   240
      div.appendChild(document.createTextNode(status_msg));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   241
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   242
      // Append a br or two to space things properly
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   243
      div.appendChild(document.createElement('br'));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   244
      div.appendChild(document.createElement('br'));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   245
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   246
      var img = document.createElement('img');
887
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
   247
      img.src = ( ajax_login_lockimg_path ) ? ajax_login_lockimg_path : scriptPath + '/images/lock48.png';
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   248
      div.appendChild(img);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   249
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   250
      // Another coupla brs
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   251
      div.appendChild(document.createElement('br'));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   252
      div.appendChild(document.createElement('br'));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   253
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   254
      // The link to the full login form
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   255
      var small = document.createElement('small');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   256
      small.innerHTML = $lang.get('user_login_ajax_link_fullform_dh', { link_full_form: makeUrlNS('Special', 'Login/' + title) });
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   257
      div.appendChild(small);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   258
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   259
      // Insert the entire message into the login window
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   260
      logindata.mb_inner.innerHTML = '';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   261
      logindata.mb_inner.appendChild(div);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   262
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   263
      break;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   264
    case AJAX_STATUS_LOGGING_IN:
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   265
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   266
      // Create the status div
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   267
      var div = document.createElement('div');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   268
      div.id = 'ajax_login_status';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   269
      div.style.marginTop = '10px';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   270
      div.style.textAlign = 'center';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   271
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   272
      // The circly ball ajaxy image + status message
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   273
      var status_msg = $lang.get('user_login_ajax_loggingin');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   274
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   275
      // Insert the status message
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   276
      div.appendChild(document.createTextNode(status_msg));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   277
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   278
      // Append a br or two to space things properly
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   279
      div.appendChild(document.createElement('br'));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   280
      div.appendChild(document.createElement('br'));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   281
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   282
      var img = document.createElement('img');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   283
      img.src = ( ajax_login_loadimg_path ) ? ajax_login_loadimg_path : scriptPath + '/images/loading-big.gif';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   284
      div.appendChild(img);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   285
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   286
      // Insert the entire message into the login window
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   287
      logindata.mb_inner.innerHTML = '';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   288
      logindata.mb_inner.appendChild(div);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   289
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   290
      break;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   291
    case AJAX_STATUS_SUCCESS:
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   292
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   293
      // Create the status div
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   294
      var div = document.createElement('div');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   295
      div.id = 'ajax_login_status';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   296
      div.style.marginTop = '10px';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   297
      div.style.textAlign = 'center';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   298
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   299
      // The circly ball ajaxy image + status message
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   300
      var status_msg = $lang.get('user_login_success_short');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   301
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   302
      // Insert the status message
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   303
      div.appendChild(document.createTextNode(status_msg));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   304
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   305
      // Append a br or two to space things properly
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   306
      div.appendChild(document.createElement('br'));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   307
      div.appendChild(document.createElement('br'));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   308
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   309
      var img = document.createElement('img');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   310
      img.src = ( ajax_login_successimg_path ) ? ajax_login_successimg_path : scriptPath + '/images/check.png';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   311
      div.appendChild(img);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   312
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   313
      // Insert the entire message into the login window
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   314
      logindata.mb_inner.innerHTML = '';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   315
      logindata.mb_inner.appendChild(div);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   316
      
718
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   317
      break;
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   318
      
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   319
    case AJAX_STATUS_ERROR:
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   320
      // Create the status div
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   321
      var div = document.createElement('div');
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   322
      div.id = 'ajax_login_status';
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   323
      div.style.marginTop = '10px';
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   324
      div.style.textAlign = 'center';
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   325
      
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   326
      // The circly ball ajaxy image + status message
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   327
      var status_msg = $lang.get('user_login_ajax_err_crypto');
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   328
      
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   329
      // Insert the status message
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   330
      div.appendChild(document.createTextNode(status_msg));
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   331
      
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   332
      // Append a br or two to space things properly
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   333
      div.appendChild(document.createElement('br'));
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   334
      div.appendChild(document.createElement('br'));
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   335
      
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   336
      var img = document.createElement('img');
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   337
      img.src = ( ajax_login_successimg_path ) ? ajax_login_successimg_path : scriptPath + '/images/checkbad.png';
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   338
      div.appendChild(img);
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   339
      
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   340
      // Append a br or two to space things properly
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   341
      div.appendChild(document.createElement('br'));
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   342
      div.appendChild(document.createElement('br'));
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   343
      
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   344
      // The circly ball ajaxy image + status message
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   345
      var detail_msg = $lang.get('user_login_ajax_err_crypto_details');
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   346
      var full_link = $lang.get('user_login_ajax_err_crypto_link');
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   347
      var link = document.createElement('a');
1077
7f621a3a9cbf Login: enabled DiffieHellman on IE8
Dan
parents: 1076
diff changeset
   348
      link.href = makeUrlNS('Special', 'Login/' + title, 'level=' + logindata.user_level, true);
718
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   349
      link.appendChild(document.createTextNode(full_link));
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   350
      var span = document.createElement('span');
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   351
      span.style.fontSize = 'smaller';
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   352
      
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   353
      // Insert the message
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   354
      span.appendChild(document.createTextNode(detail_msg + ' '));
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   355
      span.appendChild(link);
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   356
      div.appendChild(span);
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   357
      
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   358
      // Insert the entire message into the login window
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   359
      logindata.mb_inner.innerHTML = '';
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   360
      logindata.mb_inner.appendChild(div);
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   361
      
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   362
      break;
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   363
      
843
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 824
diff changeset
   364
    default:
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 824
diff changeset
   365
      eval(setHook('login_set_status'));
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 824
diff changeset
   366
      break;
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 824
diff changeset
   367
      
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   368
    case AJAX_STATUS_DESTROY:
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   369
    case null:
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   370
    case undefined:
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   371
      logindata.showing_status = false;
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   372
      return;
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   373
      break;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   374
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   375
  logindata.showing_status = true;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   376
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   377
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   378
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   379
 * Performs an AJAX logon request to the server and calls ajaxLoginProcessResponse() on the result.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   380
 * @param object JSON packet to send
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   381
 * @param function Optional function to call on the response as well.
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   382
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   383
1001
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
   384
window.ajaxLoginPerformRequest = function(json, _hookfunc)
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   385
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   386
  json = toJSONString(json);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   387
  json = ajaxEscape(json);
1001
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
   388
  var hookfunc = typeof(_hookfunc) == 'function' ? _hookfunc : false;
824
28d9fbcd4f0d Login: reauth: window.location.hash is now updated to include the new SID so that page reloads will use it
Dan
parents: 816
diff changeset
   389
  ajaxPost(makeUrlNS('Special', 'Login/action.json'), 'r=' + json, function(ajax)
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   390
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   391
      if ( ajax.readyState == 4 && ajax.status == 200 )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   392
      {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   393
        // parse response
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   394
        var response = String(ajax.responseText + '');
651
ce9d78d7251d Improved JSON validation and error interface when validation fails; made rank manager support custom CSS
Dan
parents: 585
diff changeset
   395
        if ( !check_json_response(response) )
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   396
        {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   397
          handle_invalid_json(response);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   398
          return false;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   399
        }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   400
        response = parseJSON(response);
1001
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
   401
        ajaxLoginProcessResponse(response, hookfunc);
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   402
      }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   403
    }, true);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   404
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   405
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   406
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   407
 * Processes a response from the login server
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   408
 * @param object JSON response
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   409
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   410
1001
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
   411
window.ajaxLoginProcessResponse = function(response, hookfunc)
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   412
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   413
  // Did the server send a plaintext error?
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   414
  if ( response.mode == 'error' )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   415
  {
811
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
   416
    if ( logindata.mb_object )
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
   417
    {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
   418
      logindata.mb_object.destroy();
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
   419
      var error_msg = $lang.get('user_' + ( response.error.toLowerCase() ));
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
   420
      new MessageBox(MB_ICONSTOP | MB_OK, $lang.get('user_err_login_generic_title'), error_msg);
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
   421
    }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
   422
    else
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
   423
    {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
   424
      alert(response.error);
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
   425
    }
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   426
    return false;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   427
  }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   428
  
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   429
  // Main mode switch
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   430
  switch ( response.mode )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   431
  {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   432
    case 'initial':
471
7906fb190fc1 Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
parents: 461
diff changeset
   433
      // Rid ourselves of any loading windows
7906fb190fc1 Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
parents: 461
diff changeset
   434
      ajaxLoginSetStatus(AJAX_STATUS_DESTROY);
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   435
      // show any errors
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   436
      ajaxLoginShowFriendlyError(response);
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   437
      // The server wants us to build the login form, all the information is there
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   438
      ajaxLoginBuildForm(response);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   439
      break;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   440
    case 'login_success':
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   441
      ajaxLoginSetStatus(AJAX_STATUS_SUCCESS);
1001
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
   442
      logindata.successfunc(response.key, response);
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   443
      break;
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   444
    case 'reset_pass_used':
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   445
      // We logged in with a temporary password. Prompt the user to go to the temp password page and
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   446
      // reset their real password. If they click no, treat it as a login failure, as no session key
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   447
      // is actually issued when this type of login is performed.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   448
      
472
bc4b58034f4d Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
parents: 471
diff changeset
   449
      var conf = confirm($lang.get('user_login_ajax_msg_used_temp_pass'));
bc4b58034f4d Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
parents: 471
diff changeset
   450
      if ( conf )
bc4b58034f4d Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
parents: 471
diff changeset
   451
      {
bc4b58034f4d Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
parents: 471
diff changeset
   452
        var url = makeUrlNS('Special', 'PasswordReset/stage2/' + response.user_id + '/' + response.temp_password);
bc4b58034f4d Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
parents: 471
diff changeset
   453
        window.location = url;
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   454
        break;
472
bc4b58034f4d Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
parents: 471
diff changeset
   455
      }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   456
      // else, treat as a failure
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   457
    default:
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   458
      // Rid ourselves of any loading windows
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   459
      ajaxLoginSetStatus(AJAX_STATUS_DESTROY);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   460
      document.getElementById('messageBox').style.backgroundColor = '#C0C0C0';
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   461
      var mb_parent = document.getElementById('messageBox').parentNode;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   462
      $(mb_parent).effect("shake", {}, 200);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   463
      setTimeout(function()
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   464
        {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   465
          document.getElementById('messageBox').style.backgroundColor = '#FFF';
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   466
          console.debug(response);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   467
          ajaxLoginShowFriendlyError(response);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   468
          ajaxLoginBuildForm(response);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   469
        }, 2500);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   470
      
472
bc4b58034f4d Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
parents: 471
diff changeset
   471
      break;
811
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
   472
    case 'logout_success':
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
   473
      if ( ENANO_SID )
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
   474
      {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
   475
        ajaxLoginReplaceSIDInline(false, ENANO_SID, USER_LEVEL_MEMBER);
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
   476
      }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
   477
      break;
471
7906fb190fc1 Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
parents: 461
diff changeset
   478
    case 'noop':
7906fb190fc1 Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
parents: 461
diff changeset
   479
      break;
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   480
  }
1001
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
   481
  if ( hookfunc )
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
   482
  {
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
   483
    hookfunc(response);
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
   484
  }
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   485
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   486
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   487
/*
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   488
 * RESPONSE HANDLERS
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   489
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   490
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   491
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   492
 * Builds the login form.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   493
 * @param object Metadata to build off of
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   494
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   495
582
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
   496
window.ajaxLoginBuildForm = function(data)
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   497
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   498
  // let's hope this effectively preloads the image...
887
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
   499
  var _1 = document.createElement('img');
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
   500
  _1.src = ( ajax_login_successimg_path ) ? ajax_login_successimg_path : scriptPath + '/images/check.png';
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
   501
  var _2 = document.createElement('img');
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
   502
  _2.src = ( ajax_login_lockimg_path ) ? ajax_login_lockimg_path : scriptPath + '/images/lock48.png';
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   503
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   504
  var div = document.createElement('div');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   505
  div.id = 'ajax_login_form';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   506
  
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   507
  var show_captcha = ( data.lockout.active && data.lockout.policy == 'captcha' ) ? data.lockout.captcha : false;
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   508
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   509
  // text displayed on re-auth
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   510
  if ( logindata.user_level > USER_LEVEL_MEMBER )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   511
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   512
    div.innerHTML += $lang.get('user_login_ajax_prompt_body_elev') + '<br /><br />';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   513
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   514
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   515
  // Create the form
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   516
  var form = document.createElement('form');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   517
  form.action = 'javascript:void(ajaxLoginSubmitForm());';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   518
  form.onsubmit = function()
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   519
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   520
    ajaxLoginSubmitForm();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   521
    return false;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   522
  }
460
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   523
  if ( IE )
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   524
  {
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   525
    form.style.marginTop = '-20px';
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   526
  }
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   527
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   528
  // Using tables to wrap form elements because it results in a
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   529
  // more visually appealing form. Yes, tables suck. I don't really
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   530
  // care - they make forms look good.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   531
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   532
  var table = document.createElement('table');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   533
  table.style.margin = '0 auto';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   534
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   535
  // Field - username
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   536
  var tr1 = document.createElement('tr');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   537
  var td1_1 = document.createElement('td');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   538
  td1_1.appendChild(document.createTextNode($lang.get('user_login_field_username') + ':'));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   539
  tr1.appendChild(td1_1);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   540
  var td1_2 = document.createElement('td');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   541
  var f_username = document.createElement('input');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   542
  f_username.id = 'ajax_login_field_username';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   543
  f_username.name = 'ajax_login_field_username';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   544
  f_username.type = 'text';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   545
  f_username.size = '25';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   546
  if ( data.username )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   547
    f_username.value = data.username;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   548
  td1_2.appendChild(f_username);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   549
  tr1.appendChild(td1_2);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   550
  table.appendChild(tr1);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   551
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   552
  // Field - password
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   553
  var tr2 = document.createElement('tr');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   554
  var td2_1 = document.createElement('td');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   555
  td2_1.appendChild(document.createTextNode($lang.get('user_login_field_password') + ':'));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   556
  tr2.appendChild(td2_1);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   557
  var td2_2 = document.createElement('td');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   558
  var f_password = document.createElement('input');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   559
  f_password.id = 'ajax_login_field_password';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   560
  f_password.name = 'ajax_login_field_username';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   561
  f_password.type = 'password';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   562
  f_password.size = '25';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   563
  if ( !show_captcha )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   564
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   565
    f_password.onkeyup = function(e)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   566
    {
461
717e71109645 Fixed a number of IE6 bugs
Dan
parents: 460
diff changeset
   567
      if ( !e )
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   568
        e = window.event;
461
717e71109645 Fixed a number of IE6 bugs
Dan
parents: 460
diff changeset
   569
      if ( !e && IE )
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   570
        return true;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   571
      if ( e.keyCode == 13 )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   572
      {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   573
        ajaxLoginSubmitForm();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   574
      }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   575
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   576
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   577
  td2_2.appendChild(f_password);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   578
  tr2.appendChild(td2_2);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   579
  table.appendChild(tr2);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   580
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   581
  // Field - captcha
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   582
  if ( show_captcha )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   583
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   584
    var tr3 = document.createElement('tr');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   585
    var td3_1 = document.createElement('td');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   586
    td3_1.appendChild(document.createTextNode($lang.get('user_login_field_captcha') + ':'));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   587
    tr3.appendChild(td3_1);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   588
    var td3_2 = document.createElement('td');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   589
    var f_captcha = document.createElement('input');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   590
    f_captcha.id = 'ajax_login_field_captcha';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   591
    f_captcha.name = 'ajax_login_field_username';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   592
    f_captcha.type = 'text';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   593
    f_captcha.size = '25';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   594
    f_captcha.onkeyup = function(e)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   595
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   596
      if ( !e )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   597
        e = window.event;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   598
      if ( !e.keyCode )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   599
        return true;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   600
      if ( e.keyCode == 13 )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   601
      {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   602
        ajaxLoginSubmitForm();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   603
      }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   604
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   605
    td3_2.appendChild(f_captcha);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   606
    tr3.appendChild(td3_2);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   607
    table.appendChild(tr3);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   608
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   609
  
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   610
  // ok, this is a compatibility hack
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   611
  data.locked_out = { locked_out: data.lockout.active };
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   612
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   613
  // hook for the login form
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   614
  eval(setHook('login_build_form'));
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   615
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   616
  delete(data.locked_out);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   617
  
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   618
  // Done building the main part of the form
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   619
  form.appendChild(table);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   620
  
1075
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   621
  // Checkbox container
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   622
  var boxen = document.createElement('div');
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   623
  boxen.style.textAlign = 'center';
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   624
  boxen.style.padding = '7px 0';
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   625
  
688
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   626
  // Field: remember login
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   627
  if ( logindata.user_level <= USER_LEVEL_MEMBER )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   628
  {
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   629
    var lbl_remember = document.createElement('label');
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   630
    lbl_remember.style.fontSize = 'smaller';
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   631
    lbl_remember.style.textAlign = 'center';
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   632
    
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   633
    // figure out what text to put in the "remember me" checkbox
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   634
    // infinite session length?
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   635
    if ( data.extended_time == 0 )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   636
    {
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   637
      // yes, infinite
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   638
      var txt_remember = $lang.get('user_login_ajax_check_remember_infinite');
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   639
    }
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   640
    else
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   641
    {
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   642
      if ( data.extended_time % 7 == 0 )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   643
      {
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   644
        // number of days is a multiple of 7
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   645
        // use weeks as our unit
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   646
        var sess_time = data.extended_time / 7;
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   647
        var unit = 'week';
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   648
      }
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   649
      else
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   650
      {
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   651
        // use days as our unit
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   652
        var sess_time = data.extended_time;
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   653
        var unit = 'day';
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   654
      }
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   655
      // more than one week or day?
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   656
      if ( sess_time != 1 )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   657
        unit += 's';
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   658
      
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   659
      // assemble the string
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   660
      var txt_remember = $lang.get('user_login_ajax_check_remember', {
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   661
          session_length: sess_time,
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   662
          length_units: $lang.get('etc_unit_' + unit)
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   663
        });
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   664
    }
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   665
    var check_remember = document.createElement('input');
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   666
    check_remember.type = 'checkbox';
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   667
    // this onclick attribute changes the cookie whenever the checkbox or label is clicked
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   668
    check_remember.setAttribute('onclick', 'var ck = ( this.checked ) ? "enable" : "disable"; createCookie("login_remember", ck, 3650);');
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   669
    if ( readCookie('login_remember') != 'disable' )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   670
      check_remember.setAttribute('checked', 'checked');
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   671
    check_remember.id = 'ajax_login_field_remember';
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   672
    lbl_remember.appendChild(check_remember);
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   673
    lbl_remember.innerHTML += ' ' + txt_remember;
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   674
    
1075
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   675
    boxen.appendChild(lbl_remember);
688
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   676
  }
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   677
  
1075
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   678
  var bullet = document.createElement('span');
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   679
  bullet.innerHTML = '&nbsp;';
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   680
  bullet.style.fontSize = '12pt';
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   681
  bullet.style.borderRight = '1px solid #aaa';
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   682
  bullet.style.margin = '0 6px 0 4px';
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   683
  
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   684
  // Field: enable Diffie Hellman
887
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
   685
  if ( ajax_login_prevent_dh )
460
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   686
  {
1076
9c364fded738 Login: visual: fixed separator being displayed with only one of 2 checkboxes
Dan
parents: 1075
diff changeset
   687
    if ( logindata.user_level <= USER_LEVEL_MEMBER )
9c364fded738 Login: visual: fixed separator being displayed with only one of 2 checkboxes
Dan
parents: 1075
diff changeset
   688
      // only show this if both checkboxes are visible
9c364fded738 Login: visual: fixed separator being displayed with only one of 2 checkboxes
Dan
parents: 1075
diff changeset
   689
      boxen.appendChild(bullet);
9c364fded738 Login: visual: fixed separator being displayed with only one of 2 checkboxes
Dan
parents: 1075
diff changeset
   690
      
460
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   691
    var lbl_dh = document.createElement('span');
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   692
    lbl_dh.style.fontSize = 'smaller';
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   693
    lbl_dh.style.textAlign = 'center';
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   694
    lbl_dh.innerHTML = $lang.get('user_login_ajax_check_dh_ie');
1075
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   695
    boxen.appendChild(lbl_dh);
460
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   696
  }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   697
  else if ( !data.crypto.dh_enable )
718
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   698
  {
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   699
    // create hidden control - server requested that DiffieHellman be disabled (usually means not supported)
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   700
    var check_dh = document.createElement('input');
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   701
    check_dh.type = 'hidden';
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   702
    check_dh.id = 'ajax_login_field_dh';
1075
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   703
    boxen.appendChild(check_dh);
718
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   704
  }
460
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   705
  else
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   706
  {
1076
9c364fded738 Login: visual: fixed separator being displayed with only one of 2 checkboxes
Dan
parents: 1075
diff changeset
   707
    if ( logindata.user_level <= USER_LEVEL_MEMBER )
9c364fded738 Login: visual: fixed separator being displayed with only one of 2 checkboxes
Dan
parents: 1075
diff changeset
   708
      // only show this if both checkboxes are visible
9c364fded738 Login: visual: fixed separator being displayed with only one of 2 checkboxes
Dan
parents: 1075
diff changeset
   709
      boxen.appendChild(bullet);
1075
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   710
    
460
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   711
    var lbl_dh = document.createElement('label');
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   712
    lbl_dh.style.fontSize = 'smaller';
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   713
    lbl_dh.style.textAlign = 'center';
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   714
    var check_dh = document.createElement('input');
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   715
    check_dh.type = 'checkbox';
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   716
    // this onclick attribute changes the cookie whenever the checkbox or label is clicked
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   717
    check_dh.setAttribute('onclick', 'var ck = ( this.checked ) ? "enable" : "disable"; createCookie("diffiehellman_login", ck, 3650);');
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   718
    if ( readCookie('diffiehellman_login') != 'disable' )
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   719
      check_dh.setAttribute('checked', 'checked');
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   720
    check_dh.id = 'ajax_login_field_dh';
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   721
    lbl_dh.appendChild(check_dh);
694
43367c66d869 Couple of fixes (hacks) for Opera and the aftermath of that z-index change to darken() and enlighten() fadefilters; added ajaxOpenDirectACLRule() to placeholder list
Dan
parents: 688
diff changeset
   722
    lbl_dh.innerHTML += ' ' + $lang.get('user_login_ajax_check_dh');
1075
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   723
    boxen.appendChild(lbl_dh);
460
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   724
  }
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   725
  
1075
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   726
  form.appendChild(boxen);
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   727
  
460
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   728
  if ( IE )
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   729
  {
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   730
    div.innerHTML += form.outerHTML;
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   731
  }
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   732
  else
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   733
  {
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   734
    div.appendChild(form);
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   735
  }
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   736
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   737
  // Diagnostic / help links
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   738
  // (only displayed in login, not in re-auth)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   739
  if ( logindata.user_level == USER_LEVEL_MEMBER )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   740
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   741
    var links = document.createElement('small');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   742
    links.style.display = 'block';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   743
    links.style.textAlign = 'center';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   744
    links.innerHTML = '';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   745
    if ( !show_captcha )
1075
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   746
      links.innerHTML += $lang.get('user_login_ajax_link_fullform', { link_full_form: makeUrlNS('Special', 'Login/' + title) }) + ' &bull; ';
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   747
    // Always shown
1075
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   748
    links.innerHTML += $lang.get('user_login_ajax_link_forgotpass', { forgotpass_link: makeUrlNS('Special', 'PasswordReset') }) + ' &bull; ';
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   749
    if ( !show_captcha )
1075
f4b89aa4226d Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.
Dan
parents: 1070
diff changeset
   750
      links.innerHTML += $lang.get('user_login_ajax_createaccount_blurb', { reg_link: makeUrlNS('Special', 'Register') });
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   751
    div.appendChild(links);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   752
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   753
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   754
  // Insert the entire form into the login window
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   755
  logindata.mb_inner.innerHTML = '';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   756
  logindata.mb_inner.appendChild(div);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   757
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   758
  // Post operations: field focus
816
44b8446533e1 Fixed login form being focused too early (caused page to scroll up)
Dan
parents: 811
diff changeset
   759
  setTimeout(
44b8446533e1 Fixed login form being focused too early (caused page to scroll up)
Dan
parents: 811
diff changeset
   760
    function()
44b8446533e1 Fixed login form being focused too early (caused page to scroll up)
Dan
parents: 811
diff changeset
   761
    {
44b8446533e1 Fixed login form being focused too early (caused page to scroll up)
Dan
parents: 811
diff changeset
   762
      if ( logindata.loggedin_username )
44b8446533e1 Fixed login form being focused too early (caused page to scroll up)
Dan
parents: 811
diff changeset
   763
        document.getElementById('ajax_login_field_password').focus();
44b8446533e1 Fixed login form being focused too early (caused page to scroll up)
Dan
parents: 811
diff changeset
   764
      else
44b8446533e1 Fixed login form being focused too early (caused page to scroll up)
Dan
parents: 811
diff changeset
   765
        document.getElementById('ajax_login_field_username').focus();
44b8446533e1 Fixed login form being focused too early (caused page to scroll up)
Dan
parents: 811
diff changeset
   766
    }, 750);        
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   767
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   768
  // Post operations: show captcha window
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   769
  if ( show_captcha )
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   770
  {
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   771
    ajaxShowCaptcha(show_captcha);
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   772
  }
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   773
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   774
  // Post operations: stash encryption keys and All That Jazz(TM)
1136
8c664c96fccd Login: Fixed typo that prevented non-DH crypto from working (thanks Keith Schmader)
Dan
parents: 1132
diff changeset
   775
  logindata.key_aes = data.crypto.aes_key;
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   776
  logindata.key_dh = data.crypto.dh_public_key;
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   777
  logindata.captcha_hash = show_captcha;
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   778
  logindata.loggedin_username = data.username;
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   779
  
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   780
  // If policy is lockout, also disable controls
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   781
  if ( data.lockout.policy == 'lockout' && data.lockout.active )
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   782
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   783
    f_username.setAttribute('disabled', 'disabled');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   784
    f_password.setAttribute('disabled', 'disabled');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   785
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   786
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   787
688
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   788
window.ajaxLoginSubmitForm = function(real, username, password, captcha, remember)
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   789
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   790
  // Perform AES test to make sure it's all working
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   791
  if ( !aes_self_test() )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   792
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   793
    alert('BUG: AES self-test failed');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   794
    login_cache.mb_object.destroy();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   795
    return false;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   796
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   797
  // Hide the error message and captcha
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   798
  if ( document.getElementById('ajax_login_error_box') )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   799
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   800
    document.getElementById('ajax_login_error_box').parentNode.removeChild(document.getElementById('ajax_login_error_box'));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   801
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   802
  if ( document.getElementById('autoCaptcha') )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   803
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   804
    var to = fly_out_top(document.getElementById('autoCaptcha'), false, true);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   805
    setTimeout(function() {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   806
        var d = document.getElementById('autoCaptcha');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   807
        d.parentNode.removeChild(d);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   808
      }, to);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   809
  }
688
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   810
  // "Remember session" switch
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   811
  if ( typeof(remember) == 'boolean' )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   812
  {
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   813
    var remember_session = remember;
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   814
  }
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   815
  else
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   816
  {
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   817
    if ( document.getElementById('ajax_login_field_remember') )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   818
    {
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   819
      var remember_session = ( document.getElementById('ajax_login_field_remember').checked ) ? true : false;
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   820
    }
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   821
    else
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   822
    {
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   823
      var remember_session = false;
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   824
    }
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   825
  }
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   826
  // Encryption: preprocessor
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   827
  if ( real )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   828
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   829
    var do_dh = true;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   830
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   831
  else if ( document.getElementById('ajax_login_field_dh') )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   832
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   833
    var do_dh = document.getElementById('ajax_login_field_dh').checked;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   834
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   835
  else
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   836
  {
887
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
   837
    if ( ajax_login_prevent_dh )
460
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   838
    {
509
175df10e0b56 Added a copy of Firebug Lite for debugging purposes. License is uncertain but being treated as MPL. (If is is not MPL then it is under something more permissive that permits relicensing anyway)
Dan
parents: 478
diff changeset
   839
      // IE/MobileSafari doesn't have this control, continue silently IF the rest
460
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   840
      // of the login form is there
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   841
      if ( !document.getElementById('ajax_login_field_username') )
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   842
      {
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   843
        return false;
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   844
      }
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   845
    }
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   846
    else
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   847
    {
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   848
      // The user probably clicked ok when the form wasn't in there.
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   849
      return false;
3a1c99845ca8 Merging in changes from Nighthawk
Dan
parents: 436
diff changeset
   850
    }
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   851
  }
718
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   852
  
843
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 824
diff changeset
   853
  if ( typeof(username) != 'string' )
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   854
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   855
    var username = document.getElementById('ajax_login_field_username').value;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   856
  }
843
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 824
diff changeset
   857
  if ( typeof(password) != 'string' )
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   858
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   859
    var password = document.getElementById('ajax_login_field_password').value;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   860
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   861
  if ( !captcha && document.getElementById('ajax_login_field_captcha') )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   862
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   863
    var captcha = document.getElementById('ajax_login_field_captcha').value;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   864
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   865
  
1026
f0431eb8161e AJAX login: fixed improper run of login_submit_early; fixed failure to redirect if main_page_members == current page
Dan
parents: 1002
diff changeset
   866
  // Only run early submit hook once
f0431eb8161e AJAX login: fixed improper run of login_submit_early; fixed failure to redirect if main_page_members == current page
Dan
parents: 1002
diff changeset
   867
  if ( !window.logindata.early_submit_run )
f0431eb8161e AJAX login: fixed improper run of login_submit_early; fixed failure to redirect if main_page_members == current page
Dan
parents: 1002
diff changeset
   868
    eval(setHook('login_submit_early'));
f0431eb8161e AJAX login: fixed improper run of login_submit_early; fixed failure to redirect if main_page_members == current page
Dan
parents: 1002
diff changeset
   869
  
f0431eb8161e AJAX login: fixed improper run of login_submit_early; fixed failure to redirect if main_page_members == current page
Dan
parents: 1002
diff changeset
   870
  window.logindata.early_submit_run = true;
f0431eb8161e AJAX login: fixed improper run of login_submit_early; fixed failure to redirect if main_page_members == current page
Dan
parents: 1002
diff changeset
   871
  
718
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   872
  try
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   873
  {
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   874
  
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   875
  if ( do_dh )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   876
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   877
    ajaxLoginSetStatus(AJAX_STATUS_GENERATING_KEY);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   878
    if ( !real )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   879
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   880
      // Wait while the browser updates the login window
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   881
      setTimeout(function()
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   882
        {
688
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   883
          ajaxLoginSubmitForm(true, username, password, captcha, remember_session);
887
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
   884
        }, 20);
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   885
      return true;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   886
    }
887
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
   887
    var dh_start = (new Date()).getTime();
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   888
    // Perform Diffie Hellman stuff
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   889
    var dh_priv = dh_gen_private();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   890
    var dh_pub = dh_gen_public(dh_priv);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   891
    var secret = dh_gen_shared_secret(dh_priv, logindata.key_dh);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   892
    // secret_hash is used to verify that the server guesses the correct secret
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   893
    var secret_hash = hex_sha1(secret);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   894
    // crypt_key is the actual AES key
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   895
    var crypt_key = (hex_sha256(secret)).substr(0, (keySizeInBits / 4));
887
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
   896
    var dh_time = (new Date()).getTime() - dh_start;
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
   897
    console.debug("DH: complete, time = %dms", dh_time);
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   898
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   899
  else
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   900
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   901
    var crypt_key = logindata.key_aes;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   902
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   903
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   904
  ajaxLoginSetStatus(AJAX_STATUS_LOGGING_IN);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   905
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   906
  // Encrypt the password and username
843
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 824
diff changeset
   907
  var userinfo = {
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   908
      username: username,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   909
      password: password
843
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 824
diff changeset
   910
    };
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 824
diff changeset
   911
    
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 824
diff changeset
   912
  eval(setHook('login_build_userinfo'));
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 824
diff changeset
   913
    
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 824
diff changeset
   914
  userinfo = toJSONString(userinfo);
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   915
  var crypt_key_ba = hexToByteArray(crypt_key);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   916
  userinfo = stringToByteArray(userinfo);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   917
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   918
  userinfo = rijndaelEncrypt(userinfo, crypt_key_ba, 'ECB');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   919
  userinfo = byteArrayToHex(userinfo);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   920
  // Encrypted username and password (serialized with JSON) are now in the userinfo string
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   921
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   922
  // Collect other needed information
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   923
  if ( logindata.captcha_hash )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   924
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   925
    var captcha_hash = logindata.captcha_hash;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   926
    var captcha_code = captcha;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   927
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   928
  else
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   929
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   930
    var captcha_hash = false;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   931
    var captcha_code = false;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   932
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   933
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   934
  // Ship it across the 'net
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   935
  if ( do_dh )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   936
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   937
    var json_packet = {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   938
      mode: 'login_dh',
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   939
      userinfo: userinfo,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   940
      captcha_code: captcha_code,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   941
      captcha_hash: captcha_hash,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   942
      dh_public_key: logindata.key_dh,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   943
      dh_client_key: dh_pub,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   944
      dh_secret_hash: secret_hash,
688
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   945
      level: logindata.user_level,
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   946
      remember: remember_session
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   947
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   948
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   949
  else
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   950
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   951
    var json_packet = {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   952
      mode: 'login_aes',
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   953
      userinfo: userinfo,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   954
      captcha_code: captcha_code,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   955
      captcha_hash: captcha_hash,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   956
      key_aes: hex_md5(crypt_key),
688
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   957
      level: logindata.user_level,
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 651
diff changeset
   958
      remember: remember_session
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   959
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   960
  }
718
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   961
  }
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   962
  catch(e)
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   963
  {
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   964
    ajaxLoginSetStatus(AJAX_STATUS_ERROR);
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   965
    console.error('Exception caught in login process; backtrace follows');
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   966
    console.debug(e);
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   967
    return false;
12485b1d41fd Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
parents: 699
diff changeset
   968
  }
1026
f0431eb8161e AJAX login: fixed improper run of login_submit_early; fixed failure to redirect if main_page_members == current page
Dan
parents: 1002
diff changeset
   969
  // reset this...
f0431eb8161e AJAX login: fixed improper run of login_submit_early; fixed failure to redirect if main_page_members == current page
Dan
parents: 1002
diff changeset
   970
  window.logindata.early_submit_run = false;
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   971
  ajaxLoginPerformRequest(json_packet);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   972
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   973
582
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
   974
window.ajaxLoginShowFriendlyError = function(response)
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   975
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   976
  var text = ajaxLoginGetErrorText(response);
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   977
  if ( text == false )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   978
    return true;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
   979
    
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   980
  if ( document.getElementById('ajax_login_error_box') )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   981
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   982
    // console.info('Reusing existing error-box');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   983
    document.getElementById('ajax_login_error_box').innerHTML = text;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   984
    return true;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   985
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   986
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   987
  // console.info('Drawing new error-box');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   988
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   989
  // calculate position for the top of the box
699
c7d737202d59 Removed Adobe Spry and replaced with jQuery. Please report any new bugs on the forums or via IRC. In a related note, auto-completion should work now at least for usernames. Still hacking away at page name completion...
Dan
parents: 694
diff changeset
   990
  var mb_bottom = $dynano('messageBoxButtons').Top() + $dynano('messageBoxButtons').Height();
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   991
  // if the box isn't done flying in yet, just estimate
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   992
  if ( mb_bottom < ( getHeight() / 2 ) )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   993
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   994
    mb_bottom = ( getHeight() / 2 ) + 120;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   995
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   996
  var win_bottom = getHeight() + getScrollOffset();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   997
  var top = mb_bottom + ( ( win_bottom - mb_bottom ) / 2 ) - 32;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   998
  // left position = 0.2 * window_width, seeing as the box is 60% width this works hackishly but nice and quick
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   999
  var left = getWidth() * 0.2;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1000
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1001
  // create the div
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1002
  var errbox = document.createElement('div');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1003
  errbox.className = 'error-box-mini';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1004
  errbox.style.position = 'absolute';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1005
  errbox.style.width = '60%';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1006
  errbox.style.top = top + 'px';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1007
  errbox.style.left = left + 'px';
694
43367c66d869 Couple of fixes (hacks) for Opera and the aftermath of that z-index change to darken() and enlighten() fadefilters; added ajaxOpenDirectACLRule() to placeholder list
Dan
parents: 688
diff changeset
  1008
  errbox.style.zIndex = getHighestZ();
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1009
  errbox.innerHTML = text;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1010
  errbox.id = 'ajax_login_error_box';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1011
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1012
  var body = document.getElementsByTagName('body')[0];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1013
  body.appendChild(errbox);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1014
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1015
582
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1016
window.ajaxLoginGetErrorText = function(response)
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1017
{
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1018
  if ( response.lockout )
843
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 824
diff changeset
  1019
  {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1020
    // set this pluralality thing
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1021
    response.lockout.plural = response.lockout.time_rem == 1 ? '' : $lang.get('meta_plural');
843
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 824
diff changeset
  1022
  }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1023
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1024
  if ( response.mode == 'initial' )
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1025
  {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1026
    // Just showing the box for the first time. If there's an error now, it's based on a preexisting lockout.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1027
    if ( response.lockout.active )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1028
    {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1029
      return $lang.get('user_err_locked_out_initial_' + response.lockout.policy, response.lockout);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1030
    }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1031
    return false;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1032
  }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1033
  else
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1034
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1035
    // An attempt was made.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1036
    switch(response.mode)
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1037
    {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1038
      case 'login_failure':
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1039
        // Generic login user error.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1040
        var error = '', x;
1210
ad49fa34ff3c Logins: if the error message string doesn't look like a langstring id, don't prepend "user_err_" to it (some auth plugins are not localized at all, this lets them be without ugly cosmetic bugs)
Dan
parents: 1176
diff changeset
  1041
        if ( (x = $lang.get(response.error)) != response.error || ! (/^[a-z0-9_]+/).test(response.error) )
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1042
          error = x;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1043
        else
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1044
          error = $lang.get('user_err_' + response.error);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1045
        if ( response.lockout.active && response.lockout.policy == 'lockout' )
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1046
        {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1047
          // Lockout enforcement was just activated.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1048
          return $lang.get('user_err_locked_out_initial_' + response.lockout.policy, response.lockout);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1049
        }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1050
        else if ( response.lockout.policy != 'disable' && !response.lockout.active && response.lockout.fails > 0 )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1051
        {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1052
          // Lockout is in a warning state.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1053
          error += ' ' + $lang.get('user_err_invalid_credentials_' + response.lockout.policy, response.lockout);
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1054
        }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1055
        return error;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1056
        break;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1057
      case 'api_error':
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1058
        // Error in the API.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1059
        return $lang.get('user_err_login_generic_title') + ': ' + $lang.get('user_' + response.error.toLowerCase());
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1060
        break;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1061
    }
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1062
  }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1063
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1064
  return typeof(response.error) == 'string' ? response.error : false;
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1065
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
  1066
585
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1067
window.ajaxShowCaptcha = function(code)
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1068
{
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1069
  var mydiv = document.createElement('div');
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1070
  mydiv.style.backgroundColor = '#FFFFFF';
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1071
  mydiv.style.padding = '10px';
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1072
  mydiv.style.position = 'absolute';
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1073
  mydiv.style.top = '0px';
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1074
  mydiv.id = 'autoCaptcha';
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1075
  mydiv.style.zIndex = String( getHighestZ() + 1 );
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1076
  var img = document.createElement('img');
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1077
  img.onload = function()
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1078
  {
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1079
    if ( this.loaded )
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1080
      return true;
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1081
    var mydiv = document.getElementById('autoCaptcha');
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1082
    var width = getWidth();
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1083
    var divw = $dynano(mydiv).Width();
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1084
    var left = ( width / 2 ) - ( divw / 2 );
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1085
    mydiv.style.left = left + 'px';
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1086
    fly_in_top(mydiv, false, true);
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1087
    this.loaded = true;
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1088
  };
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1089
  img.src = makeUrlNS('Special', 'Captcha/' + code);
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1090
  img.onclick = function() { this.src = this.src + '/a'; };
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1091
  img.style.cursor = 'pointer';
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1092
  mydiv.appendChild(img);
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1093
  domObjChangeOpac(0, mydiv);
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1094
  var body = document.getElementsByTagName('body')[0];
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1095
  body.appendChild(mydiv);
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1096
}
35e91d16ecf5 Fixed javascript ACL manager and captcha not showing on ajax login lockout_captcha event
Dan
parents: 582
diff changeset
  1097
582
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1098
window.ajaxInitLogout = function()
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1099
{
887
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1100
  load_component(['messagebox', 'l10n', 'flyin', 'fadefilter', 'jquery', 'jquery-ui']);
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1101
  
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1102
  var title = $lang.get('user_logout_confirm_title');
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1103
  var message = ( auth_level > USER_LEVEL_MEMBER ) ? $lang.get('user_logout_confirm_body_nelev') : $lang.get('user_logout_confirm_body_normal');
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1104
  var buttons = [];
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1105
  buttons.push({
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1106
      text: $lang.get('user_logout_confirm_btn_logout'),
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1107
      color: 'red',
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1108
      style: {
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1109
        fontWeight: 'bold'
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1110
      },
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1111
      onclick: function()
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1112
      {
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1113
        miniPromptDestroy(this);
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1114
        window.location = makeUrlNS('Special', 'Logout/' + csrf_token + '/' + window.title);
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1115
        return false;
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1116
      }
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1117
    });
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1118
  if ( auth_level > USER_LEVEL_MEMBER )
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1119
  {
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1120
    buttons.push({
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1121
        text: $lang.get('user_logout_confirm_btn_deauth'),
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1122
        color: 'blue',
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1123
        onclick: function()
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1124
        {
907
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 899
diff changeset
  1125
          var mp = miniPromptGetParent(this);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 899
diff changeset
  1126
          var whitey = whiteOutMiniPrompt(mp);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 899
diff changeset
  1127
          
887
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1128
          ajaxLoginPerformRequest({
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1129
              mode:  'logout',
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1130
              level: auth_level,
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1131
              csrf_token: csrf_token
1001
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
  1132
          }, function(response)
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
  1133
            {
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
  1134
              whiteOutReportSuccess(whitey);
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
  1135
            });
887
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1136
          return false;
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1137
        }
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1138
      });
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1139
  }
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1140
  buttons.push({
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1141
      text: $lang.get('etc_cancel'),
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1142
      onclick: function()
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1143
      {
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1144
        miniPromptDestroy(this);
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1145
        return false;
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1146
      }
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1147
    });
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1148
  
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1149
  miniPromptMessage({
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1150
      title: title,
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1151
      message: message,
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1152
      buttons: buttons
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1153
  });
582
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1154
}
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1155
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1156
window.mb_logout = function()
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1157
{
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1158
  ajaxInitLogout();
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1159
}
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1160
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1161
window.ajaxStartLogin = function()
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1162
{
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1163
  ajaxLogonToMember();
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1164
}
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1165
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1166
window.ajaxStartAdminLogin = function()
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1167
{
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1168
  // IE <6 pseudo-compatibility
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1169
  if ( KILL_SWITCH )
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1170
    return true;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1171
  if ( auth_level < USER_LEVEL_ADMIN )
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1172
  {
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1173
    ajaxLoginInit(function(k) {
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1174
      ENANO_SID = k;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1175
      auth_level = USER_LEVEL_ADMIN;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1176
      var loc = makeUrlNS('Special', 'Administration');
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1177
      if ( (ENANO_SID + ' ').length > 1 )
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1178
        window.location = loc;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1179
    }, USER_LEVEL_ADMIN);
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1180
    return false;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1181
  }
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1182
  var loc = makeUrlNS('Special', 'Administration');
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1183
  window.location = loc;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1184
}
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1185
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1186
window.ajaxAdminPage = function()
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1187
{
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1188
  // IE <6 pseudo-compatibility
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1189
  if ( KILL_SWITCH )
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1190
    return true;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1191
  if ( auth_level < USER_LEVEL_ADMIN )
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1192
  {
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1193
    ajaxPromptAdminAuth(function(k) {
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1194
      ENANO_SID = k;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1195
      auth_level = USER_LEVEL_ADMIN;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1196
      var loc = String(window.location + '');
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1197
      window.location = append_sid(loc);
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1198
      var loc = makeUrlNS('Special', 'Administration', 'module=' + namespace_list['Admin'] + 'PageManager&source=ajax&page_id=' + ajaxEscape(title));
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1199
      if ( (ENANO_SID + ' ').length > 1 )
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1200
        window.location = loc;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1201
    }, 9);
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1202
    return false;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1203
  }
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1204
  var loc = makeUrlNS('Special', 'Administration', 'module=' + namespace_list['Admin'] + 'PageManager&source=ajax&page_id=' + ajaxEscape(title));
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1205
  window.location = loc;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1206
}
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1207
1098
be6cfe79128c Made internal links to the Admin namespace much smarter. (They do the login box and stuff.)
Dan
parents: 1077
diff changeset
  1208
window.ajaxLoginNavTo = function(namespace, page_id, min_level, get)
582
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1209
{
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1210
  // IE <6 pseudo-compatibility
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1211
  if ( KILL_SWITCH )
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1212
    return true;
1098
be6cfe79128c Made internal links to the Admin namespace much smarter. (They do the login box and stuff.)
Dan
parents: 1077
diff changeset
  1213
  void(namespace);
be6cfe79128c Made internal links to the Admin namespace much smarter. (They do the login box and stuff.)
Dan
parents: 1077
diff changeset
  1214
  void(page_id);
be6cfe79128c Made internal links to the Admin namespace much smarter. (They do the login box and stuff.)
Dan
parents: 1077
diff changeset
  1215
  get = get || false;
582
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1216
  if ( auth_level < min_level )
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1217
  {
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1218
    ajaxPromptAdminAuth(function(k) {
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1219
      ENANO_SID = k;
1098
be6cfe79128c Made internal links to the Admin namespace much smarter. (They do the login box and stuff.)
Dan
parents: 1077
diff changeset
  1220
      auth_level = min_level;
be6cfe79128c Made internal links to the Admin namespace much smarter. (They do the login box and stuff.)
Dan
parents: 1077
diff changeset
  1221
      var loc = makeUrlNS(namespace, page_id, get);
582
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1222
      if ( (ENANO_SID + ' ').length > 1 )
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1223
        window.location = loc;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1224
    }, min_level);
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1225
    return false;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1226
  }
1098
be6cfe79128c Made internal links to the Admin namespace much smarter. (They do the login box and stuff.)
Dan
parents: 1077
diff changeset
  1227
  var loc = makeUrlNS(namespace, page_id, get);
582
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1228
  window.location = loc;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1229
}
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1230
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1231
window.ajaxAdminUser = function(username)
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1232
{
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1233
  // IE <6 pseudo-compatibility
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1234
  if ( KILL_SWITCH )
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1235
    return true;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1236
  if ( auth_level < USER_LEVEL_ADMIN )
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1237
  {
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1238
    ajaxPromptAdminAuth(function(k) {
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1239
      ENANO_SID = k;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1240
      auth_level = USER_LEVEL_ADMIN;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1241
      var loc = String(window.location + '');
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1242
      window.location = append_sid(loc);
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1243
      var loc = makeUrlNS('Special', 'Administration', 'module=' + namespace_list['Admin'] + 'UserManager&src=get&user=' + ajaxEscape(username));
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1244
      if ( (ENANO_SID + ' ').length > 1 )
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1245
        window.location = loc;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1246
    }, 9);
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1247
    return false;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1248
  }
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1249
  var loc = makeUrlNS('Special', 'Administration', 'module=' + namespace_list['Admin'] + 'UserManager&src=get&user=' + ajaxEscape(username));
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1250
  window.location = loc;
a38876c0793c Majorly reworked Javascript runtime stuff to use on-demand loading.
Dan
parents: 550
diff changeset
  1251
}
793
c0724bf6039b Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
parents: 780
diff changeset
  1252
811
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1253
window.ajaxDynamicReauth = function(adminpage, level)
793
c0724bf6039b Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
parents: 780
diff changeset
  1254
{
1002
4d1bb8deee88 Whoa! I broke Live Re-Auth, fortunately after the 1.1.6 release.
Dan
parents: 1001
diff changeset
  1255
  if ( auth_level < USER_LEVEL_MEMBER )
1001
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
  1256
  {
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
  1257
    ajaxStartLogin();
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
  1258
    return false;
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
  1259
  }
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
  1260
  
793
c0724bf6039b Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
parents: 780
diff changeset
  1261
  var old_sid = ENANO_SID;
c0724bf6039b Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
parents: 780
diff changeset
  1262
  var targetpage = adminpage;
811
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1263
  if ( !level )
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1264
  {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1265
    level = USER_LEVEL_ADMIN;
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1266
  }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1125
diff changeset
  1267
  
1001
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
  1268
  ajaxLogonInit(function(k, response)
793
c0724bf6039b Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
parents: 780
diff changeset
  1269
    {
811
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1270
      ajaxLoginReplaceSIDInline(k, old_sid, level);
1001
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
  1271
      window.user_id = response.user_id;
79770fb4132a Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Dan
parents: 907
diff changeset
  1272
      window.user_level = response.user_level;
794
720516162012 Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
parents: 793
diff changeset
  1273
      mb_current_obj.destroy();
720516162012 Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
parents: 793
diff changeset
  1274
      if ( typeof(targetpage) == 'string' )
793
c0724bf6039b Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
parents: 780
diff changeset
  1275
      {
c0724bf6039b Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
parents: 780
diff changeset
  1276
        ajaxPage(targetpage);
c0724bf6039b Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
parents: 780
diff changeset
  1277
      }
794
720516162012 Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
parents: 793
diff changeset
  1278
      else if ( typeof(targetpage) == 'function' )
720516162012 Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
parents: 793
diff changeset
  1279
      {
887
cb96d038baff New logout interface + made DiffieHellman faster by disabling animated GIF
Dan
parents: 883
diff changeset
  1280
        targetpage(k);
794
720516162012 Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
parents: 793
diff changeset
  1281
      }
811
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1282
    }, level);
883
ac2cef868fa9 Live ReAuth: only show "timed out" error if jumping to admin page
Dan
parents: 843
diff changeset
  1283
  if ( typeof(adminpage) == 'string' )
ac2cef868fa9 Live ReAuth: only show "timed out" error if jumping to admin page
Dan
parents: 843
diff changeset
  1284
  {
ac2cef868fa9 Live ReAuth: only show "timed out" error if jumping to admin page
Dan
parents: 843
diff changeset
  1285
    ajaxLoginShowFriendlyError({
ac2cef868fa9 Live ReAuth: only show "timed out" error if jumping to admin page
Dan
parents: 843
diff changeset
  1286
        error_code: 'admin_session_timed_out',
ac2cef868fa9 Live ReAuth: only show "timed out" error if jumping to admin page
Dan
parents: 843
diff changeset
  1287
        respawn_info: {}
ac2cef868fa9 Live ReAuth: only show "timed out" error if jumping to admin page
Dan
parents: 843
diff changeset
  1288
    });
ac2cef868fa9 Live ReAuth: only show "timed out" error if jumping to admin page
Dan
parents: 843
diff changeset
  1289
  }
793
c0724bf6039b Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
parents: 780
diff changeset
  1290
}
794
720516162012 Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
parents: 793
diff changeset
  1291
720516162012 Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
parents: 793
diff changeset
  1292
window.ajaxRenewSession = function()
720516162012 Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
parents: 793
diff changeset
  1293
{
720516162012 Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
parents: 793
diff changeset
  1294
  ajaxDynamicReauth(false);
720516162012 Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
parents: 793
diff changeset
  1295
}
811
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1296
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1297
window.ajaxTrashElevSession = function()
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1298
{
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1299
  load_component(['messagebox', 'fadefilter', 'l10n', 'flyin', 'jquery', 'jquery-ui']);
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1300
  miniPromptMessage({
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1301
    title: $lang.get('user_logout_confirm_title_elev'),
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1302
    message: $lang.get('user_logout_confirm_body_elev'),
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1303
    buttons: [
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1304
      {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1305
        text: $lang.get('user_logout_confirm_btn_logout'),
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1306
        color: 'red',
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1307
        style: {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1308
          fontWeight: 'bold'
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1309
        },
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1310
        onclick: function()
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1311
        {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1312
          ajaxLoginPerformRequest({
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1313
              mode:  'logout',
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1314
              level: auth_level,
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1315
              csrf_token: csrf_token
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1316
          });
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1317
          miniPromptDestroy(this);
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1318
        }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1319
      },
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1320
      {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1321
        text: $lang.get('etc_cancel'),
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1322
        onclick: function()
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1323
        {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1324
          miniPromptDestroy(this);
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1325
        }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1326
      }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1327
    ]
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1328
  });
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1329
}
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1330
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1331
/**
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1332
 * Take an SID and patch all internal links on the page.
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1333
 * @param string New key. If false, removes keys from the page.
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1334
 * @param string Old key. If false, only appends the new SID (more work as it uses DOM, use when dynamically going up to elevated)
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1335
 * @param int New level, not a huge deal but sets auth_level. Try to specify it as some functions depend on it.
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1336
 */
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1337
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1338
window.ajaxLoginReplaceSIDInline = function(key, oldkey, level)
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1339
{
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1340
  var host = String(window.location.hostname);
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1341
  var exp = new RegExp('^https?://' + host.replace('.', '\.') + contentPath.replace('.', '\.'), 'g');
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1342
  var rexp = new RegExp('^https?://' + host.replace('.', '\.'), 'g');
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1343
  
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1344
  if ( key )
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1345
  {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1346
    if ( oldkey )
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1347
    {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1348
      var body = document.getElementsByTagName('body')[0];
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1349
      var replace = new RegExp(oldkey, 'g');
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1350
      body.innerHTML = body.innerHTML.replace(replace, key);
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1351
      ENANO_SID = key;
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1352
    }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1353
    else
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1354
    {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1355
      // append SID to all internal links
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1356
      ENANO_SID = key;
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1357
      
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1358
      var links = document.getElementsByTagName('a');
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1359
      for ( var i = 0; i < links.length; i++ )
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1360
      {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1361
        if ( links[i].href.match(exp, links[i]) && links[i].href.indexOf('#') == -1 )
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1362
        {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1363
          var newurl = (String(append_sid(links[i].href))).replace(rexp, '');
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1364
          links[i].href = newurl;
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1365
        }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1366
      }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1367
      
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1368
      var forms = document.getElementsByTagName('form');
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1369
      for ( var i = 0; i < forms.length; i++ )
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1370
      {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1371
        if ( forms[i].method.toLowerCase() == 'post' )
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1372
        {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1373
          if ( forms[i].action.match(exp, links[i]) )
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1374
          {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1375
            var newurl = (String(append_sid(forms[i].action))).replace(rexp, '');
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1376
            forms[i].action = newurl;
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1377
          }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1378
        }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1379
        else
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1380
        {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1381
          if ( !forms[i].auth )
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1382
          {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1383
            var auth = document.createElement('input');
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1384
            auth.type = 'hidden';
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1385
            auth.name = 'auth';
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1386
            auth.value = key;
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1387
            forms[i].appendChild(auth);
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1388
          }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1389
          else
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1390
          {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1391
            forms[i].auth.value = key;
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1392
          }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1393
        }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1394
      }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1395
    }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1396
    if ( level )
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1397
    {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1398
      auth_level = level;
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1399
    }
824
28d9fbcd4f0d Login: reauth: window.location.hash is now updated to include the new SID so that page reloads will use it
Dan
parents: 816
diff changeset
  1400
    window.location.hash = '#auth:' + key;
811
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1401
  }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1402
  else
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1403
  {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1404
    auth_level = USER_LEVEL_MEMBER;
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1405
    ENANO_SID = false;
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1406
    if ( oldkey )
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1407
    {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1408
      var links = document.getElementsByTagName('a');
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1409
      for ( var i = 0; i < links.length; i++ )
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1410
      {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1411
        if ( links[i].href.match(exp, links[i]) && links[i].href.indexOf('#') == -1 )
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1412
        {
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1413
          links[i].href = links[i].href.replace(/\?auth=([a-f0-9]+)(&|#|$)/, '$2').replace(/&auth=([a-f0-9]+)/, '').replace(rexp, '');
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1414
        }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1415
      }
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1416
    }
824
28d9fbcd4f0d Login: reauth: window.location.hash is now updated to include the new SID so that page reloads will use it
Dan
parents: 816
diff changeset
  1417
    window.location.hash = '#auth:false';
811
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1418
  }
907
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 899
diff changeset
  1419
  window.stdAjaxPrefix = append_sid(scriptPath + '/ajax.php?title=' + title);
811
5c807fe77020 Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
parents: 794
diff changeset
  1420
}