300 |
300 |
301 var ajax_auth_prompt_cache = false; |
301 var ajax_auth_prompt_cache = false; |
302 var ajax_auth_mb_cache = false; |
302 var ajax_auth_mb_cache = false; |
303 var ajax_auth_level_cache = false; |
303 var ajax_auth_level_cache = false; |
304 var ajax_auth_error_string = false; |
304 var ajax_auth_error_string = false; |
|
305 var ajax_auth_show_captcha = false; |
|
306 |
|
307 function ajaxAuthErrorToString($data) |
|
308 { |
|
309 var $errstring = $data.error; |
|
310 // this was literally copied straight from the PHP code. |
|
311 switch($data.error) |
|
312 { |
|
313 case 'key_not_found': |
|
314 $errstring = $lang.get('user_err_key_not_found'); |
|
315 break; |
|
316 case 'key_wrong_length': |
|
317 $errstring = $lang.get('user_err_key_wrong_length'); |
|
318 break; |
|
319 case 'too_big_for_britches': |
|
320 $errstring = $lang.get('user_err_too_big_for_britches'); |
|
321 break; |
|
322 case 'invalid_credentials': |
|
323 $errstring = $lang.get('user_err_invalid_credentials'); |
|
324 var subst = { |
|
325 lockout_fails: $data.lockout_fails, |
|
326 lockout_threshold: $data.lockout_threshold, |
|
327 lockout_duration: $data.lockout_duration |
|
328 } |
|
329 if ( $data.lockout_policy == 'lockout' ) |
|
330 { |
|
331 $errstring += $lang.get('user_err_invalid_credentials_lockout', subst); |
|
332 } |
|
333 else if ( $data.lockout_policy == 'captcha' ) |
|
334 { |
|
335 $errstring += $lang.get('user_err_invalid_credentials_lockout_captcha', subst); |
|
336 } |
|
337 break; |
|
338 case 'backend_fail': |
|
339 $errstring = $lang.get('user_err_backend_fail'); |
|
340 break; |
|
341 case 'locked_out': |
|
342 $attempts = parseInt($data['lockout_fails']); |
|
343 if ( $attempts > $data['lockout_threshold']) |
|
344 $attempts = $data['lockout_threshold']; |
|
345 $time_rem = $data.time_rem; |
|
346 $s = ( $time_rem == 1 ) ? '' : $lang.get('meta_plural'); |
|
347 |
|
348 var subst = { |
|
349 lockout_threshold: $data.lockout_threshold, |
|
350 time_rem: $time_rem, |
|
351 plural: $s, |
|
352 captcha_blurb: ( $data.lockout_policy == 'captcha' ? $lang.get('user_err_locked_out_captcha_blurb') : '' ) |
|
353 } |
|
354 |
|
355 $errstring = $lang.get('user_err_locked_out', subst); |
|
356 |
|
357 break; |
|
358 } |
|
359 return $errstring; |
|
360 } |
305 |
361 |
306 function ajaxPromptAdminAuth(call_on_ok, level) |
362 function ajaxPromptAdminAuth(call_on_ok, level) |
307 { |
363 { |
308 if ( typeof(call_on_ok) == 'function' ) |
364 if ( typeof(call_on_ok) == 'function' ) |
309 { |
365 { |
311 } |
367 } |
312 if ( !level ) |
368 if ( !level ) |
313 level = USER_LEVEL_MEMBER; |
369 level = USER_LEVEL_MEMBER; |
314 ajax_auth_level_cache = level; |
370 ajax_auth_level_cache = level; |
315 var loading_win = '<div align="center" style="text-align: center;"> \ |
371 var loading_win = '<div align="center" style="text-align: center;"> \ |
316 <p>Fetching an encryption key...</p> \ |
372 <p>' + $lang.get('user_login_ajax_fetching_key') + '</p> \ |
317 <p><small>Not working? Use the <a href="'+makeUrlNS('Special', 'Login/' + title)+'">alternate login form</a>.</p> \ |
373 <p><small>' + $lang.get('user_login_ajax_link_fullform', { link_full_form: makeUrlNS('Special', 'Login/' + title) }) + '</p> \ |
318 <p><img alt="Please wait..." src="'+scriptPath+'/images/loading-big.gif" /></p> \ |
374 <p><img alt="Please wait..." src="'+scriptPath+'/images/loading-big.gif" /></p> \ |
319 </div>'; |
375 </div>'; |
320 var title = ( level > USER_LEVEL_MEMBER ) ? 'You are requesting a sensitive operation.' : 'Please enter your username and password to continue.'; |
376 var title = ( level > USER_LEVEL_MEMBER ) ? $lang.get('user_login_ajax_prompt_title_elev') : $lang.get('user_login_ajax_prompt_title'); |
321 ajax_auth_mb_cache = new messagebox(MB_OKCANCEL|MB_ICONLOCK, title, loading_win); |
377 ajax_auth_mb_cache = new messagebox(MB_OKCANCEL|MB_ICONLOCK, title, loading_win); |
322 ajax_auth_mb_cache.onbeforeclick['OK'] = ajaxValidateLogin; |
378 ajax_auth_mb_cache.onbeforeclick['OK'] = ajaxValidateLogin; |
|
379 ajax_auth_mb_cache.onbeforeclick['Cancel'] = function() |
|
380 { |
|
381 if ( document.getElementById('autoCaptcha') ) |
|
382 { |
|
383 var to = fly_out_top(document.getElementById('autoCaptcha'), false, true); |
|
384 setTimeout(function() { |
|
385 var d = document.getElementById('autoCaptcha'); |
|
386 d.parentNode.removeChild(d); |
|
387 }, to); |
|
388 } |
|
389 } |
323 ajaxAuthLoginInnerSetup(); |
390 ajaxAuthLoginInnerSetup(); |
324 } |
391 } |
325 |
392 |
326 function ajaxAuthLoginInnerSetup() |
393 function ajaxAuthLoginInnerSetup() |
327 { |
394 { |
333 { |
400 { |
334 alert('Invalid JSON response from server: ' + response); |
401 alert('Invalid JSON response from server: ' + response); |
335 return false; |
402 return false; |
336 } |
403 } |
337 response = parseJSON(response); |
404 response = parseJSON(response); |
|
405 var disable_controls = false; |
|
406 if ( response.locked_out && !ajax_auth_error_string ) |
|
407 { |
|
408 response.error = 'locked_out'; |
|
409 ajax_auth_error_string = ajaxAuthErrorToString(response); |
|
410 if ( response.lockout_policy == 'captcha' ) |
|
411 { |
|
412 ajax_auth_show_captcha = response.captcha; |
|
413 } |
|
414 else |
|
415 { |
|
416 disable_controls = true; |
|
417 } |
|
418 } |
338 var level = ajax_auth_level_cache; |
419 var level = ajax_auth_level_cache; |
339 var form_html = ''; |
420 var form_html = ''; |
340 var shown_error = false; |
421 var shown_error = false; |
341 if ( ajax_auth_error_string ) |
422 if ( ajax_auth_error_string ) |
342 { |
423 { |
344 form_html += '<div class="error-box-mini" id="ajax_auth_error">' + ajax_auth_error_string + '</div>'; |
425 form_html += '<div class="error-box-mini" id="ajax_auth_error">' + ajax_auth_error_string + '</div>'; |
345 ajax_auth_error_string = false; |
426 ajax_auth_error_string = false; |
346 } |
427 } |
347 else if ( level > USER_LEVEL_MEMBER ) |
428 else if ( level > USER_LEVEL_MEMBER ) |
348 { |
429 { |
349 form_html += 'Please re-enter your login details, to verify your identity.<br /><br />'; |
430 form_html += $lang.get('user_login_ajax_prompt_body_elev') + '<br /><br />'; |
350 } |
431 } |
|
432 if ( ajax_auth_show_captcha ) |
|
433 { |
|
434 var captcha_html = ' \ |
|
435 <tr> \ |
|
436 <td>' + $lang.get('user_login_field_captcha') + ':</td> \ |
|
437 <td><input type="hidden" id="ajaxlogin_captcha_hash" value="' + ajax_auth_show_captcha + '" /><input type="text" tabindex="3" size="25" id="ajaxlogin_captcha_code" /> \ |
|
438 </tr>'; |
|
439 } |
|
440 else |
|
441 { |
|
442 var captcha_html = ''; |
|
443 } |
|
444 var disableme = ( disable_controls ) ? 'disabled="disabled" ' : ''; |
351 form_html += ' \ |
445 form_html += ' \ |
352 <table border="0" align="center"> \ |
446 <table border="0" align="center"> \ |
353 <tr> \ |
447 <tr> \ |
354 <td>Username:</td><td><input tabindex="1" id="ajaxlogin_user" type="text" size="25" /> \ |
448 <td>' + $lang.get('user_login_field_username') + ':</td><td><input tabindex="1" id="ajaxlogin_user" type="text" ' + disableme + 'size="25" /> \ |
355 </tr> \ |
449 </tr> \ |
356 <tr> \ |
450 <tr> \ |
357 <td>Password:</td><td><input tabindex="2" id="ajaxlogin_pass" type="password" size="25" /> \ |
451 <td>' + $lang.get('user_login_field_password') + ':</td><td><input tabindex="2" id="ajaxlogin_pass" type="password" ' + disableme + 'size="25" /> \ |
358 </tr> \ |
452 </tr> \ |
|
453 ' + captcha_html + ' \ |
359 <tr> \ |
454 <tr> \ |
360 <td colspan="2" style="text-align: center;"> \ |
455 <td colspan="2" style="text-align: center;"> \ |
361 <br /><small>Trouble logging in? Try the <a href="'+makeUrlNS('Special', 'Login/' + title, 'level=' + level)+'">full login form</a>.<br />'; |
456 <small>' + $lang.get('user_login_ajax_link_fullform', { link_full_form: makeUrlNS('Special', 'Login/' + title, 'level=' + level) }) + '<br />'; |
362 if ( level <= USER_LEVEL_MEMBER ) |
457 if ( level <= USER_LEVEL_MEMBER ) |
363 { |
458 { |
364 form_html += ' \ |
459 form_html += ' \ |
365 Did you <a href="'+makeUrlNS('Special', 'PasswordReset')+'">forget your password</a>?<br /> \ |
460 ' + $lang.get('user_login_ajax_link_forgotpass', { forgotpass_link: makeUrlNS('Special', 'PasswordReset') }) + '<br /> \ |
366 Maybe you need to <a href="'+makeUrlNS('Special', 'Register')+'">create an account</a>.</small>'; |
461 ' + $lang.get('user_login_createaccount_blurb', { reg_link: makeUrlNS('Special', 'Register') }); |
367 } |
462 } |
368 form_html += ' \ |
463 form_html += '</small> \ |
369 </td> \ |
464 </td> \ |
370 </tr> \ |
465 </tr> \ |
371 </table> \ |
466 </table> \ |
372 <input type="hidden" id="ajaxlogin_crypt_key" value="' + response.key + '" /> \ |
467 <input type="hidden" id="ajaxlogin_crypt_key" value="' + response.key + '" /> \ |
373 <input type="hidden" id="ajaxlogin_crypt_challenge" value="' + response.challenge + '" /> \ |
468 <input type="hidden" id="ajaxlogin_crypt_challenge" value="' + response.challenge + '" /> \ |
381 } |
476 } |
382 else |
477 else |
383 { |
478 { |
384 $('ajaxlogin_user').object.focus(); |
479 $('ajaxlogin_user').object.focus(); |
385 } |
480 } |
386 $('ajaxlogin_pass').object.onblur = function(e) { if ( !shift ) $('messageBox').object.nextSibling.firstChild.focus(); }; |
481 if ( ajax_auth_show_captcha ) |
387 $('ajaxlogin_pass').object.onkeypress = function(e) { if ( !e && IE ) return true; if ( e.keyCode == 13 ) $('messageBox').object.nextSibling.firstChild.click(); }; |
482 { |
|
483 $('ajaxlogin_captcha_code').object.onblur = function(e) { if ( !shift ) $('messageBox').object.nextSibling.firstChild.focus(); }; |
|
484 $('ajaxlogin_captcha_code').object.onkeypress = function(e) { if ( !e && IE ) return true; if ( e.keyCode == 13 ) $('messageBox').object.nextSibling.firstChild.click(); }; |
|
485 } |
|
486 else |
|
487 { |
|
488 $('ajaxlogin_pass').object.onblur = function(e) { if ( !shift ) $('messageBox').object.nextSibling.firstChild.focus(); }; |
|
489 $('ajaxlogin_pass').object.onkeypress = function(e) { if ( !e && IE ) return true; if ( e.keyCode == 13 ) $('messageBox').object.nextSibling.firstChild.click(); }; |
|
490 } |
|
491 if ( disable_controls ) |
|
492 { |
|
493 var panel = document.getElementById('messageBoxButtons'); |
|
494 panel.firstChild.disabled = true; |
|
495 } |
388 /* |
496 /* |
389 ## This causes the background image to disappear under Fx 2 |
497 ## This causes the background image to disappear under Fx 2 |
390 if ( shown_error ) |
498 if ( shown_error ) |
391 { |
499 { |
392 // fade to #FFF4F4 |
500 // fade to #FFF4F4 |
410 return false; |
523 return false; |
411 username = document.getElementById('ajaxlogin_user').value; |
524 username = document.getElementById('ajaxlogin_user').value; |
412 password = document.getElementById('ajaxlogin_pass').value; |
525 password = document.getElementById('ajaxlogin_pass').value; |
413 auth_enabled = false; |
526 auth_enabled = false; |
414 |
527 |
|
528 if ( document.getElementById('autoCaptcha') ) |
|
529 { |
|
530 var to = fly_out_top(document.getElementById('autoCaptcha'), false, true); |
|
531 setTimeout(function() { |
|
532 var d = document.getElementById('autoCaptcha'); |
|
533 d.parentNode.removeChild(d); |
|
534 }, to); |
|
535 } |
|
536 |
415 disableJSONExts(); |
537 disableJSONExts(); |
416 |
538 |
417 // |
539 // |
418 // Encryption test |
540 // Encryption test |
419 // |
541 // |
465 'challenge' : challenge_data, |
587 'challenge' : challenge_data, |
466 'crypt_data' : crypt_data, |
588 'crypt_data' : crypt_data, |
467 'level' : ajax_auth_level_cache |
589 'level' : ajax_auth_level_cache |
468 }; |
590 }; |
469 |
591 |
|
592 if ( document.getElementById('ajaxlogin_captcha_hash') ) |
|
593 { |
|
594 json_data.captcha_hash = document.getElementById('ajaxlogin_captcha_hash').value; |
|
595 json_data.captcha_code = document.getElementById('ajaxlogin_captcha_code').value; |
|
596 } |
|
597 |
470 json_data = toJSONString(json_data); |
598 json_data = toJSONString(json_data); |
471 json_data = encodeURIComponent(json_data); |
599 json_data = encodeURIComponent(json_data); |
472 |
600 |
473 var loading_win = '<div align="center" style="text-align: center;"> \ |
601 var loading_win = '<div align="center" style="text-align: center;"> \ |
474 <p>Logging in...</p> \ |
602 <p>' + $lang.get('user_login_ajax_loggingin') + '</p> \ |
475 <p><img alt="Please wait..." src="'+scriptPath+'/images/loading-big.gif" /></p> \ |
603 <p><img alt="Please wait..." src="'+scriptPath+'/images/loading-big.gif" /></p> \ |
476 </div>'; |
604 </div>'; |
477 |
605 |
478 ajax_auth_mb_cache.updateContent(loading_win); |
606 ajax_auth_mb_cache.updateContent(loading_win); |
479 |
607 |
507 { |
635 { |
508 ajaxAuthLoginInnerSetup(); |
636 ajaxAuthLoginInnerSetup(); |
509 } |
637 } |
510 break; |
638 break; |
511 case 'error': |
639 case 'error': |
512 if ( response.error == 'The username and/or password is incorrect.' ) |
640 if ( response.data.error == 'invalid_credentials' || response.data.error == 'locked_out' ) |
513 { |
641 { |
514 ajax_auth_error_string = response.error; |
642 ajax_auth_error_string = ajaxAuthErrorToString(response.data); |
515 mb_current_obj.updateContent(''); |
643 mb_current_obj.updateContent(''); |
516 document.getElementById('messageBox').style.backgroundColor = '#C0C0C0'; |
644 document.getElementById('messageBox').style.backgroundColor = '#C0C0C0'; |
517 var mb_parent = document.getElementById('messageBox').parentNode; |
645 var mb_parent = document.getElementById('messageBox').parentNode; |
518 new Spry.Effect.Shake(mb_parent, {duration: 1500}).start(); |
646 new Spry.Effect.Shake(mb_parent, {duration: 1500}).start(); |
519 setTimeout("document.getElementById('messageBox').style.backgroundColor = '#FFF'; ajaxAuthLoginInnerSetup();", 2500); |
647 setTimeout("document.getElementById('messageBox').style.backgroundColor = '#FFF'; ajaxAuthLoginInnerSetup();", 2500); |
|
648 |
|
649 if ( response.data.lockout_policy == 'captcha' && response.data.error == 'locked_out' ) |
|
650 { |
|
651 ajax_auth_show_captcha = response.captcha; |
|
652 } |
520 } |
653 } |
521 else |
654 else |
522 { |
655 { |
523 alert(response.error); |
656 ajax_auth_error_string = ajaxAuthErrorToString(response.data); |
524 ajaxAuthLoginInnerSetup(); |
657 ajaxAuthLoginInnerSetup(); |
525 } |
658 } |
526 break; |
659 break; |
527 default: |
660 default: |
528 alert(ajax.responseText); |
661 alert(ajax.responseText); |