--- a/includes/clientside/static/misc.js Tue Feb 19 08:32:57 2008 -0500
+++ b/includes/clientside/static/misc.js Wed Feb 20 14:38:39 2008 -0500
@@ -299,383 +299,13 @@
/*
* AJAX login box (experimental)
+ * Moved / rewritten in login.js
*/
-var ajax_auth_prompt_cache = false;
-var ajax_auth_mb_cache = false;
-var ajax_auth_level_cache = false;
-var ajax_auth_error_string = false;
-var ajax_auth_show_captcha = false;
-
-function ajaxAuthErrorToString($data)
-{
- var $errstring = $data.error;
- // this was literally copied straight from the PHP code.
- switch($data.error)
- {
- case 'key_not_found':
- $errstring = $lang.get('user_err_key_not_found');
- break;
- case 'key_wrong_length':
- $errstring = $lang.get('user_err_key_wrong_length');
- break;
- case 'too_big_for_britches':
- $errstring = $lang.get('user_err_too_big_for_britches');
- break;
- case 'invalid_credentials':
- $errstring = $lang.get('user_err_invalid_credentials');
- var subst = {
- fails: $data.lockout_fails,
- lockout_threshold: $data.lockout_threshold,
- lockout_duration: $data.lockout_duration
- }
- if ( $data.lockout_policy == 'lockout' )
- {
- $errstring += $lang.get('user_err_invalid_credentials_lockout', subst);
- }
- else if ( $data.lockout_policy == 'captcha' )
- {
- $errstring += $lang.get('user_err_invalid_credentials_lockout_captcha', subst);
- }
- break;
- case 'backend_fail':
- $errstring = $lang.get('user_err_backend_fail');
- break;
- case 'locked_out':
- $attempts = parseInt($data['lockout_fails']);
- if ( $attempts > $data['lockout_threshold'])
- $attempts = $data['lockout_threshold'];
- $time_rem = $data.time_rem;
- $s = ( $time_rem == 1 ) ? '' : $lang.get('meta_plural');
-
- var subst = {
- lockout_threshold: $data.lockout_threshold,
- time_rem: $time_rem,
- plural: $s,
- captcha_blurb: ( $data.lockout_policy == 'captcha' ? $lang.get('user_err_locked_out_captcha_blurb') : '' )
- }
-
- $errstring = $lang.get('user_err_locked_out', subst);
-
- break;
- }
- return $errstring;
-}
-
+// Included only for API-compatibility
function ajaxPromptAdminAuth(call_on_ok, level)
{
- if ( typeof(call_on_ok) == 'function' )
- {
- ajax_auth_prompt_cache = call_on_ok;
- }
- if ( !level )
- level = USER_LEVEL_MEMBER;
- ajax_auth_level_cache = level;
- var loading_win = '<div align="center" style="text-align: center;"> \
- <p>' + $lang.get('user_login_ajax_fetching_key') + '</p> \
- <p><small>' + $lang.get('user_login_ajax_link_fullform', { link_full_form: makeUrlNS('Special', 'Login/' + title) }) + '</p> \
- <p><img alt="Please wait..." src="'+scriptPath+'/images/loading-big.gif" /></p> \
- </div>';
- var title = ( level > USER_LEVEL_MEMBER ) ? $lang.get('user_login_ajax_prompt_title_elev') : $lang.get('user_login_ajax_prompt_title');
- ajax_auth_mb_cache = new messagebox(MB_OKCANCEL|MB_ICONLOCK, title, loading_win);
- ajax_auth_mb_cache.onbeforeclick['OK'] = ajaxValidateLogin;
- ajax_auth_mb_cache.onbeforeclick['Cancel'] = function()
- {
- if ( document.getElementById('autoCaptcha') )
- {
- var to = fly_out_top(document.getElementById('autoCaptcha'), false, true);
- setTimeout(function() {
- var d = document.getElementById('autoCaptcha');
- d.parentNode.removeChild(d);
- }, to);
- }
- }
- ajaxAuthLoginInnerSetup();
-}
-
-function ajaxAuthLoginInnerSetup()
-{
- // let's hope this gets the image cached
- var _ = new Image(32, 32);
- _.src = scriptPath + "/images/check.png";
-
- ajaxGet(makeUrlNS('Special', 'Login', 'act=getkey'), function() {
- if ( ajax.readyState == 4 && ajax.status == 200 )
- {
- var response = String(ajax.responseText);
- if ( response.substr(0,1) != '{' )
- {
- handle_invalid_json(response);
- ajax_auth_mb_cache.destroy();
- return false;
- }
- response = parseJSON(response);
- var disable_controls = false;
- if ( response.locked_out && !ajax_auth_error_string )
- {
- response.error = 'locked_out';
- ajax_auth_error_string = ajaxAuthErrorToString(response);
- if ( response.lockout_policy == 'captcha' )
- {
- ajax_auth_show_captcha = response.captcha;
- }
- else
- {
- disable_controls = true;
- }
- }
- var level = ajax_auth_level_cache;
- var form_html = '';
- var shown_error = false;
- if ( ajax_auth_error_string )
- {
- shown_error = true;
- form_html += '<div class="error-box-mini" id="ajax_auth_error">' + ajax_auth_error_string + '</div>';
- ajax_auth_error_string = false;
- }
- else if ( level > USER_LEVEL_MEMBER )
- {
- form_html += $lang.get('user_login_ajax_prompt_body_elev') + '<br /><br />';
- }
- if ( ajax_auth_show_captcha )
- {
- var captcha_html = ' \
- <tr> \
- <td>' + $lang.get('user_login_field_captcha') + ':</td> \
- <td><input type="hidden" id="ajaxlogin_captcha_hash" value="' + ajax_auth_show_captcha + '" /><input type="text" tabindex="3" size="25" id="ajaxlogin_captcha_code" /> \
- </tr>';
- }
- else
- {
- var captcha_html = '';
- }
- var disableme = ( disable_controls ) ? 'disabled="disabled" ' : '';
- form_html += ' \
- <form action="#" onsubmit="ajaxValidateLogin(); return false;" name="ajax_login_form"> \
- <table border="0" align="center"> \
- <tr> \
- <td>' + $lang.get('user_login_field_username') + ':</td><td><input tabindex="1" id="ajaxlogin_user" type="text" ' + disableme + 'size="25" /> \
- </tr> \
- <tr> \
- <td>' + $lang.get('user_login_field_password') + ':</td><td><input tabindex="2" id="ajaxlogin_pass" type="password" ' + disableme + 'size="25" /> \
- </tr> \
- ' + captcha_html + ' \
- <tr> \
- <td colspan="2" style="text-align: center;"> \
- <small>' + $lang.get('user_login_ajax_link_fullform', { link_full_form: makeUrlNS('Special', 'Login/' + title, 'level=' + level) }) + '<br />';
- if ( level <= USER_LEVEL_MEMBER )
- {
- form_html += ' \
- ' + $lang.get('user_login_ajax_link_forgotpass', { forgotpass_link: makeUrlNS('Special', 'PasswordReset') }) + '<br /> \
- ' + $lang.get('user_login_createaccount_blurb', { reg_link: makeUrlNS('Special', 'Register') });
- }
- form_html += '</small> \
- </td> \
- </tr> \
- </table> \
- <input type="hidden" id="ajaxlogin_crypt_key" value="' + response.key + '" /> \
- <input type="hidden" id="ajaxlogin_crypt_challenge" value="' + response.challenge + '" /> \
- </form>';
- ajax_auth_mb_cache.updateContent(form_html);
- $dynano('messageBox').object.nextSibling.firstChild.tabindex = '3';
- if ( typeof(response.username) == 'string' )
- {
- $dynano('ajaxlogin_user').object.value = response.username;
- if ( IE )
- {
- setTimeout("document.forms['ajax_login_form'].password.focus();", 200);
- }
- else
- {
- $dynano('ajaxlogin_pass').object.focus();
- }
- }
- else
- {
- if ( IE )
- {
- setTimeout("document.forms['ajax_login_form'].username.focus();", 200);
- }
- else
- {
- $dynano('ajaxlogin_user').object.focus();
- }
- }
- var enter_obj = ( ajax_auth_show_captcha ) ? 'ajaxlogin_captcha_code' : 'ajaxlogin_pass';
- $dynano(enter_obj).object.onblur = function(e) { if ( !shift ) $dynano('messageBox').object.nextSibling.firstChild.focus(); };
- $dynano(enter_obj).object.onkeypress = function(e)
- {
- // Trigger a form submit when the password field is focused and the user presses enter
-
- // IE doesn't give us an event object when it should - check window.event. If that
- // still fails, give up.
- if ( !e )
- {
- e = window.event;
- }
- if ( !e && IE )
- {
- return true;
- }
- if ( e.keyCode == 13 )
- {
- ajaxValidateLogin();
- }
- };
- /*
- ## This causes the background image to disappear under Fx 2
- if ( shown_error )
- {
- // fade to #FFF4F4
- var fader = new Spry.Effect.Highlight('ajax_auth_error', {duration: 1000, from: '#FFF4F4', to: '#805600', restoreColor: '#805600', finish: function()
- {
- var fader = new Spry.Effect.Highlight('ajax_auth_error', {duration: 3000, from: '#805600', to: '#FFF4F4', restoreColor: '#FFF4F4'});
- fader.start();
- }});
- fader.start();
- }
- */
- if ( ajax_auth_show_captcha )
- {
- ajaxShowCaptcha(ajax_auth_show_captcha);
- ajax_auth_show_captcha = false;
- }
- }
- });
-}
-
-function ajaxValidateLogin()
-{
- var username,password,auth_enabled,crypt_key,crypt_data,challenge_salt,challenge_data;
- username = document.getElementById('ajaxlogin_user');
- if ( !username )
- return false;
- username = document.getElementById('ajaxlogin_user').value;
- password = document.getElementById('ajaxlogin_pass').value;
- auth_enabled = false;
-
- if ( document.getElementById('autoCaptcha') )
- {
- var to = fly_out_top(document.getElementById('autoCaptcha'), false, true);
- setTimeout(function() {
- var d = document.getElementById('autoCaptcha');
- d.parentNode.removeChild(d);
- }, to);
- }
-
- disableJSONExts();
-
- var auth_enabled = aes_self_test();
-
- if ( !auth_enabled )
- {
- alert('Login error: encryption sanity check failed\n');
- return true;
- }
-
- crypt_key = document.getElementById('ajaxlogin_crypt_key').value;
- challenge_salt = document.getElementById('ajaxlogin_crypt_challenge').value;
-
- var crypt_key_md5 = hex_md5(crypt_key);
-
- challenge_data = hex_md5(password + challenge_salt) + challenge_salt;
-
- password = stringToByteArray(password);
- crypt_key = hexToByteArray(crypt_key);
-
- crypt_data = rijndaelEncrypt(password, crypt_key, 'ECB');
- crypt_data = byteArrayToHex(crypt_data);
-
- var json_data = {
- 'username' : username,
- 'crypt_key' : crypt_key_md5,
- 'challenge' : challenge_data,
- 'crypt_data' : crypt_data,
- 'level' : ajax_auth_level_cache
- };
-
- if ( document.getElementById('ajaxlogin_captcha_hash') )
- {
- json_data.captcha_hash = document.getElementById('ajaxlogin_captcha_hash').value;
- json_data.captcha_code = document.getElementById('ajaxlogin_captcha_code').value;
- }
-
- json_data = toJSONString(json_data);
- json_data = encodeURIComponent(json_data);
-
- var loading_win = '<div align="center" style="text-align: center;"> \
- <p>' + $lang.get('user_login_ajax_loggingin') + '</p> \
- <p><img alt="Please wait..." src="'+scriptPath+'/images/loading-big.gif" /></p> \
- </div>';
-
- ajax_auth_mb_cache.updateContent(loading_win);
-
- ajaxPost(makeUrlNS('Special', 'Login', 'act=ajaxlogin'), 'params=' + json_data, function() {
- if ( ajax.readyState == 4 && ajax.status == 200 )
- {
- var response = ajax.responseText;
- if ( response.substr(0,1) != '{' )
- {
- alert('Invalid JSON response from server: ' + response);
- ajaxAuthLoginInnerSetup();
- return false;
- }
- response = parseJSON(response);
- switch(response.result)
- {
- case 'success':
- var success_win = '<div align="center" style="text-align: center;"> \
- <p>' + $lang.get('user_login_success_short') + '</p> \
- <p><img alt=" " src="'+scriptPath+'/images/check.png" /></p> \
- </div>';
- ajax_auth_mb_cache.updateContent(success_win);
- if ( typeof(ajax_auth_prompt_cache) == 'function' )
- {
- ajax_auth_prompt_cache(response.key);
- }
- break;
- case 'success_reset':
- var conf = confirm($lang.get('user_login_ajax_msg_used_temp_pass'));
- if ( conf )
- {
- var url = makeUrlNS('Special', 'PasswordReset/stage2/' + response.user_id + '/' + response.temppass);
- window.location = url;
- }
- else
- {
- ajaxAuthLoginInnerSetup();
- }
- break;
- case 'error':
- if ( response.data.error == 'invalid_credentials' || response.data.error == 'locked_out' )
- {
- ajax_auth_error_string = ajaxAuthErrorToString(response.data);
- mb_current_obj.updateContent('');
- document.getElementById('messageBox').style.backgroundColor = '#C0C0C0';
- var mb_parent = document.getElementById('messageBox').parentNode;
- new Spry.Effect.Shake(mb_parent, {duration: 1500}).start();
- setTimeout("document.getElementById('messageBox').style.backgroundColor = '#FFF'; ajaxAuthLoginInnerSetup();", 2500);
-
- if ( response.data.lockout_policy == 'captcha' && response.data.error == 'locked_out' )
- {
- ajax_auth_show_captcha = response.captcha;
- }
- }
- else
- {
- ajax_auth_error_string = ajaxAuthErrorToString(response.data);
- ajaxAuthLoginInnerSetup();
- }
- break;
- default:
- alert(ajax.responseText);
- break;
- }
- }
- });
-
- return true;
-
+ ajaxLogonInit(call_on_ok, level);
}
// This code is in the public domain. Feel free to link back to http://jan.moesen.nu/