diff -r a434d60e525d -r 242353360e37 includes/clientside/static/misc.js
--- a/includes/clientside/static/misc.js	Tue Feb 19 08:32:57 2008 -0500
+++ b/includes/clientside/static/misc.js	Wed Feb 20 14:38:39 2008 -0500
@@ -299,383 +299,13 @@
 
 /*
  * AJAX login box (experimental)
+ * Moved / rewritten in login.js
  */
 
-var ajax_auth_prompt_cache = false;
-var ajax_auth_mb_cache = false;
-var ajax_auth_level_cache = false;
-var ajax_auth_error_string = false;
-var ajax_auth_show_captcha = false;
-
-function ajaxAuthErrorToString($data)
-{
-  var $errstring = $data.error;
-  // this was literally copied straight from the PHP code.
-  switch($data.error)
-  {
-    case 'key_not_found':
-      $errstring = $lang.get('user_err_key_not_found');
-      break;
-    case 'key_wrong_length':
-      $errstring = $lang.get('user_err_key_wrong_length');
-      break;
-    case 'too_big_for_britches':
-      $errstring = $lang.get('user_err_too_big_for_britches');
-      break;
-    case 'invalid_credentials':
-      $errstring = $lang.get('user_err_invalid_credentials');
-      var subst = {
-        fails: $data.lockout_fails,
-        lockout_threshold: $data.lockout_threshold,
-        lockout_duration: $data.lockout_duration
-      }
-      if ( $data.lockout_policy == 'lockout' )
-      {
-        $errstring += $lang.get('user_err_invalid_credentials_lockout', subst);
-      }
-      else if ( $data.lockout_policy == 'captcha' )
-      {
-        $errstring += $lang.get('user_err_invalid_credentials_lockout_captcha', subst);
-      }
-      break;
-    case 'backend_fail':
-      $errstring = $lang.get('user_err_backend_fail');
-      break;
-    case 'locked_out':
-      $attempts = parseInt($data['lockout_fails']);
-      if ( $attempts > $data['lockout_threshold'])
-        $attempts = $data['lockout_threshold'];
-      $time_rem = $data.time_rem;
-      $s = ( $time_rem == 1 ) ? '' : $lang.get('meta_plural');
-      
-      var subst = {
-        lockout_threshold: $data.lockout_threshold,
-        time_rem: $time_rem,
-        plural: $s,
-        captcha_blurb: ( $data.lockout_policy == 'captcha' ? $lang.get('user_err_locked_out_captcha_blurb') : '' )
-      }
-      
-      $errstring = $lang.get('user_err_locked_out', subst);
-      
-      break;
-  }
-  return $errstring;
-}
-
+// Included only for API-compatibility
 function ajaxPromptAdminAuth(call_on_ok, level)
 {
-  if ( typeof(call_on_ok) == 'function' )
-  {
-    ajax_auth_prompt_cache = call_on_ok;
-  }
-  if ( !level )
-    level = USER_LEVEL_MEMBER;
-  ajax_auth_level_cache = level;
-  var loading_win = '<div align="center" style="text-align: center;"> \
-      <p>' + $lang.get('user_login_ajax_fetching_key') + '</p> \
-      <p><small>' + $lang.get('user_login_ajax_link_fullform', { link_full_form: makeUrlNS('Special', 'Login/' + title) }) + '</p> \
-      <p><img alt="Please wait..." src="'+scriptPath+'/images/loading-big.gif" /></p> \
-    </div>';
-  var title = ( level > USER_LEVEL_MEMBER ) ? $lang.get('user_login_ajax_prompt_title_elev') : $lang.get('user_login_ajax_prompt_title');
-  ajax_auth_mb_cache = new messagebox(MB_OKCANCEL|MB_ICONLOCK, title, loading_win);
-  ajax_auth_mb_cache.onbeforeclick['OK'] = ajaxValidateLogin;
-  ajax_auth_mb_cache.onbeforeclick['Cancel'] = function()
-  {
-    if ( document.getElementById('autoCaptcha') )
-    {
-      var to = fly_out_top(document.getElementById('autoCaptcha'), false, true);
-      setTimeout(function() {
-          var d = document.getElementById('autoCaptcha');
-          d.parentNode.removeChild(d);
-        }, to);
-    }
-  }
-  ajaxAuthLoginInnerSetup();
-}
-
-function ajaxAuthLoginInnerSetup()
-{
-  // let's hope this gets the image cached
-  var _ = new Image(32, 32); 
-  _.src = scriptPath + "/images/check.png";
-  
-  ajaxGet(makeUrlNS('Special', 'Login', 'act=getkey'), function() {
-      if ( ajax.readyState == 4 && ajax.status == 200 )
-      {
-        var response = String(ajax.responseText);
-        if ( response.substr(0,1) != '{' )
-        {
-          handle_invalid_json(response);
-          ajax_auth_mb_cache.destroy();
-          return false;
-        }
-        response = parseJSON(response);
-        var disable_controls = false;
-        if ( response.locked_out && !ajax_auth_error_string )
-        {
-          response.error = 'locked_out';
-          ajax_auth_error_string = ajaxAuthErrorToString(response);
-          if ( response.lockout_policy == 'captcha' )
-          {
-            ajax_auth_show_captcha = response.captcha;
-          }
-          else
-          {
-            disable_controls = true;
-          }
-        }
-        var level = ajax_auth_level_cache;
-        var form_html = '';
-        var shown_error = false;
-        if ( ajax_auth_error_string )
-        {
-          shown_error = true;
-          form_html += '<div class="error-box-mini" id="ajax_auth_error">' + ajax_auth_error_string + '</div>';
-          ajax_auth_error_string = false;
-        }
-        else if ( level > USER_LEVEL_MEMBER )
-        {
-          form_html += $lang.get('user_login_ajax_prompt_body_elev') + '<br /><br />';
-        }
-        if ( ajax_auth_show_captcha )
-         {
-           var captcha_html = ' \
-             <tr> \
-               <td>' + $lang.get('user_login_field_captcha') + ':</td> \
-               <td><input type="hidden" id="ajaxlogin_captcha_hash" value="' + ajax_auth_show_captcha + '" /><input type="text" tabindex="3" size="25" id="ajaxlogin_captcha_code" /> \
-             </tr>';
-         }
-         else
-         {
-           var captcha_html = '';
-         }
-         var disableme = ( disable_controls ) ? 'disabled="disabled" ' : '';
-        form_html += ' \
-          <form action="#" onsubmit="ajaxValidateLogin(); return false;" name="ajax_login_form"> \
-            <table border="0" align="center"> \
-              <tr> \
-                <td>' + $lang.get('user_login_field_username') + ':</td><td><input tabindex="1" id="ajaxlogin_user" type="text"     ' + disableme + 'size="25" /> \
-              </tr> \
-              <tr> \
-                <td>' + $lang.get('user_login_field_password') + ':</td><td><input tabindex="2" id="ajaxlogin_pass" type="password" ' + disableme + 'size="25" /> \
-              </tr> \
-              ' + captcha_html + ' \
-              <tr> \
-                <td colspan="2" style="text-align: center;"> \
-                <small>' + $lang.get('user_login_ajax_link_fullform', { link_full_form: makeUrlNS('Special', 'Login/' + title, 'level=' + level) }) + '<br />';
-       if ( level <= USER_LEVEL_MEMBER )
-       {
-         form_html += ' \
-                  ' + $lang.get('user_login_ajax_link_forgotpass', { forgotpass_link: makeUrlNS('Special', 'PasswordReset') }) + '<br /> \
-                  ' + $lang.get('user_login_createaccount_blurb', { reg_link: makeUrlNS('Special', 'Register') });
-       }
-       form_html += '</small> \
-                </td> \
-              </tr> \
-            </table> \
-            <input type="hidden" id="ajaxlogin_crypt_key"       value="' + response.key + '" /> \
-            <input type="hidden" id="ajaxlogin_crypt_challenge" value="' + response.challenge + '" /> \
-          </form>';
-        ajax_auth_mb_cache.updateContent(form_html);
-        $dynano('messageBox').object.nextSibling.firstChild.tabindex = '3';
-        if ( typeof(response.username) == 'string' )
-        {
-          $dynano('ajaxlogin_user').object.value = response.username;
-          if ( IE )
-          {
-            setTimeout("document.forms['ajax_login_form'].password.focus();", 200);
-          }
-          else
-          {
-            $dynano('ajaxlogin_pass').object.focus();
-          }
-        }
-        else
-        {
-          if ( IE )
-          {
-            setTimeout("document.forms['ajax_login_form'].username.focus();", 200);
-          }
-          else
-          {
-            $dynano('ajaxlogin_user').object.focus();
-          }
-        }
-        var enter_obj = ( ajax_auth_show_captcha ) ? 'ajaxlogin_captcha_code' : 'ajaxlogin_pass';
-        $dynano(enter_obj).object.onblur = function(e) { if ( !shift ) $dynano('messageBox').object.nextSibling.firstChild.focus(); };
-        $dynano(enter_obj).object.onkeypress = function(e)
-        {
-          // Trigger a form submit when the password field is focused and the user presses enter
-          
-          // IE doesn't give us an event object when it should - check window.event. If that
-          // still fails, give up.
-          if ( !e )
-          {
-            e = window.event;
-          }
-          if ( !e && IE )
-          {
-            return true;
-          }
-          if ( e.keyCode == 13 )
-          {
-            ajaxValidateLogin();
-          }
-        };
-        /*
-        ## This causes the background image to disappear under Fx 2
-        if ( shown_error )
-        {
-          // fade to #FFF4F4
-          var fader = new Spry.Effect.Highlight('ajax_auth_error', {duration: 1000, from: '#FFF4F4', to: '#805600', restoreColor: '#805600', finish: function()
-              {
-                var fader = new Spry.Effect.Highlight('ajax_auth_error', {duration: 3000, from: '#805600', to: '#FFF4F4', restoreColor: '#FFF4F4'});
-                fader.start();
-          }});
-          fader.start();
-        }
-        */
-        if ( ajax_auth_show_captcha )
-        {
-          ajaxShowCaptcha(ajax_auth_show_captcha);
-          ajax_auth_show_captcha = false;
-        }
-      }
-    });
-}
-
-function ajaxValidateLogin()
-{
-  var username,password,auth_enabled,crypt_key,crypt_data,challenge_salt,challenge_data;
-  username = document.getElementById('ajaxlogin_user');
-  if ( !username )
-    return false;
-  username = document.getElementById('ajaxlogin_user').value;
-  password = document.getElementById('ajaxlogin_pass').value;
-  auth_enabled = false;
-  
-  if ( document.getElementById('autoCaptcha') )
-  {
-    var to = fly_out_top(document.getElementById('autoCaptcha'), false, true);
-    setTimeout(function() {
-        var d = document.getElementById('autoCaptcha');
-        d.parentNode.removeChild(d);
-      }, to);
-  }
-  
-  disableJSONExts();
-  
-  var auth_enabled = aes_self_test();
-  
-  if ( !auth_enabled )
-  {
-    alert('Login error: encryption sanity check failed\n');
-    return true;
-  }
-  
-  crypt_key = document.getElementById('ajaxlogin_crypt_key').value;
-  challenge_salt = document.getElementById('ajaxlogin_crypt_challenge').value;
-  
-  var crypt_key_md5 = hex_md5(crypt_key);
-  
-  challenge_data = hex_md5(password + challenge_salt) + challenge_salt;
-  
-  password = stringToByteArray(password);
-  crypt_key = hexToByteArray(crypt_key);
-  
-  crypt_data = rijndaelEncrypt(password, crypt_key, 'ECB');
-  crypt_data = byteArrayToHex(crypt_data);
-  
-  var json_data = {
-    'username' : username,
-    'crypt_key' : crypt_key_md5,
-    'challenge' : challenge_data,
-    'crypt_data' : crypt_data,
-    'level' : ajax_auth_level_cache
-  };
-  
-  if ( document.getElementById('ajaxlogin_captcha_hash') )
-  {
-    json_data.captcha_hash = document.getElementById('ajaxlogin_captcha_hash').value;
-    json_data.captcha_code = document.getElementById('ajaxlogin_captcha_code').value;
-  }
-  
-  json_data = toJSONString(json_data);
-  json_data = encodeURIComponent(json_data);
-  
-  var loading_win = '<div align="center" style="text-align: center;"> \
-      <p>' + $lang.get('user_login_ajax_loggingin') + '</p> \
-      <p><img alt="Please wait..." src="'+scriptPath+'/images/loading-big.gif" /></p> \
-    </div>';
-    
-  ajax_auth_mb_cache.updateContent(loading_win);
-  
-  ajaxPost(makeUrlNS('Special', 'Login', 'act=ajaxlogin'), 'params=' + json_data, function() {
-      if ( ajax.readyState == 4 && ajax.status == 200 )
-      {
-        var response = ajax.responseText;
-        if ( response.substr(0,1) != '{' )
-        {
-          alert('Invalid JSON response from server: ' + response);
-          ajaxAuthLoginInnerSetup();
-          return false;
-        }
-        response = parseJSON(response);
-        switch(response.result)
-        {
-          case 'success':
-            var success_win = '<div align="center" style="text-align: center;"> \
-                  <p>' + $lang.get('user_login_success_short') + '</p> \
-                  <p><img alt=" " src="'+scriptPath+'/images/check.png" /></p> \
-                </div>';
-            ajax_auth_mb_cache.updateContent(success_win);
-            if ( typeof(ajax_auth_prompt_cache) == 'function' )
-            {
-              ajax_auth_prompt_cache(response.key);
-            }
-            break;
-          case 'success_reset':
-            var conf = confirm($lang.get('user_login_ajax_msg_used_temp_pass'));
-            if ( conf )
-            {
-              var url = makeUrlNS('Special', 'PasswordReset/stage2/' + response.user_id + '/' + response.temppass);
-              window.location = url;
-            }
-            else
-            {
-              ajaxAuthLoginInnerSetup();
-            }
-            break;
-          case 'error':
-            if ( response.data.error == 'invalid_credentials' || response.data.error == 'locked_out' )
-            {
-              ajax_auth_error_string = ajaxAuthErrorToString(response.data);
-              mb_current_obj.updateContent('');
-              document.getElementById('messageBox').style.backgroundColor = '#C0C0C0';
-              var mb_parent = document.getElementById('messageBox').parentNode;
-              new Spry.Effect.Shake(mb_parent, {duration: 1500}).start();
-              setTimeout("document.getElementById('messageBox').style.backgroundColor = '#FFF'; ajaxAuthLoginInnerSetup();", 2500);
-              
-              if ( response.data.lockout_policy == 'captcha' && response.data.error == 'locked_out' )
-              {
-                ajax_auth_show_captcha = response.captcha;
-              }
-            }
-            else
-            {
-              ajax_auth_error_string = ajaxAuthErrorToString(response.data);
-              ajaxAuthLoginInnerSetup();
-            }
-            break;
-          default:
-            alert(ajax.responseText);
-            break;
-        }
-      }
-    });
-  
-  return true;
-  
+  ajaxLogonInit(call_on_ok, level);
 }
 
 // This code is in the public domain. Feel free to link back to http://jan.moesen.nu/