// js handling the login procedures // constants var NORMAL_STATE = 4; var LOGIN_PREFIX = 'http://' + location.host + '/download_area/login.asp?'; // variables var http = getHTTPObject(); // We create the HTTP Object var hasSeed = false; var loggedIn = false; var seed_id = 0; var seed = 0; var fullname = ''; var messages = ''; function getHTTPObject() { var xhr = false;//set to false, so if it fails, do nothing if(window.XMLHttpRequest) {//detect to see if browser allows this method var xhr = new XMLHttpRequest();//set var the new request } else if(window.ActiveXObject) {//detect to see if browser allows this method try { var xhr = new ActiveXObject("Msxml2.XMLHTTP");//try this method first } catch(e) {//if it fails move onto the next try { var xhr = new ActiveXObject("Microsoft.XMLHTTP");//try this method next } catch(e) {//if that also fails return false. xhr = false; } } } return xhr;//return the value of xhr } // getSeed method: gets a seed from the server for this transaction function getSeed() { // only get a seed if we're not logged in and we don't already have one if (!loggedIn && !hasSeed) { // open up the path http.open('GET', LOGIN_PREFIX + 'task=getseed', true); http.onreadystatechange = handleHttpGetSeed; http.send(null); } } // handleHttpGetSeed method: called when the seed is returned from the server function handleHttpGetSeed() { // if there hasn't been any errors if (http.readyState == NORMAL_STATE) { // split by the divider | results = http.responseText.split('|'); // id is the first element seed_id = results[0]; //alert("getting seed: " + seed_id); // seed is the second element seed = results[1]; // now we have the seed hasSeed = true; } } // validateLogin method: validates a login request function validateLogin() { // ignore request if we are already logged in if (loggedIn){ return; } // get form form elements 'username' and 'password' username = document.getElementById('username').value; password = document.getElementById('password').value; document.getElementById('setcookie').checked?cookie = 1:cookie=0; // ignore if either is empty if (username != '' && password != '') { // compute the hash of the hash of the password and the seed hash = SHA1(SHA1(password) + seed); // open the http connection //alert('task=checklogin&username='+username+'&id='+seed_id+'&hash='+hash+'&cookie='+cookie); http.open('GET', LOGIN_PREFIX + 'task=checklogin&username='+username+'&id='+seed_id+'&hash='+hash+'&cookie='+cookie, true); // where to go http.onreadystatechange = handleHttpValidateLogin; http.send(null); }else{ //alert("empty"); } } // handleHttpValidateLogin method: called when the validation results are returned from the server function handleHttpValidateLogin() { // did the connection work? if (http.readyState == NORMAL_STATE) { // split by the pipe results = http.responseText.split('|'); if (results[0] == 'true') { hasSeed = false; loggedIn = true; fullname = results[1]; firstname = results[2]; surname = results[3]; sex = results[4]; messages = ''; /*if(document.getElementById('setcookie').checked){ setCookie('loggedIn','true',365); setCookie('userName',results[1],365); }*/ } else { messages = results[1]; } showLogin(); } } /*************** COOKIES **************/ function setCookie(c_name,value,expiredays){ var exdate=new Date(); exdate.setDate(exdate.getDate()+expiredays); document.cookie=c_name+ "=" +escape(value)+ ((expiredays==null) ? "" : ";expires="+exdate.toGMTString())+ "; path=/"; } function deleteCookie() { if(getCookie('loggedIn') == 'true'){ document.cookie='loggedIn=' +escape('false')+ ';expires=Thu, 01-Jan-1970 00:00:01 GMT'; } } function checkLoggedIn(){ lIn = getCookie('loggedIn'); if(lIn=='true'){ loggedIn = true; } } function checkUser(){ username=getCookie('username'); } function getCookie(c_name){ if (document.cookie.length>0){ c_start=document.cookie.indexOf(c_name + "="); if (c_start!=-1) { c_start=c_start + c_name.length+1; c_end=document.cookie.indexOf(";",c_start); if (c_end==-1) c_end=document.cookie.length; return unescape(document.cookie.substring(c_start,c_end)); } } return ""; } /*********************************************/ // resetLogin method: if logged in, 'logs out' and allows a different user/pass to be entered function resetLogin() { loggedIn = false; hasSeed = false; }