1
+ − 1
// Some additional DHTML functions
+ − 2
+ − 3
function fetch_offset(obj) {
+ − 4
var left_offset = obj.offsetLeft;
+ − 5
var top_offset = obj.offsetTop;
+ − 6
while ((obj = obj.offsetParent) != null) {
+ − 7
left_offset += obj.offsetLeft;
+ − 8
top_offset += obj.offsetTop;
+ − 9
}
+ − 10
return { 'left' : left_offset, 'top' : top_offset };
+ − 11
}
+ − 12
+ − 13
function fetch_dimensions(o) {
+ − 14
var w = o.offsetWidth;
+ − 15
var h = o.offsetHeight;
+ − 16
return { 'w' : w, 'h' : h };
+ − 17
}
+ − 18
+ − 19
function findParentForm(o)
+ − 20
{
74
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 21
if ( o.tagName == 'FORM' )
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 22
return o;
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 23
while(true)
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 24
{
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 25
o = o.parentNode;
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 26
if ( !o )
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 27
return false;
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 28
if ( o.tagName == 'FORM' )
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 29
return o;
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 30
}
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 31
return false;
1
+ − 32
}
+ − 33
+ − 34
function ajaxReverseDNS(o, text)
+ − 35
{
+ − 36
if(text) var ipaddr = text;
+ − 37
else var ipaddr = o.innerHTML;
+ − 38
rDnsObj = o;
+ − 39
rDnsBannerObj = bannerOn('Retrieving reverse DNS info...');
+ − 40
ajaxGet(stdAjaxPrefix+'&_mode=rdns&ip='+ipaddr, function() {
+ − 41
if(ajax.readyState == 4)
+ − 42
{
+ − 43
off = fetch_offset(rDnsObj);
+ − 44
dim = fetch_dimensions(rDnsObj);
+ − 45
right = off['left'] + dim['w'];
+ − 46
top = off['top'] + dim['h'];
+ − 47
var thediv = document.createElement('div');
+ − 48
thediv.className = 'info-box';
+ − 49
thediv.style.margin = '0';
+ − 50
thediv.style.position = 'absolute';
+ − 51
thediv.style.top = top + 'px';
+ − 52
thediv.style.display = 'none';
+ − 53
thediv.style.zIndex = getHighestZ() + 2;
+ − 54
thediv.id = 'mdgDynamic_rDnsInfoDiv_'+Math.floor(Math.random() * 1000000);
+ − 55
thediv.innerHTML = '<b>Reverse DNS:</b><br />'+ajax.responseText+' <a href="#" onclick="elem = document.getElementById(\''+thediv.id+'\'); elem.innerHTML = \'\'; elem.style.display = \'none\';return false;">Close</a>';
+ − 56
var body = document.getElementsByTagName('body');
+ − 57
body = body[0];
+ − 58
bannerOff(rDnsBannerObj);
+ − 59
body.appendChild(thediv);
+ − 60
thediv.style.display = 'block';
+ − 61
left = fetch_dimensions(thediv);
+ − 62
thediv.style.display = 'none';
+ − 63
left = right - left['w'];
+ − 64
thediv.style.left = left + 'px';
+ − 65
thediv.style.display = 'block';
+ − 66
fadeInfoBoxes();
+ − 67
}
+ − 68
});
+ − 69
}
+ − 70
+ − 71
function bannerOn(text)
+ − 72
{
+ − 73
darken(true);
+ − 74
var thediv = document.createElement('div');
+ − 75
thediv.className = 'mdg-comment';
+ − 76
thediv.style.padding = '0';
+ − 77
thediv.style.marginLeft = '0';
+ − 78
thediv.style.position = 'absolute';
+ − 79
thediv.style.display = 'none';
+ − 80
thediv.style.padding = '4px';
+ − 81
thediv.style.fontSize = '14pt';
+ − 82
thediv.id = 'mdgDynamic_bannerDiv_'+Math.floor(Math.random() * 1000000);
+ − 83
thediv.innerHTML = text;
+ − 84
+ − 85
var body = document.getElementsByTagName('body');
+ − 86
body = body[0];
+ − 87
body.appendChild(thediv);
+ − 88
body.style.cursor = 'wait';
+ − 89
+ − 90
thediv.style.display = 'block';
+ − 91
dim = fetch_dimensions(thediv);
+ − 92
thediv.style.display = 'none';
+ − 93
bdim = { 'w' : getWidth(), 'h' : getHeight() };
+ − 94
so = getScrollOffset();
+ − 95
40
+ − 96
var left = (bdim['w'] / 2) - ( dim['w'] / 2 );
+ − 97
+ − 98
var top = (bdim['h'] / 2);
+ − 99
top = top - ( dim['h'] / 2 );
+ − 100
+ − 101
top = top + so;
1
+ − 102
+ − 103
thediv.style.top = top + 'px';
+ − 104
thediv.style.left = left + 'px';
+ − 105
+ − 106
thediv.style.display = 'block';
+ − 107
+ − 108
return thediv.id;
+ − 109
}
+ − 110
+ − 111
function bannerOff(id)
+ − 112
{
+ − 113
e = document.getElementById(id);
+ − 114
if(!e) return;
+ − 115
e.innerHTML = '';
+ − 116
e.style.display = 'none';
+ − 117
var body = document.getElementsByTagName('body');
+ − 118
body = body[0];
+ − 119
body.style.cursor = 'default';
+ − 120
enlighten(true);
+ − 121
}
+ − 122
+ − 123
function disableUnload(message)
+ − 124
{
+ − 125
if(typeof message != 'string') message = 'You may want to save your changes first.';
+ − 126
var body = document.getElementsByTagName('body');
+ − 127
body = body[0];
+ − 128
body.onbeforeunload='return unescape(\''+escape(message)+'\')';
+ − 129
}
+ − 130
+ − 131
function enableUnload()
+ − 132
{
+ − 133
var body = document.getElementsByTagName('body');
+ − 134
body = body[0];
+ − 135
body.onbeforeunload = null;
+ − 136
}
+ − 137
+ − 138
/**
+ − 139
* Gets the highest z-index of all divs in the document
+ − 140
* @return integer
+ − 141
*/
+ − 142
function getHighestZ()
+ − 143
{
+ − 144
z = 0;
+ − 145
var divs = document.getElementsByTagName('div');
+ − 146
for(var i = 0; i < divs.length; i++)
+ − 147
{
+ − 148
if(divs[i].style.zIndex > z) z = divs[i].style.zIndex;
+ − 149
}
+ − 150
return z;
+ − 151
}
+ − 152
+ − 153
function isKeyPressed(event)
+ − 154
{
+ − 155
if (event.shiftKey==1)
+ − 156
{
+ − 157
shift = true;
+ − 158
}
+ − 159
else
+ − 160
{
+ − 161
shift = false;
+ − 162
}
+ − 163
}
+ − 164
+ − 165
function moveDiv(div, newparent)
+ − 166
{
+ − 167
var backup = div;
+ − 168
var oldparent = div.parentNode;
+ − 169
oldparent.removeChild(div);
+ − 170
newparent.appendChild(backup);
+ − 171
}
+ − 172
+ − 173
function readCookie(name) {var nameEQ = name + "=";var ca = document.cookie.split(';');for(var i=0;i < ca.length;i++){var c = ca[i];while (c.charAt(0)==' ') c = c.substring(1,c.length);if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length,c.length);}return null;}
+ − 174
function createCookie(name,value,days){if (days){var date = new Date();date.setTime(date.getTime()+(days*24*60*60*1000));var expires = "; expires="+date.toGMTString();}else var expires = "";document.cookie = name+"="+value+expires+"; path=/";}
+ − 175
function eraseCookie(name) {createCookie(name,"",-1);}
+ − 176
+ − 177
var busyBannerID;
+ − 178
function goBusy(msg)
+ − 179
{
+ − 180
if(!msg) msg = 'Please wait...';
+ − 181
body = document.getElementsByTagName('body');
+ − 182
body = body[0];
+ − 183
body.style.cursor = 'wait';
+ − 184
busyBannerID = bannerOn(msg);
+ − 185
}
+ − 186
+ − 187
function unBusy()
+ − 188
{
+ − 189
body = document.getElementsByTagName('body');
+ − 190
body = body[0];
+ − 191
body.style.cursor = 'default';
+ − 192
bannerOff(busyBannerID);
+ − 193
}
+ − 194
+ − 195
function setAjaxLoading()
+ − 196
{
+ − 197
if ( document.getElementById('ajaxloadicon') )
+ − 198
{
200
63fddf1335d9
Nothing real special. The AJAX loading icon can be changed using the Javascript variable ajax_load_icon in header.tpl.
Dan
diff
changeset
+ − 199
document.getElementById('ajaxloadicon').src=ajax_load_icon;
1
+ − 200
}
+ − 201
}
+ − 202
+ − 203
function unsetAjaxLoading()
+ − 204
{
+ − 205
if ( document.getElementById('ajaxloadicon') )
+ − 206
{
+ − 207
document.getElementById('ajaxloadicon').src=scriptPath + '/images/spacer.gif';
+ − 208
}
+ − 209
}
+ − 210
+ − 211
/*
+ − 212
* Search boxes
+ − 213
*/
+ − 214
+ − 215
function buildSearchBoxes()
+ − 216
{
+ − 217
var divs = document.getElementsByTagName('*');
+ − 218
var boxes = new Array();
+ − 219
for ( var i = 0; i < divs.length; i++ )
+ − 220
{
+ − 221
if ( divs[i].className)
+ − 222
{
+ − 223
if ( divs[i].className.substr(0, 9) == 'searchbox' )
+ − 224
{
+ − 225
boxes.push(divs[i]);
+ − 226
}
+ − 227
}
+ − 228
}
+ − 229
for ( var i = 0; i < boxes.length; i++ )
+ − 230
{
+ − 231
if ( boxes[i].className.match(/^searchbox\[([0-9]+)px\]$/) )
+ − 232
{
+ − 233
var width = boxes[i].className.match(/^searchbox\[([0-9]+)px\]$/);
+ − 234
width = parseInt(width[1]);
+ − 235
}
+ − 236
else
+ − 237
{
+ − 238
var width = 120;
+ − 239
}
+ − 240
createSearchBox(boxes[i], width);
+ − 241
}
+ − 242
}
+ − 243
+ − 244
function createSearchBox(parent, width)
+ − 245
{
+ − 246
if ( typeof(parent) != 'object')
+ − 247
{
+ − 248
alert('BUG: createSearchBox(): parent is not an object');
+ − 249
return false;
+ − 250
}
+ − 251
//parent.style.padding = '0px';
+ − 252
//parent.style.textAlign = 'center';
+ − 253
parent.style.width = width + 'px';
+ − 254
var submit = document.createElement('div');
+ − 255
submit.onclick = function() { searchFormSubmit(this); };
+ − 256
submit.className = 'js-search-submit';
+ − 257
var input = document.createElement('input');
+ − 258
input.className = 'js-search-box';
+ − 259
input.value = 'Search';
+ − 260
input.name = 'q';
+ − 261
input.style.width = ( width - 28 ) + 'px';
+ − 262
input.onfocus = function() { if ( this.value == 'Search' ) this.value = ''; };
+ − 263
input.onblur = function() { if ( this.value == '' ) this.value = 'Search'; };
+ − 264
parent.appendChild(input);
+ − 265
var off = fetch_offset(input);
+ − 266
var top = off['top'] + 'px';
+ − 267
var left = ( parseInt(off['left']) + ( width - 24 ) ) + 'px';
+ − 268
submit.style.top = top;
+ − 269
submit.style.left = left;
+ − 270
parent.appendChild(submit);
+ − 271
}
+ − 272
+ − 273
function searchFormSubmit(obj)
+ − 274
{
+ − 275
var input = obj.previousSibling;
+ − 276
if ( input.value == 'Search' || input.value == '' )
+ − 277
return false;
+ − 278
var p = obj;
+ − 279
while(true)
+ − 280
{
+ − 281
p = p.parentNode;
+ − 282
if ( !p )
+ − 283
break;
+ − 284
if ( typeof(p.tagName) != 'string' )
+ − 285
break;
+ − 286
else if ( p.tagName.toLowerCase() == 'form' )
+ − 287
{
+ − 288
p.submit();
+ − 289
}
+ − 290
else if ( p.tagName.toLowerCase() == 'body' )
+ − 291
{
+ − 292
break;
+ − 293
}
+ − 294
}
+ − 295
}
+ − 296
+ − 297
/*
+ − 298
* AJAX login box (experimental)
+ − 299
*/
+ − 300
+ − 301
var ajax_auth_prompt_cache = false;
+ − 302
var ajax_auth_mb_cache = false;
+ − 303
var ajax_auth_level_cache = false;
174
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 304
var ajax_auth_error_string = false;
1
+ − 305
+ − 306
function ajaxPromptAdminAuth(call_on_ok, level)
+ − 307
{
+ − 308
if ( typeof(call_on_ok) == 'function' )
+ − 309
{
+ − 310
ajax_auth_prompt_cache = call_on_ok;
+ − 311
}
+ − 312
if ( !level )
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 313
level = USER_LEVEL_MEMBER;
1
+ − 314
ajax_auth_level_cache = level;
+ − 315
var loading_win = '<div align="center" style="text-align: center;"> \
+ − 316
<p>Fetching an encryption key...</p> \
+ − 317
<p><small>Not working? Use the <a href="'+makeUrlNS('Special', 'Login/' + title)+'">alternate login form</a>.</p> \
+ − 318
<p><img alt="Please wait..." src="'+scriptPath+'/images/loading-big.gif" /></p> \
+ − 319
</div>';
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 320
var title = ( level > USER_LEVEL_MEMBER ) ? 'You are requesting a sensitive operation.' : 'Please enter your username and password to continue.';
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 321
ajax_auth_mb_cache = new messagebox(MB_OKCANCEL|MB_ICONLOCK, title, loading_win);
1
+ − 322
ajax_auth_mb_cache.onbeforeclick['OK'] = ajaxValidateLogin;
+ − 323
ajaxAuthLoginInnerSetup();
+ − 324
}
+ − 325
+ − 326
function ajaxAuthLoginInnerSetup()
+ − 327
{
+ − 328
ajaxGet(makeUrlNS('Special', 'Login', 'act=getkey'), function() {
+ − 329
if ( ajax.readyState == 4 )
+ − 330
{
40
+ − 331
var response = String(ajax.responseText);
1
+ − 332
if ( response.substr(0,1) != '{' )
+ − 333
{
+ − 334
alert('Invalid JSON response from server: ' + response);
+ − 335
return false;
+ − 336
}
+ − 337
response = parseJSON(response);
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 338
var level = ajax_auth_level_cache;
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 339
var form_html = '';
176
+ − 340
var shown_error = false;
174
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 341
if ( ajax_auth_error_string )
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 342
{
176
+ − 343
shown_error = true;
+ − 344
form_html += '<div class="error-box-mini" id="ajax_auth_error">' + ajax_auth_error_string + '</div>';
174
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 345
ajax_auth_error_string = false;
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 346
}
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 347
else if ( level > USER_LEVEL_MEMBER )
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 348
{
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 349
form_html += 'Please re-enter your login details, to verify your identity.<br /><br />';
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 350
}
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 351
form_html += ' \
1
+ − 352
<table border="0" align="center"> \
+ − 353
<tr> \
+ − 354
<td>Username:</td><td><input tabindex="1" id="ajaxlogin_user" type="text" size="25" /> \
+ − 355
</tr> \
+ − 356
<tr> \
+ − 357
<td>Password:</td><td><input tabindex="2" id="ajaxlogin_pass" type="password" size="25" /> \
+ − 358
</tr> \
+ − 359
<tr> \
+ − 360
<td colspan="2" style="text-align: center;"> \
176
+ − 361
<br /><small>Trouble logging in? Try the <a href="'+makeUrlNS('Special', 'Login/' + title, 'level=' + level)+'">full login form</a>.<br />';
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 362
if ( level <= USER_LEVEL_MEMBER )
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 363
{
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 364
form_html += ' \
1
+ − 365
Did you <a href="'+makeUrlNS('Special', 'PasswordReset')+'">forget your password</a>?<br /> \
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 366
Maybe you need to <a href="'+makeUrlNS('Special', 'Register')+'">create an account</a>.</small>';
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 367
}
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 368
form_html += ' \
1
+ − 369
</td> \
+ − 370
</tr> \
+ − 371
</table> \
+ − 372
<input type="hidden" id="ajaxlogin_crypt_key" value="' + response.key + '" /> \
+ − 373
<input type="hidden" id="ajaxlogin_crypt_challenge" value="' + response.challenge + '" /> \
+ − 374
</form>';
+ − 375
ajax_auth_mb_cache.updateContent(form_html);
+ − 376
$('messageBox').object.nextSibling.firstChild.tabindex = '3';
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 377
if ( typeof(response.username) == 'string' )
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 378
{
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 379
$('ajaxlogin_user').object.value = response.username;
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 380
$('ajaxlogin_pass').object.focus();
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 381
}
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 382
else
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 383
{
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 384
$('ajaxlogin_user').object.focus();
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 385
}
9
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
diff
changeset
+ − 386
$('ajaxlogin_pass').object.onblur = function(e) { if ( !shift ) $('messageBox').object.nextSibling.firstChild.focus(); };
40
+ − 387
$('ajaxlogin_pass').object.onkeypress = function(e) { if ( !e && IE ) return true; if ( e.keyCode == 13 ) $('messageBox').object.nextSibling.firstChild.click(); };
176
+ − 388
/*
+ − 389
## This causes the background image to disappear under Fx 2
+ − 390
if ( shown_error )
+ − 391
{
+ − 392
// fade to #FFF4F4
+ − 393
var fader = new Spry.Effect.Highlight('ajax_auth_error', {duration: 1000, from: '#FFF4F4', to: '#805600', restoreColor: '#805600', finish: function()
+ − 394
{
+ − 395
var fader = new Spry.Effect.Highlight('ajax_auth_error', {duration: 3000, from: '#805600', to: '#FFF4F4', restoreColor: '#FFF4F4'});
+ − 396
fader.start();
+ − 397
}});
+ − 398
fader.start();
+ − 399
}
+ − 400
*/
1
+ − 401
}
+ − 402
});
+ − 403
}
+ − 404
+ − 405
function ajaxValidateLogin()
+ − 406
{
+ − 407
var username,password,auth_enabled,crypt_key,crypt_data,challenge_salt,challenge_data;
+ − 408
username = document.getElementById('ajaxlogin_user');
+ − 409
if ( !username )
+ − 410
return false;
+ − 411
username = document.getElementById('ajaxlogin_user').value;
+ − 412
password = document.getElementById('ajaxlogin_pass').value;
+ − 413
auth_enabled = false;
+ − 414
+ − 415
disableJSONExts();
+ − 416
+ − 417
//
+ − 418
// Encryption test
+ − 419
//
+ − 420
+ − 421
var str = '';
+ − 422
for(i=0;i<keySizeInBits/4;i++)
+ − 423
{
+ − 424
str+='0';
+ − 425
}
+ − 426
str = hexToByteArray(str);
+ − 427
var ct = rijndaelEncrypt(str, str, 'ECB');
+ − 428
ct = byteArrayToHex(ct);
+ − 429
var v;
+ − 430
switch(keySizeInBits)
+ − 431
{
+ − 432
case 128:
+ − 433
v = '66e94bd4ef8a2c3b884cfa59ca342b2e';
+ − 434
break;
+ − 435
case 192:
+ − 436
v = 'aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7';
+ − 437
break;
+ − 438
case 256:
+ − 439
v = 'dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087';
+ − 440
break;
+ − 441
}
+ − 442
auth_enabled = ( ct == v && md5_vm_test() );
+ − 443
if ( !auth_enabled )
+ − 444
{
+ − 445
alert('Login error: encryption sanity check failed\n');
+ − 446
return true;
+ − 447
}
+ − 448
+ − 449
crypt_key = document.getElementById('ajaxlogin_crypt_key').value;
+ − 450
challenge_salt = document.getElementById('ajaxlogin_crypt_challenge').value;
+ − 451
+ − 452
var crypt_key_md5 = hex_md5(crypt_key);
+ − 453
+ − 454
challenge_data = hex_md5(password + challenge_salt) + challenge_salt;
+ − 455
+ − 456
password = stringToByteArray(password);
+ − 457
crypt_key = hexToByteArray(crypt_key);
+ − 458
+ − 459
crypt_data = rijndaelEncrypt(password, crypt_key, 'ECB');
+ − 460
crypt_data = byteArrayToHex(crypt_data);
+ − 461
+ − 462
var json_data = {
+ − 463
'username' : username,
+ − 464
'crypt_key' : crypt_key_md5,
+ − 465
'challenge' : challenge_data,
+ − 466
'crypt_data' : crypt_data,
+ − 467
'level' : ajax_auth_level_cache
+ − 468
};
+ − 469
+ − 470
json_data = toJSONString(json_data);
135
c5dbad7ec2d0
Enano should now fully support UTF-8 usernames; newly registered users are now granted automatic edit access to their user pages (admins can still use protection on the page)
Dan
diff
changeset
+ − 471
json_data = encodeURIComponent(json_data);
1
+ − 472
+ − 473
var loading_win = '<div align="center" style="text-align: center;"> \
+ − 474
<p>Logging in...</p> \
+ − 475
<p><img alt="Please wait..." src="'+scriptPath+'/images/loading-big.gif" /></p> \
+ − 476
</div>';
+ − 477
+ − 478
ajax_auth_mb_cache.updateContent(loading_win);
+ − 479
+ − 480
ajaxPost(makeUrlNS('Special', 'Login', 'act=ajaxlogin'), 'params=' + json_data, function() {
+ − 481
if ( ajax.readyState == 4 )
+ − 482
{
+ − 483
var response = ajax.responseText;
+ − 484
if ( response.substr(0,1) != '{' )
+ − 485
{
+ − 486
alert('Invalid JSON response from server: ' + response);
+ − 487
ajaxAuthLoginInnerSetup();
+ − 488
return false;
+ − 489
}
+ − 490
response = parseJSON(response);
+ − 491
switch(response.result)
+ − 492
{
+ − 493
case 'success':
+ − 494
if ( typeof(ajax_auth_prompt_cache) == 'function' )
+ − 495
{
+ − 496
ajax_auth_prompt_cache(response.key);
+ − 497
}
+ − 498
break;
+ − 499
case 'success_reset':
+ − 500
var conf = confirm('You have logged in using a temporary password. Before you can log in, you must finish resetting your password. Do you want to reset your real password now?');
+ − 501
if ( conf )
+ − 502
{
+ − 503
var url = makeUrlNS('Special', 'PasswordReset/stage2/' + response.user_id + '/' + response.temppass);
+ − 504
window.location = url;
+ − 505
}
+ − 506
else
+ − 507
{
+ − 508
ajaxAuthLoginInnerSetup();
+ − 509
}
+ − 510
break;
+ − 511
case 'error':
174
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 512
if ( response.error == 'The username and/or password is incorrect.' )
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 513
{
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 514
ajax_auth_error_string = response.error;
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 515
mb_current_obj.updateContent('');
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 516
document.getElementById('messageBox').style.backgroundColor = '#C0C0C0';
175
1465f48faba0
AJAX login box is now used in userprefs panel; Spry shake effect and general UX on auth fail is smoother now; added ajaxLoginNavTo() JS function
Dan
diff
changeset
+ − 517
var mb_parent = document.getElementById('messageBox').parentNode;
1465f48faba0
AJAX login box is now used in userprefs panel; Spry shake effect and general UX on auth fail is smoother now; added ajaxLoginNavTo() JS function
Dan
diff
changeset
+ − 518
new Spry.Effect.Shake(mb_parent, {duration: 1500}).start();
174
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 519
setTimeout("document.getElementById('messageBox').style.backgroundColor = '#FFF'; ajaxAuthLoginInnerSetup();", 2500);
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 520
}
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 521
else
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 522
{
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 523
alert(response.error);
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 524
ajaxAuthLoginInnerSetup();
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 525
}
1
+ − 526
break;
+ − 527
default:
+ − 528
alert(ajax.responseText);
+ − 529
break;
+ − 530
}
+ − 531
}
+ − 532
});
+ − 533
+ − 534
return true;
+ − 535
+ − 536
}
+ − 537
+ − 538
// This code is in the public domain. Feel free to link back to http://jan.moesen.nu/
+ − 539
function sprintf()
+ − 540
{
+ − 541
if (!arguments || arguments.length < 1 || !RegExp)
+ − 542
{
+ − 543
return;
+ − 544
}
+ − 545
var str = arguments[0];
+ − 546
var re = /([^%]*)%('.|0|\x20)?(-)?(\d+)?(\.\d+)?(%|b|c|d|u|f|o|s|x|X)(.*)/;
+ − 547
var a = b = [], numSubstitutions = 0, numMatches = 0;
+ − 548
while (a = re.exec(str))
+ − 549
{
+ − 550
var leftpart = a[1], pPad = a[2], pJustify = a[3], pMinLength = a[4];
+ − 551
var pPrecision = a[5], pType = a[6], rightPart = a[7];
+ − 552
+ − 553
//alert(a + '\n' + [a[0], leftpart, pPad, pJustify, pMinLength, pPrecision);
+ − 554
+ − 555
numMatches++;
+ − 556
if (pType == '%')
+ − 557
{
+ − 558
subst = '%';
+ − 559
}
+ − 560
else
+ − 561
{
+ − 562
numSubstitutions++;
+ − 563
if (numSubstitutions >= arguments.length)
+ − 564
{
+ − 565
alert('Error! Not enough function arguments (' + (arguments.length - 1) + ', excluding the string)\nfor the number of substitution parameters in string (' + numSubstitutions + ' so far).');
+ − 566
}
+ − 567
var param = arguments[numSubstitutions];
+ − 568
var pad = '';
+ − 569
if (pPad && pPad.substr(0,1) == "'") pad = leftpart.substr(1,1);
+ − 570
else if (pPad) pad = pPad;
+ − 571
var justifyRight = true;
+ − 572
if (pJustify && pJustify === "-") justifyRight = false;
+ − 573
var minLength = -1;
+ − 574
if (pMinLength) minLength = parseInt(pMinLength);
+ − 575
var precision = -1;
+ − 576
if (pPrecision && pType == 'f') precision = parseInt(pPrecision.substring(1));
+ − 577
var subst = param;
+ − 578
if (pType == 'b') subst = parseInt(param).toString(2);
+ − 579
else if (pType == 'c') subst = String.fromCharCode(parseInt(param));
+ − 580
else if (pType == 'd') subst = parseInt(param) ? parseInt(param) : 0;
+ − 581
else if (pType == 'u') subst = Math.abs(param);
+ − 582
else if (pType == 'f') subst = (precision > -1) ? Math.round(parseFloat(param) * Math.pow(10, precision)) / Math.pow(10, precision): parseFloat(param);
+ − 583
else if (pType == 'o') subst = parseInt(param).toString(8);
+ − 584
else if (pType == 's') subst = param;
+ − 585
else if (pType == 'x') subst = ('' + parseInt(param).toString(16)).toLowerCase();
+ − 586
else if (pType == 'X') subst = ('' + parseInt(param).toString(16)).toUpperCase();
+ − 587
}
+ − 588
str = leftpart + subst + rightPart;
+ − 589
}
+ − 590
return str;
+ − 591
}
+ − 592
74
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 593
/**
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 594
* Insert a DOM object _after_ the specified child.
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 595
* @param object Parent node
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 596
* @param object Node to insert
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 597
* @param object Node to insert after
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 598
*/
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 599
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 600
function insertAfter(parent, baby, bigsister)
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 601
{
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 602
try
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 603
{
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 604
if ( parent.childNodes[parent.childNodes.length-1] == bigsister )
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 605
parent.appendChild(baby);
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 606
else
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 607
parent.insertBefore(baby, bigsister.nextSibling);
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 608
}
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 609
catch(e)
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 610
{
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 611
alert(e.toString());
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 612
if ( window.console )
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 613
{
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 614
// Firebug support
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 615
window.console.warn(e);
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 616
}
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 617
}
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 618
}
68469a95658d
Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Dan
diff
changeset
+ − 619
125
+ − 620
/**
+ − 621
* Validates an e-mail address.
+ − 622
* @param string E-mail address
+ − 623
* @return bool
+ − 624
*/
+ − 625
+ − 626
function validateEmail(email)
+ − 627
{
+ − 628
return ( email.match(/^(?:[\w\d]+\.?)+@((?:(?:[\w\d]\-?)+\.)+\w{2,4}|localhost)$/) ) ? true : false;
+ − 629
}
+ − 630