436
+ − 1
/*
+ − 2
* AJAX-based intelligent login interface
+ − 3
*/
+ − 4
+ − 5
/*
+ − 6
* FRONTEND
+ − 7
*/
+ − 8
+ − 9
/**
+ − 10
* Performs a logon as a regular member.
+ − 11
*/
+ − 12
582
+ − 13
window.ajaxLogonToMember = function()
436
+ − 14
{
+ − 15
// IE <6 pseudo-compatibility
+ − 16
if ( KILL_SWITCH )
+ − 17
return true;
+ − 18
if ( auth_level >= USER_LEVEL_MEMBER )
+ − 19
return true;
+ − 20
ajaxLoginInit(function(k)
+ − 21
{
741
+ − 22
if ( on_main_page )
+ − 23
{
+ − 24
window.location = makeUrl(main_page_members);
+ − 25
}
+ − 26
else
+ − 27
{
+ − 28
window.location.reload();
+ − 29
}
436
+ − 30
}, USER_LEVEL_MEMBER);
+ − 31
}
+ − 32
+ − 33
/**
+ − 34
* Authenticates to the highest level the current user is allowed to go to.
+ − 35
*/
+ − 36
582
+ − 37
window.ajaxLogonToElev = function()
436
+ − 38
{
+ − 39
if ( auth_level == user_level )
+ − 40
return true;
+ − 41
+ − 42
ajaxLoginInit(function(k)
+ − 43
{
+ − 44
ENANO_SID = k;
+ − 45
var url = String(' ' + window.location).substr(1);
+ − 46
url = append_sid(url);
+ − 47
window.location = url;
+ − 48
}, user_level);
+ − 49
}
+ − 50
+ − 51
/*
+ − 52
* BACKEND
+ − 53
*/
+ − 54
+ − 55
/**
+ − 56
* Holding object for various AJAX authentication information.
+ − 57
* @var object
+ − 58
*/
+ − 59
+ − 60
var logindata = {};
+ − 61
+ − 62
/**
+ − 63
* Path to the image used to indicate loading progress
+ − 64
* @var string
+ − 65
*/
+ − 66
+ − 67
if ( !ajax_login_loadimg_path )
+ − 68
var ajax_login_loadimg_path = false;
+ − 69
+ − 70
if ( !ajax_login_successimg_path )
+ − 71
var ajax_login_successimg_path = false;
+ − 72
+ − 73
/**
+ − 74
* Status variables
+ − 75
* @var int
+ − 76
*/
+ − 77
+ − 78
var AJAX_STATUS_LOADING_KEY = 1;
+ − 79
var AJAX_STATUS_GENERATING_KEY = 2;
+ − 80
var AJAX_STATUS_LOGGING_IN = 3;
+ − 81
var AJAX_STATUS_SUCCESS = 4;
718
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 82
var AJAX_STATUS_ERROR = 5;
436
+ − 83
var AJAX_STATUS_DESTROY = 65535;
+ − 84
+ − 85
/**
+ − 86
* State constants
+ − 87
* @var int
+ − 88
*/
+ − 89
+ − 90
var AJAX_STATE_EARLY_INIT = 1;
+ − 91
var AJAX_STATE_LOADING_KEY = 2;
+ − 92
+ − 93
/**
+ − 94
* Performs the AJAX request to get an encryption key and from there spawns the login form.
+ − 95
* @param function The function that will be called once authentication completes successfully.
+ − 96
* @param int The security level to authenticate at - see http://docs.enanocms.org/Help:Appendix_B
+ − 97
*/
+ − 98
582
+ − 99
window.ajaxLoginInit = function(call_on_finish, user_level)
436
+ − 100
{
780
f65e35566b63
A few fixes to the most recently added feature: more efficiency tweaks, tweaked l10n to have beetter fetch-on-demand support to ensure that stubs are never returned
Dan
diff
changeset
+ − 101
load_component(['messagebox', 'flyin', 'fadefilter', 'jquery', 'jquery-ui', 'l10n', 'crypto']);
582
+ − 102
436
+ − 103
logindata = {};
+ − 104
+ − 105
var title = ( user_level > USER_LEVEL_MEMBER ) ? $lang.get('user_login_ajax_prompt_title_elev') : $lang.get('user_login_ajax_prompt_title');
550
685e839d934e
Added ability to delete the draft revision; [SECURITY] fixed lack of permission check on draft save; renamed messagebox() constructor to MessageBox() (backward compat. maintained)
Dan
diff
changeset
+ − 106
logindata.mb_object = new MessageBox(MB_OKCANCEL | MB_ICONLOCK, title, '');
436
+ − 107
+ − 108
logindata.mb_object.onclick['Cancel'] = function()
+ − 109
{
+ − 110
// Hide the error message and captcha
+ − 111
if ( document.getElementById('ajax_login_error_box') )
+ − 112
{
+ − 113
document.getElementById('ajax_login_error_box').parentNode.removeChild(document.getElementById('ajax_login_error_box'));
+ − 114
}
+ − 115
if ( document.getElementById('autoCaptcha') )
+ − 116
{
+ − 117
var to = fly_out_top(document.getElementById('autoCaptcha'), false, true);
+ − 118
setTimeout(function() {
+ − 119
var d = document.getElementById('autoCaptcha');
+ − 120
d.parentNode.removeChild(d);
+ − 121
}, to);
+ − 122
}
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 123
// Ask the server to clean our key
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 124
ajaxLoginPerformRequest({
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 125
mode: 'clean_key',
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 126
key_aes: logindata.key_aes,
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 127
key_dh: logindata.key_dh
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 128
});
436
+ − 129
};
+ − 130
+ − 131
logindata.mb_object.onbeforeclick['OK'] = function()
+ − 132
{
+ − 133
ajaxLoginSubmitForm();
+ − 134
return true;
+ − 135
}
+ − 136
+ − 137
// Fetch the inner content area
+ − 138
logindata.mb_inner = document.getElementById('messageBox').getElementsByTagName('div')[0];
+ − 139
+ − 140
// Initialize state
+ − 141
logindata.showing_status = false;
+ − 142
logindata.user_level = user_level;
+ − 143
logindata.successfunc = call_on_finish;
+ − 144
+ − 145
// Build the "loading" window
+ − 146
ajaxLoginSetStatus(AJAX_STATUS_LOADING_KEY);
+ − 147
+ − 148
// Request the key
+ − 149
ajaxLoginPerformRequest({ mode: 'getkey' });
+ − 150
}
+ − 151
+ − 152
/**
532
03429d7b1537
Finally fixed link coloring settings in Oxygen Bleu; added compatibility wrapper for people that "ajaxLogonInit" over "ajaxLoginInit"
Dan
diff
changeset
+ − 153
* For compatibility only.
03429d7b1537
Finally fixed link coloring settings in Oxygen Bleu; added compatibility wrapper for people that "ajaxLogonInit" over "ajaxLoginInit"
Dan
diff
changeset
+ − 154
*/
03429d7b1537
Finally fixed link coloring settings in Oxygen Bleu; added compatibility wrapper for people that "ajaxLogonInit" over "ajaxLoginInit"
Dan
diff
changeset
+ − 155
582
+ − 156
window.ajaxLogonInit = function(call_on_finish, user_level)
532
03429d7b1537
Finally fixed link coloring settings in Oxygen Bleu; added compatibility wrapper for people that "ajaxLogonInit" over "ajaxLoginInit"
Dan
diff
changeset
+ − 157
{
03429d7b1537
Finally fixed link coloring settings in Oxygen Bleu; added compatibility wrapper for people that "ajaxLogonInit" over "ajaxLoginInit"
Dan
diff
changeset
+ − 158
return ajaxLoginInit(call_on_finish, user_level);
03429d7b1537
Finally fixed link coloring settings in Oxygen Bleu; added compatibility wrapper for people that "ajaxLogonInit" over "ajaxLoginInit"
Dan
diff
changeset
+ − 159
}
03429d7b1537
Finally fixed link coloring settings in Oxygen Bleu; added compatibility wrapper for people that "ajaxLogonInit" over "ajaxLoginInit"
Dan
diff
changeset
+ − 160
03429d7b1537
Finally fixed link coloring settings in Oxygen Bleu; added compatibility wrapper for people that "ajaxLogonInit" over "ajaxLoginInit"
Dan
diff
changeset
+ − 161
/**
436
+ − 162
* Sets the contents of the AJAX login window to the appropriate status message.
+ − 163
* @param int One of AJAX_STATUS_*
+ − 164
*/
+ − 165
582
+ − 166
window.ajaxLoginSetStatus = function(status)
436
+ − 167
{
+ − 168
if ( !logindata.mb_inner )
+ − 169
return false;
+ − 170
if ( logindata.showing_status )
+ − 171
{
+ − 172
var div = document.getElementById('ajax_login_status');
+ − 173
if ( div )
+ − 174
logindata.mb_inner.removeChild(div);
+ − 175
}
+ − 176
switch(status)
+ − 177
{
+ − 178
case AJAX_STATUS_LOADING_KEY:
+ − 179
+ − 180
// Create the status div
+ − 181
var div = document.createElement('div');
+ − 182
div.id = 'ajax_login_status';
+ − 183
div.style.marginTop = '10px';
+ − 184
div.style.textAlign = 'center';
+ − 185
+ − 186
// The circly ball ajaxy image + status message
+ − 187
var status_msg = $lang.get('user_login_ajax_fetching_key');
+ − 188
+ − 189
// Insert the status message
+ − 190
div.appendChild(document.createTextNode(status_msg));
+ − 191
+ − 192
// Append a br or two to space things properly
+ − 193
div.appendChild(document.createElement('br'));
+ − 194
div.appendChild(document.createElement('br'));
+ − 195
+ − 196
var img = document.createElement('img');
+ − 197
img.src = ( ajax_login_loadimg_path ) ? ajax_login_loadimg_path : scriptPath + '/images/loading-big.gif';
+ − 198
div.appendChild(img);
+ − 199
+ − 200
// Another coupla brs
+ − 201
div.appendChild(document.createElement('br'));
+ − 202
div.appendChild(document.createElement('br'));
+ − 203
+ − 204
// The link to the full login form
+ − 205
var small = document.createElement('small');
+ − 206
small.innerHTML = $lang.get('user_login_ajax_link_fullform', { link_full_form: makeUrlNS('Special', 'Login/' + title) });
+ − 207
div.appendChild(small);
+ − 208
+ − 209
// Insert the entire message into the login window
+ − 210
logindata.mb_inner.innerHTML = '';
+ − 211
logindata.mb_inner.appendChild(div);
+ − 212
+ − 213
break;
+ − 214
case AJAX_STATUS_GENERATING_KEY:
+ − 215
+ − 216
// Create the status div
+ − 217
var div = document.createElement('div');
+ − 218
div.id = 'ajax_login_status';
+ − 219
div.style.marginTop = '10px';
+ − 220
div.style.textAlign = 'center';
+ − 221
+ − 222
// The circly ball ajaxy image + status message
+ − 223
var status_msg = $lang.get('user_login_ajax_generating_key');
+ − 224
+ − 225
// Insert the status message
+ − 226
div.appendChild(document.createTextNode(status_msg));
+ − 227
+ − 228
// Append a br or two to space things properly
+ − 229
div.appendChild(document.createElement('br'));
+ − 230
div.appendChild(document.createElement('br'));
+ − 231
+ − 232
var img = document.createElement('img');
+ − 233
img.src = ( ajax_login_loadimg_path ) ? ajax_login_loadimg_path : scriptPath + '/images/loading-big.gif';
+ − 234
div.appendChild(img);
+ − 235
+ − 236
// Another coupla brs
+ − 237
div.appendChild(document.createElement('br'));
+ − 238
div.appendChild(document.createElement('br'));
+ − 239
+ − 240
// The link to the full login form
+ − 241
var small = document.createElement('small');
+ − 242
small.innerHTML = $lang.get('user_login_ajax_link_fullform_dh', { link_full_form: makeUrlNS('Special', 'Login/' + title) });
+ − 243
div.appendChild(small);
+ − 244
+ − 245
// Insert the entire message into the login window
+ − 246
logindata.mb_inner.innerHTML = '';
+ − 247
logindata.mb_inner.appendChild(div);
+ − 248
+ − 249
break;
+ − 250
case AJAX_STATUS_LOGGING_IN:
+ − 251
+ − 252
// Create the status div
+ − 253
var div = document.createElement('div');
+ − 254
div.id = 'ajax_login_status';
+ − 255
div.style.marginTop = '10px';
+ − 256
div.style.textAlign = 'center';
+ − 257
+ − 258
// The circly ball ajaxy image + status message
+ − 259
var status_msg = $lang.get('user_login_ajax_loggingin');
+ − 260
+ − 261
// Insert the status message
+ − 262
div.appendChild(document.createTextNode(status_msg));
+ − 263
+ − 264
// Append a br or two to space things properly
+ − 265
div.appendChild(document.createElement('br'));
+ − 266
div.appendChild(document.createElement('br'));
+ − 267
+ − 268
var img = document.createElement('img');
+ − 269
img.src = ( ajax_login_loadimg_path ) ? ajax_login_loadimg_path : scriptPath + '/images/loading-big.gif';
+ − 270
div.appendChild(img);
+ − 271
+ − 272
// Insert the entire message into the login window
+ − 273
logindata.mb_inner.innerHTML = '';
+ − 274
logindata.mb_inner.appendChild(div);
+ − 275
+ − 276
break;
+ − 277
case AJAX_STATUS_SUCCESS:
+ − 278
+ − 279
// Create the status div
+ − 280
var div = document.createElement('div');
+ − 281
div.id = 'ajax_login_status';
+ − 282
div.style.marginTop = '10px';
+ − 283
div.style.textAlign = 'center';
+ − 284
+ − 285
// The circly ball ajaxy image + status message
+ − 286
var status_msg = $lang.get('user_login_success_short');
+ − 287
+ − 288
// Insert the status message
+ − 289
div.appendChild(document.createTextNode(status_msg));
+ − 290
+ − 291
// Append a br or two to space things properly
+ − 292
div.appendChild(document.createElement('br'));
+ − 293
div.appendChild(document.createElement('br'));
+ − 294
+ − 295
var img = document.createElement('img');
+ − 296
img.src = ( ajax_login_successimg_path ) ? ajax_login_successimg_path : scriptPath + '/images/check.png';
+ − 297
div.appendChild(img);
+ − 298
+ − 299
// Insert the entire message into the login window
+ − 300
logindata.mb_inner.innerHTML = '';
+ − 301
logindata.mb_inner.appendChild(div);
+ − 302
718
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 303
break;
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 304
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 305
case AJAX_STATUS_ERROR:
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 306
// Create the status div
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 307
var div = document.createElement('div');
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 308
div.id = 'ajax_login_status';
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 309
div.style.marginTop = '10px';
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 310
div.style.textAlign = 'center';
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 311
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 312
// The circly ball ajaxy image + status message
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 313
var status_msg = $lang.get('user_login_ajax_err_crypto');
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 314
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 315
// Insert the status message
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 316
div.appendChild(document.createTextNode(status_msg));
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 317
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 318
// Append a br or two to space things properly
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 319
div.appendChild(document.createElement('br'));
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 320
div.appendChild(document.createElement('br'));
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 321
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 322
var img = document.createElement('img');
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 323
img.src = ( ajax_login_successimg_path ) ? ajax_login_successimg_path : scriptPath + '/images/checkbad.png';
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 324
div.appendChild(img);
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 325
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 326
// Append a br or two to space things properly
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 327
div.appendChild(document.createElement('br'));
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 328
div.appendChild(document.createElement('br'));
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 329
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 330
// The circly ball ajaxy image + status message
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 331
var detail_msg = $lang.get('user_login_ajax_err_crypto_details');
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 332
var full_link = $lang.get('user_login_ajax_err_crypto_link');
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 333
var link = document.createElement('a');
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 334
link.href = makeUrlNS('Special', 'Login/' + title);
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 335
link.appendChild(document.createTextNode(full_link));
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 336
var span = document.createElement('span');
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 337
span.style.fontSize = 'smaller';
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 338
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 339
// Insert the message
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 340
span.appendChild(document.createTextNode(detail_msg + ' '));
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 341
span.appendChild(link);
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 342
div.appendChild(span);
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 343
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 344
// Insert the entire message into the login window
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 345
logindata.mb_inner.innerHTML = '';
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 346
logindata.mb_inner.appendChild(div);
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 347
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 348
break;
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 349
843
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 350
default:
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 351
eval(setHook('login_set_status'));
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 352
break;
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 353
436
+ − 354
case AJAX_STATUS_DESTROY:
+ − 355
case null:
+ − 356
case undefined:
+ − 357
logindata.showing_status = false;
+ − 358
return null;
+ − 359
break;
+ − 360
}
+ − 361
logindata.showing_status = true;
+ − 362
}
+ − 363
+ − 364
/**
+ − 365
* Performs an AJAX logon request to the server and calls ajaxLoginProcessResponse() on the result.
+ − 366
* @param object JSON packet to send
+ − 367
*/
+ − 368
582
+ − 369
window.ajaxLoginPerformRequest = function(json)
436
+ − 370
{
+ − 371
json = toJSONString(json);
+ − 372
json = ajaxEscape(json);
824
28d9fbcd4f0d
Login: reauth: window.location.hash is now updated to include the new SID so that page reloads will use it
Dan
diff
changeset
+ − 373
ajaxPost(makeUrlNS('Special', 'Login/action.json'), 'r=' + json, function(ajax)
436
+ − 374
{
+ − 375
if ( ajax.readyState == 4 && ajax.status == 200 )
+ − 376
{
+ − 377
// parse response
+ − 378
var response = String(ajax.responseText + '');
651
ce9d78d7251d
Improved JSON validation and error interface when validation fails; made rank manager support custom CSS
Dan
diff
changeset
+ − 379
if ( !check_json_response(response) )
436
+ − 380
{
+ − 381
handle_invalid_json(response);
+ − 382
return false;
+ − 383
}
+ − 384
response = parseJSON(response);
+ − 385
ajaxLoginProcessResponse(response);
+ − 386
}
+ − 387
}, true);
+ − 388
}
+ − 389
+ − 390
/**
+ − 391
* Processes a response from the login server
+ − 392
* @param object JSON response
+ − 393
*/
+ − 394
582
+ − 395
window.ajaxLoginProcessResponse = function(response)
436
+ − 396
{
+ − 397
// Did the server send a plaintext error?
+ − 398
if ( response.mode == 'error' )
+ − 399
{
811
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 400
if ( logindata.mb_object )
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 401
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 402
logindata.mb_object.destroy();
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 403
var error_msg = $lang.get('user_' + ( response.error.toLowerCase() ));
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 404
new MessageBox(MB_ICONSTOP | MB_OK, $lang.get('user_err_login_generic_title'), error_msg);
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 405
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 406
else
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 407
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 408
alert(response.error);
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 409
}
436
+ − 410
return false;
+ − 411
}
+ − 412
// Main mode switch
+ − 413
switch ( response.mode )
+ − 414
{
+ − 415
case 'build_box':
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 416
// Rid ourselves of any loading windows
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 417
ajaxLoginSetStatus(AJAX_STATUS_DESTROY);
436
+ − 418
// The server wants us to build the login form, all the information is there
+ − 419
ajaxLoginBuildForm(response);
+ − 420
break;
+ − 421
case 'login_success':
+ − 422
ajaxLoginSetStatus(AJAX_STATUS_SUCCESS);
+ − 423
logindata.successfunc(response.key);
+ − 424
break;
+ − 425
case 'login_failure':
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 426
// Rid ourselves of any loading windows
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 427
ajaxLoginSetStatus(AJAX_STATUS_DESTROY);
436
+ − 428
document.getElementById('messageBox').style.backgroundColor = '#C0C0C0';
+ − 429
var mb_parent = document.getElementById('messageBox').parentNode;
728
+ − 430
$(mb_parent).effect("shake", {}, 200);
436
+ − 431
setTimeout(function()
+ − 432
{
+ − 433
document.getElementById('messageBox').style.backgroundColor = '#FFF';
+ − 434
ajaxLoginBuildForm(response.respawn_info);
+ − 435
ajaxLoginShowFriendlyError(response);
+ − 436
}, 2500);
+ − 437
break;
472
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 438
case 'login_success_reset':
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 439
var conf = confirm($lang.get('user_login_ajax_msg_used_temp_pass'));
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 440
if ( conf )
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 441
{
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 442
var url = makeUrlNS('Special', 'PasswordReset/stage2/' + response.user_id + '/' + response.temp_password);
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 443
window.location = url;
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 444
}
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 445
else
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 446
{
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 447
// treat as a failure
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 448
ajaxLoginSetStatus(AJAX_STATUS_DESTROY);
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 449
document.getElementById('messageBox').style.backgroundColor = '#C0C0C0';
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 450
var mb_parent = document.getElementById('messageBox').parentNode;
699
c7d737202d59
Removed Adobe Spry and replaced with jQuery. Please report any new bugs on the forums or via IRC. In a related note, auto-completion should work now at least for usernames. Still hacking away at page name completion...
Dan
diff
changeset
+ − 451
$(mb_parent).effect("shake", {}, 1500);
472
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 452
setTimeout(function()
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 453
{
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 454
document.getElementById('messageBox').style.backgroundColor = '#FFF';
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 455
ajaxLoginBuildForm(response.respawn_info);
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 456
// don't show an error here, just silently respawn
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 457
}, 2500);
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 458
}
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 459
break;
811
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 460
case 'logout_success':
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 461
if ( ENANO_SID )
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 462
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 463
ajaxLoginReplaceSIDInline(false, ENANO_SID, USER_LEVEL_MEMBER);
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 464
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 465
break;
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 466
case 'noop':
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 467
break;
436
+ − 468
}
+ − 469
}
+ − 470
+ − 471
/*
+ − 472
* RESPONSE HANDLERS
+ − 473
*/
+ − 474
+ − 475
/**
+ − 476
* Builds the login form.
+ − 477
* @param object Metadata to build off of
+ − 478
*/
+ − 479
582
+ − 480
window.ajaxLoginBuildForm = function(data)
436
+ − 481
{
+ − 482
// let's hope this effectively preloads the image...
+ − 483
var _ = document.createElement('img');
+ − 484
_.src = ( ajax_login_successimg_path ) ? ajax_login_successimg_path : scriptPath + '/images/check.png';
+ − 485
+ − 486
var div = document.createElement('div');
+ − 487
div.id = 'ajax_login_form';
+ − 488
+ − 489
var show_captcha = ( data.locked_out && data.lockout_info.lockout_policy == 'captcha' ) ? data.lockout_info.captcha : false;
+ − 490
+ − 491
// text displayed on re-auth
+ − 492
if ( logindata.user_level > USER_LEVEL_MEMBER )
+ − 493
{
+ − 494
div.innerHTML += $lang.get('user_login_ajax_prompt_body_elev') + '<br /><br />';
+ − 495
}
+ − 496
+ − 497
// Create the form
+ − 498
var form = document.createElement('form');
+ − 499
form.action = 'javascript:void(ajaxLoginSubmitForm());';
+ − 500
form.onsubmit = function()
+ − 501
{
+ − 502
ajaxLoginSubmitForm();
+ − 503
return false;
+ − 504
}
460
+ − 505
if ( IE )
+ − 506
{
+ − 507
form.style.marginTop = '-20px';
+ − 508
}
436
+ − 509
+ − 510
// Using tables to wrap form elements because it results in a
+ − 511
// more visually appealing form. Yes, tables suck. I don't really
+ − 512
// care - they make forms look good.
+ − 513
+ − 514
var table = document.createElement('table');
+ − 515
table.style.margin = '0 auto';
+ − 516
+ − 517
// Field - username
+ − 518
var tr1 = document.createElement('tr');
+ − 519
var td1_1 = document.createElement('td');
+ − 520
td1_1.appendChild(document.createTextNode($lang.get('user_login_field_username') + ':'));
+ − 521
tr1.appendChild(td1_1);
+ − 522
var td1_2 = document.createElement('td');
+ − 523
var f_username = document.createElement('input');
+ − 524
f_username.id = 'ajax_login_field_username';
+ − 525
f_username.name = 'ajax_login_field_username';
+ − 526
f_username.type = 'text';
+ − 527
f_username.size = '25';
+ − 528
if ( data.username )
+ − 529
f_username.value = data.username;
+ − 530
td1_2.appendChild(f_username);
+ − 531
tr1.appendChild(td1_2);
+ − 532
table.appendChild(tr1);
+ − 533
+ − 534
// Field - password
+ − 535
var tr2 = document.createElement('tr');
+ − 536
var td2_1 = document.createElement('td');
+ − 537
td2_1.appendChild(document.createTextNode($lang.get('user_login_field_password') + ':'));
+ − 538
tr2.appendChild(td2_1);
+ − 539
var td2_2 = document.createElement('td');
+ − 540
var f_password = document.createElement('input');
+ − 541
f_password.id = 'ajax_login_field_password';
+ − 542
f_password.name = 'ajax_login_field_username';
+ − 543
f_password.type = 'password';
+ − 544
f_password.size = '25';
+ − 545
if ( !show_captcha )
+ − 546
{
+ − 547
f_password.onkeyup = function(e)
+ − 548
{
461
+ − 549
if ( !e )
436
+ − 550
e = window.event;
461
+ − 551
if ( !e && IE )
436
+ − 552
return true;
+ − 553
if ( e.keyCode == 13 )
+ − 554
{
+ − 555
ajaxLoginSubmitForm();
+ − 556
}
+ − 557
}
+ − 558
}
+ − 559
td2_2.appendChild(f_password);
+ − 560
tr2.appendChild(td2_2);
+ − 561
table.appendChild(tr2);
+ − 562
843
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 563
eval(setHook('login_build_form'));
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 564
436
+ − 565
// Field - captcha
+ − 566
if ( show_captcha )
+ − 567
{
+ − 568
var tr3 = document.createElement('tr');
+ − 569
var td3_1 = document.createElement('td');
+ − 570
td3_1.appendChild(document.createTextNode($lang.get('user_login_field_captcha') + ':'));
+ − 571
tr3.appendChild(td3_1);
+ − 572
var td3_2 = document.createElement('td');
+ − 573
var f_captcha = document.createElement('input');
+ − 574
f_captcha.id = 'ajax_login_field_captcha';
+ − 575
f_captcha.name = 'ajax_login_field_username';
+ − 576
f_captcha.type = 'text';
+ − 577
f_captcha.size = '25';
+ − 578
f_captcha.onkeyup = function(e)
+ − 579
{
+ − 580
if ( !e )
+ − 581
e = window.event;
+ − 582
if ( !e.keyCode )
+ − 583
return true;
+ − 584
if ( e.keyCode == 13 )
+ − 585
{
+ − 586
ajaxLoginSubmitForm();
+ − 587
}
+ − 588
}
+ − 589
td3_2.appendChild(f_captcha);
+ − 590
tr3.appendChild(td3_2);
+ − 591
table.appendChild(tr3);
+ − 592
}
+ − 593
+ − 594
// Done building the main part of the form
+ − 595
form.appendChild(table);
+ − 596
688
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 597
// Field: remember login
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 598
if ( logindata.user_level <= USER_LEVEL_MEMBER )
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 599
{
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 600
var lbl_remember = document.createElement('label');
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 601
lbl_remember.style.fontSize = 'smaller';
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 602
lbl_remember.style.display = 'block';
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 603
lbl_remember.style.textAlign = 'center';
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 604
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 605
// figure out what text to put in the "remember me" checkbox
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 606
// infinite session length?
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 607
if ( data.extended_time == 0 )
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 608
{
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 609
// yes, infinite
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 610
var txt_remember = $lang.get('user_login_ajax_check_remember_infinite');
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 611
}
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 612
else
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 613
{
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 614
if ( data.extended_time % 7 == 0 )
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 615
{
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 616
// number of days is a multiple of 7
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 617
// use weeks as our unit
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 618
var sess_time = data.extended_time / 7;
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 619
var unit = 'week';
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 620
}
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 621
else
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 622
{
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 623
// use days as our unit
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 624
var sess_time = data.extended_time;
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 625
var unit = 'day';
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 626
}
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 627
// more than one week or day?
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 628
if ( sess_time != 1 )
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 629
unit += 's';
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 630
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 631
// assemble the string
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 632
var txt_remember = $lang.get('user_login_ajax_check_remember', {
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 633
session_length: sess_time,
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 634
length_units: $lang.get('etc_unit_' + unit)
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 635
});
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 636
}
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 637
var check_remember = document.createElement('input');
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 638
check_remember.type = 'checkbox';
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 639
// this onclick attribute changes the cookie whenever the checkbox or label is clicked
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 640
check_remember.setAttribute('onclick', 'var ck = ( this.checked ) ? "enable" : "disable"; createCookie("login_remember", ck, 3650);');
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 641
if ( readCookie('login_remember') != 'disable' )
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 642
check_remember.setAttribute('checked', 'checked');
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 643
check_remember.id = 'ajax_login_field_remember';
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 644
lbl_remember.appendChild(check_remember);
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 645
lbl_remember.innerHTML += ' ' + txt_remember;
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 646
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 647
form.appendChild(lbl_remember);
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 648
}
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 649
436
+ − 650
// Field: enable Diffie Hellman
509
175df10e0b56
Added a copy of Firebug Lite for debugging purposes. License is uncertain but being treated as MPL. (If is is not MPL then it is under something more permissive that permits relicensing anyway)
Dan
diff
changeset
+ − 651
if ( IE || is_iPhone )
460
+ − 652
{
+ − 653
var lbl_dh = document.createElement('span');
+ − 654
lbl_dh.style.fontSize = 'smaller';
+ − 655
lbl_dh.style.display = 'block';
+ − 656
lbl_dh.style.textAlign = 'center';
+ − 657
lbl_dh.innerHTML = $lang.get('user_login_ajax_check_dh_ie');
+ − 658
form.appendChild(lbl_dh);
+ − 659
}
718
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 660
else if ( !data.allow_diffiehellman )
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 661
{
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 662
// create hidden control - server requested that DiffieHellman be disabled (usually means not supported)
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 663
var check_dh = document.createElement('input');
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 664
check_dh.type = 'hidden';
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 665
check_dh.id = 'ajax_login_field_dh';
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 666
form.appendChild(check_dh);
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 667
}
460
+ − 668
else
+ − 669
{
+ − 670
var lbl_dh = document.createElement('label');
+ − 671
lbl_dh.style.fontSize = 'smaller';
+ − 672
lbl_dh.style.display = 'block';
+ − 673
lbl_dh.style.textAlign = 'center';
+ − 674
var check_dh = document.createElement('input');
+ − 675
check_dh.type = 'checkbox';
+ − 676
// this onclick attribute changes the cookie whenever the checkbox or label is clicked
+ − 677
check_dh.setAttribute('onclick', 'var ck = ( this.checked ) ? "enable" : "disable"; createCookie("diffiehellman_login", ck, 3650);');
+ − 678
if ( readCookie('diffiehellman_login') != 'disable' )
+ − 679
check_dh.setAttribute('checked', 'checked');
+ − 680
check_dh.id = 'ajax_login_field_dh';
+ − 681
lbl_dh.appendChild(check_dh);
694
43367c66d869
Couple of fixes (hacks) for Opera and the aftermath of that z-index change to darken() and enlighten() fadefilters; added ajaxOpenDirectACLRule() to placeholder list
Dan
diff
changeset
+ − 682
lbl_dh.innerHTML += ' ' + $lang.get('user_login_ajax_check_dh');
460
+ − 683
form.appendChild(lbl_dh);
+ − 684
}
436
+ − 685
460
+ − 686
if ( IE )
+ − 687
{
+ − 688
div.innerHTML += form.outerHTML;
+ − 689
}
+ − 690
else
+ − 691
{
+ − 692
div.appendChild(form);
+ − 693
}
436
+ − 694
+ − 695
// Diagnostic / help links
+ − 696
// (only displayed in login, not in re-auth)
+ − 697
if ( logindata.user_level == USER_LEVEL_MEMBER )
+ − 698
{
+ − 699
form.style.marginBottom = '10px';
+ − 700
var links = document.createElement('small');
+ − 701
links.style.display = 'block';
+ − 702
links.style.textAlign = 'center';
+ − 703
links.innerHTML = '';
+ − 704
if ( !show_captcha )
+ − 705
links.innerHTML += $lang.get('user_login_ajax_link_fullform', { link_full_form: makeUrlNS('Special', 'Login/' + title) }) + '<br />';
+ − 706
// Always shown
+ − 707
links.innerHTML += $lang.get('user_login_ajax_link_forgotpass', { forgotpass_link: makeUrlNS('Special', 'PasswordReset') }) + '<br />';
+ − 708
if ( !show_captcha )
+ − 709
links.innerHTML += $lang.get('user_login_createaccount_blurb', { reg_link: makeUrlNS('Special', 'Register') });
+ − 710
div.appendChild(links);
+ − 711
}
+ − 712
+ − 713
// Insert the entire form into the login window
+ − 714
logindata.mb_inner.innerHTML = '';
+ − 715
logindata.mb_inner.appendChild(div);
+ − 716
+ − 717
// Post operations: field focus
816
+ − 718
setTimeout(
+ − 719
function()
+ − 720
{
+ − 721
if ( logindata.loggedin_username )
+ − 722
document.getElementById('ajax_login_field_password').focus();
+ − 723
else
+ − 724
document.getElementById('ajax_login_field_username').focus();
+ − 725
}, 750);
436
+ − 726
+ − 727
// Post operations: show captcha window
+ − 728
if ( show_captcha )
+ − 729
ajaxShowCaptcha(show_captcha);
+ − 730
+ − 731
// Post operations: stash encryption keys and All That Jazz(TM)
+ − 732
logindata.key_aes = data.aes_key;
+ − 733
logindata.key_dh = data.dh_public_key;
+ − 734
logindata.captcha_hash = show_captcha;
460
+ − 735
logindata.loggedin_username = data.username
436
+ − 736
+ − 737
// Are we locked out? If so simulate an error and disable the controls
+ − 738
if ( data.lockout_info.lockout_policy == 'lockout' && data.locked_out )
+ − 739
{
+ − 740
f_username.setAttribute('disabled', 'disabled');
+ − 741
f_password.setAttribute('disabled', 'disabled');
+ − 742
var fake_packet = {
+ − 743
error_code: 'locked_out',
+ − 744
respawn_info: data
+ − 745
};
+ − 746
ajaxLoginShowFriendlyError(fake_packet);
+ − 747
}
+ − 748
}
+ − 749
688
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 750
window.ajaxLoginSubmitForm = function(real, username, password, captcha, remember)
436
+ − 751
{
+ − 752
// Perform AES test to make sure it's all working
+ − 753
if ( !aes_self_test() )
+ − 754
{
+ − 755
alert('BUG: AES self-test failed');
+ − 756
login_cache.mb_object.destroy();
+ − 757
return false;
+ − 758
}
+ − 759
// Hide the error message and captcha
+ − 760
if ( document.getElementById('ajax_login_error_box') )
+ − 761
{
+ − 762
document.getElementById('ajax_login_error_box').parentNode.removeChild(document.getElementById('ajax_login_error_box'));
+ − 763
}
+ − 764
if ( document.getElementById('autoCaptcha') )
+ − 765
{
+ − 766
var to = fly_out_top(document.getElementById('autoCaptcha'), false, true);
+ − 767
setTimeout(function() {
+ − 768
var d = document.getElementById('autoCaptcha');
+ − 769
d.parentNode.removeChild(d);
+ − 770
}, to);
+ − 771
}
688
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 772
// "Remember session" switch
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 773
if ( typeof(remember) == 'boolean' )
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 774
{
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 775
var remember_session = remember;
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 776
}
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 777
else
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 778
{
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 779
if ( document.getElementById('ajax_login_field_remember') )
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 780
{
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 781
var remember_session = ( document.getElementById('ajax_login_field_remember').checked ) ? true : false;
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 782
}
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 783
else
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 784
{
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 785
var remember_session = false;
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 786
}
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 787
}
436
+ − 788
// Encryption: preprocessor
+ − 789
if ( real )
+ − 790
{
+ − 791
var do_dh = true;
+ − 792
}
+ − 793
else if ( document.getElementById('ajax_login_field_dh') )
+ − 794
{
+ − 795
var do_dh = document.getElementById('ajax_login_field_dh').checked;
+ − 796
}
+ − 797
else
+ − 798
{
509
175df10e0b56
Added a copy of Firebug Lite for debugging purposes. License is uncertain but being treated as MPL. (If is is not MPL then it is under something more permissive that permits relicensing anyway)
Dan
diff
changeset
+ − 799
if ( IE || is_iPhone )
460
+ − 800
{
509
175df10e0b56
Added a copy of Firebug Lite for debugging purposes. License is uncertain but being treated as MPL. (If is is not MPL then it is under something more permissive that permits relicensing anyway)
Dan
diff
changeset
+ − 801
// IE/MobileSafari doesn't have this control, continue silently IF the rest
460
+ − 802
// of the login form is there
+ − 803
if ( !document.getElementById('ajax_login_field_username') )
+ − 804
{
+ − 805
return false;
+ − 806
}
+ − 807
}
+ − 808
else
+ − 809
{
+ − 810
// The user probably clicked ok when the form wasn't in there.
+ − 811
return false;
+ − 812
}
436
+ − 813
}
718
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 814
843
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 815
if ( typeof(username) != 'string' )
436
+ − 816
{
+ − 817
var username = document.getElementById('ajax_login_field_username').value;
+ − 818
}
843
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 819
if ( typeof(password) != 'string' )
436
+ − 820
{
+ − 821
var password = document.getElementById('ajax_login_field_password').value;
+ − 822
}
+ − 823
if ( !captcha && document.getElementById('ajax_login_field_captcha') )
+ − 824
{
+ − 825
var captcha = document.getElementById('ajax_login_field_captcha').value;
+ − 826
}
+ − 827
718
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 828
try
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 829
{
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 830
436
+ − 831
if ( do_dh )
+ − 832
{
+ − 833
ajaxLoginSetStatus(AJAX_STATUS_GENERATING_KEY);
+ − 834
if ( !real )
+ − 835
{
+ − 836
// Wait while the browser updates the login window
+ − 837
setTimeout(function()
+ − 838
{
688
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 839
ajaxLoginSubmitForm(true, username, password, captcha, remember_session);
436
+ − 840
}, 200);
+ − 841
return true;
+ − 842
}
+ − 843
// Perform Diffie Hellman stuff
+ − 844
var dh_priv = dh_gen_private();
+ − 845
var dh_pub = dh_gen_public(dh_priv);
+ − 846
var secret = dh_gen_shared_secret(dh_priv, logindata.key_dh);
+ − 847
// secret_hash is used to verify that the server guesses the correct secret
+ − 848
var secret_hash = hex_sha1(secret);
+ − 849
// crypt_key is the actual AES key
+ − 850
var crypt_key = (hex_sha256(secret)).substr(0, (keySizeInBits / 4));
+ − 851
}
+ − 852
else
+ − 853
{
+ − 854
var crypt_key = logindata.key_aes;
+ − 855
}
+ − 856
+ − 857
ajaxLoginSetStatus(AJAX_STATUS_LOGGING_IN);
+ − 858
+ − 859
// Encrypt the password and username
843
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 860
var userinfo = {
436
+ − 861
username: username,
+ − 862
password: password
843
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 863
};
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 864
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 865
eval(setHook('login_build_userinfo'));
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 866
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 867
userinfo = toJSONString(userinfo);
436
+ − 868
var crypt_key_ba = hexToByteArray(crypt_key);
+ − 869
userinfo = stringToByteArray(userinfo);
+ − 870
+ − 871
userinfo = rijndaelEncrypt(userinfo, crypt_key_ba, 'ECB');
+ − 872
userinfo = byteArrayToHex(userinfo);
+ − 873
// Encrypted username and password (serialized with JSON) are now in the userinfo string
+ − 874
+ − 875
// Collect other needed information
+ − 876
if ( logindata.captcha_hash )
+ − 877
{
+ − 878
var captcha_hash = logindata.captcha_hash;
+ − 879
var captcha_code = captcha;
+ − 880
}
+ − 881
else
+ − 882
{
+ − 883
var captcha_hash = false;
+ − 884
var captcha_code = false;
+ − 885
}
+ − 886
+ − 887
// Ship it across the 'net
+ − 888
if ( do_dh )
+ − 889
{
+ − 890
var json_packet = {
+ − 891
mode: 'login_dh',
+ − 892
userinfo: userinfo,
+ − 893
captcha_code: captcha_code,
+ − 894
captcha_hash: captcha_hash,
+ − 895
dh_public_key: logindata.key_dh,
+ − 896
dh_client_key: dh_pub,
+ − 897
dh_secret_hash: secret_hash,
688
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 898
level: logindata.user_level,
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 899
remember: remember_session
436
+ − 900
}
+ − 901
}
+ − 902
else
+ − 903
{
+ − 904
var json_packet = {
+ − 905
mode: 'login_aes',
+ − 906
userinfo: userinfo,
+ − 907
captcha_code: captcha_code,
+ − 908
captcha_hash: captcha_hash,
+ − 909
key_aes: hex_md5(crypt_key),
688
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 910
level: logindata.user_level,
f2a824ce5f18
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
diff
changeset
+ − 911
remember: remember_session
436
+ − 912
}
+ − 913
}
718
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 914
}
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 915
catch(e)
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 916
{
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 917
ajaxLoginSetStatus(AJAX_STATUS_ERROR);
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 918
console.error('Exception caught in login process; backtrace follows');
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 919
console.debug(e);
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 920
return false;
12485b1d41fd
Fixed issue where login box was not obeying server orders to disable DiffieHellman. Increased quality of error handling for JS errors during login process.
Dan
diff
changeset
+ − 921
}
436
+ − 922
ajaxLoginPerformRequest(json_packet);
+ − 923
}
+ − 924
582
+ − 925
window.ajaxLoginShowFriendlyError = function(response)
436
+ − 926
{
+ − 927
if ( !response.respawn_info )
+ − 928
return false;
+ − 929
if ( !response.error_code )
+ − 930
return false;
+ − 931
var text = ajaxLoginGetErrorText(response);
+ − 932
if ( document.getElementById('ajax_login_error_box') )
+ − 933
{
+ − 934
// console.info('Reusing existing error-box');
+ − 935
document.getElementById('ajax_login_error_box').innerHTML = text;
+ − 936
return true;
+ − 937
}
+ − 938
+ − 939
// console.info('Drawing new error-box');
+ − 940
+ − 941
// calculate position for the top of the box
699
c7d737202d59
Removed Adobe Spry and replaced with jQuery. Please report any new bugs on the forums or via IRC. In a related note, auto-completion should work now at least for usernames. Still hacking away at page name completion...
Dan
diff
changeset
+ − 942
var mb_bottom = $dynano('messageBoxButtons').Top() + $dynano('messageBoxButtons').Height();
436
+ − 943
// if the box isn't done flying in yet, just estimate
+ − 944
if ( mb_bottom < ( getHeight() / 2 ) )
+ − 945
{
+ − 946
mb_bottom = ( getHeight() / 2 ) + 120;
+ − 947
}
+ − 948
var win_bottom = getHeight() + getScrollOffset();
+ − 949
var top = mb_bottom + ( ( win_bottom - mb_bottom ) / 2 ) - 32;
+ − 950
// left position = 0.2 * window_width, seeing as the box is 60% width this works hackishly but nice and quick
+ − 951
var left = getWidth() * 0.2;
+ − 952
+ − 953
// create the div
+ − 954
var errbox = document.createElement('div');
+ − 955
errbox.className = 'error-box-mini';
+ − 956
errbox.style.position = 'absolute';
+ − 957
errbox.style.width = '60%';
+ − 958
errbox.style.top = top + 'px';
+ − 959
errbox.style.left = left + 'px';
694
43367c66d869
Couple of fixes (hacks) for Opera and the aftermath of that z-index change to darken() and enlighten() fadefilters; added ajaxOpenDirectACLRule() to placeholder list
Dan
diff
changeset
+ − 960
errbox.style.zIndex = getHighestZ();
436
+ − 961
errbox.innerHTML = text;
+ − 962
errbox.id = 'ajax_login_error_box';
+ − 963
+ − 964
var body = document.getElementsByTagName('body')[0];
+ − 965
body.appendChild(errbox);
+ − 966
}
+ − 967
582
+ − 968
window.ajaxLoginGetErrorText = function(response)
436
+ − 969
{
843
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 970
if ( !response.error_code.match(/^[a-z0-9]+_[a-z0-9_]+$/) )
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 971
{
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 972
return response.error_code;
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 973
}
436
+ − 974
switch ( response.error_code )
+ − 975
{
+ − 976
default:
843
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 977
var ls = $lang.get('user_err_' + response.error_code);
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 978
if ( ls == 'user_err_' + response.error_code )
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 979
ls = $lang.get(response.error_code);
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 980
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 981
return ls;
436
+ − 982
break;
+ − 983
case 'locked_out':
+ − 984
if ( response.respawn_info.lockout_info.lockout_policy == 'lockout' )
+ − 985
{
+ − 986
return $lang.get('user_err_locked_out', {
+ − 987
lockout_threshold: response.respawn_info.lockout_info.lockout_threshold,
+ − 988
lockout_duration: response.respawn_info.lockout_info.lockout_duration,
+ − 989
time_rem: response.respawn_info.lockout_info.time_rem,
+ − 990
plural: ( response.respawn_info.lockout_info.time_rem == 1 ) ? '' : $lang.get('meta_plural'),
+ − 991
captcha_blurb: ''
+ − 992
});
+ − 993
break;
+ − 994
}
+ − 995
case 'invalid_credentials':
+ − 996
var base = $lang.get('user_err_invalid_credentials');
+ − 997
if ( response.respawn_info.locked_out )
+ − 998
{
+ − 999
base += ' ';
+ − 1000
var captcha_blurb = '';
+ − 1001
switch(response.respawn_info.lockout_info.lockout_policy)
+ − 1002
{
+ − 1003
case 'captcha':
+ − 1004
captcha_blurb = $lang.get('user_err_locked_out_captcha_blurb');
+ − 1005
break;
+ − 1006
case 'lockout':
+ − 1007
break;
+ − 1008
default:
+ − 1009
base += 'WTF? Shouldn\'t be locked out with lockout policy set to disable.';
+ − 1010
break;
+ − 1011
}
+ − 1012
base += $lang.get('user_err_locked_out', {
+ − 1013
captcha_blurb: captcha_blurb,
+ − 1014
lockout_threshold: response.respawn_info.lockout_info.lockout_threshold,
+ − 1015
lockout_duration: response.respawn_info.lockout_info.lockout_duration,
+ − 1016
time_rem: response.respawn_info.lockout_info.time_rem,
+ − 1017
plural: ( response.respawn_info.lockout_info.time_rem == 1 ) ? '' : $lang.get('meta_plural')
+ − 1018
});
+ − 1019
}
+ − 1020
else if ( response.respawn_info.lockout_info.lockout_policy == 'lockout' || response.respawn_info.lockout_info.lockout_policy == 'captcha' )
+ − 1021
{
+ − 1022
// if we have a lockout policy of captcha or lockout, then warn the user
+ − 1023
switch ( response.respawn_info.lockout_info.lockout_policy )
+ − 1024
{
+ − 1025
case 'captcha':
843
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 1026
base += $lang.get('user_err_invalid_credentials_lockout_captcha', {
436
+ − 1027
fails: response.respawn_info.lockout_info.lockout_fails,
+ − 1028
lockout_threshold: response.respawn_info.lockout_info.lockout_threshold,
+ − 1029
lockout_duration: response.respawn_info.lockout_info.lockout_duration
+ − 1030
});
+ − 1031
break;
+ − 1032
case 'lockout':
843
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 1033
base += $lang.get('user_err_invalid_credentials_lockout', {
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 1034
fails: response.respawn_info.lockout_info.lockout_fails,
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 1035
lockout_threshold: response.respawn_info.lockout_info.lockout_threshold,
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 1036
lockout_duration: response.respawn_info.lockout_info.lockout_duration
4415e50e4e84
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
diff
changeset
+ − 1037
});
436
+ − 1038
break;
+ − 1039
}
+ − 1040
}
+ − 1041
return base;
+ − 1042
break;
+ − 1043
}
+ − 1044
}
+ − 1045
585
+ − 1046
window.ajaxShowCaptcha = function(code)
+ − 1047
{
+ − 1048
var mydiv = document.createElement('div');
+ − 1049
mydiv.style.backgroundColor = '#FFFFFF';
+ − 1050
mydiv.style.padding = '10px';
+ − 1051
mydiv.style.position = 'absolute';
+ − 1052
mydiv.style.top = '0px';
+ − 1053
mydiv.id = 'autoCaptcha';
+ − 1054
mydiv.style.zIndex = String( getHighestZ() + 1 );
+ − 1055
var img = document.createElement('img');
+ − 1056
img.onload = function()
+ − 1057
{
+ − 1058
if ( this.loaded )
+ − 1059
return true;
+ − 1060
var mydiv = document.getElementById('autoCaptcha');
+ − 1061
var width = getWidth();
+ − 1062
var divw = $dynano(mydiv).Width();
+ − 1063
var left = ( width / 2 ) - ( divw / 2 );
+ − 1064
mydiv.style.left = left + 'px';
+ − 1065
fly_in_top(mydiv, false, true);
+ − 1066
this.loaded = true;
+ − 1067
};
+ − 1068
img.src = makeUrlNS('Special', 'Captcha/' + code);
+ − 1069
img.onclick = function() { this.src = this.src + '/a'; };
+ − 1070
img.style.cursor = 'pointer';
+ − 1071
mydiv.appendChild(img);
+ − 1072
domObjChangeOpac(0, mydiv);
+ − 1073
var body = document.getElementsByTagName('body')[0];
+ − 1074
body.appendChild(mydiv);
+ − 1075
}
+ − 1076
582
+ − 1077
window.ajaxInitLogout = function()
+ − 1078
{
779
609e35845ec3
load_component() now accepts an array, and most JS components are loaded all in one request now. Totally modular baby. And failsafe too.
Dan
diff
changeset
+ − 1079
load_component(['messagebox', 'l10n', 'flyin', 'fadefilter']);
582
+ − 1080
var mb = new MessageBox(MB_YESNO|MB_ICONQUESTION, $lang.get('user_logout_confirm_title'), $lang.get('user_logout_confirm_body'));
+ − 1081
mb.onclick['Yes'] = function()
+ − 1082
{
+ − 1083
window.location = makeUrlNS('Special', 'Logout/' + csrf_token + '/' + title);
+ − 1084
}
+ − 1085
}
+ − 1086
+ − 1087
window.mb_logout = function()
+ − 1088
{
+ − 1089
ajaxInitLogout();
+ − 1090
}
+ − 1091
+ − 1092
window.ajaxStartLogin = function()
+ − 1093
{
+ − 1094
ajaxLogonToMember();
+ − 1095
}
+ − 1096
+ − 1097
window.ajaxStartAdminLogin = function()
+ − 1098
{
+ − 1099
// IE <6 pseudo-compatibility
+ − 1100
if ( KILL_SWITCH )
+ − 1101
return true;
+ − 1102
if ( auth_level < USER_LEVEL_ADMIN )
+ − 1103
{
+ − 1104
ajaxLoginInit(function(k) {
+ − 1105
ENANO_SID = k;
+ − 1106
auth_level = USER_LEVEL_ADMIN;
+ − 1107
var loc = makeUrlNS('Special', 'Administration');
+ − 1108
if ( (ENANO_SID + ' ').length > 1 )
+ − 1109
window.location = loc;
+ − 1110
}, USER_LEVEL_ADMIN);
+ − 1111
return false;
+ − 1112
}
+ − 1113
var loc = makeUrlNS('Special', 'Administration');
+ − 1114
window.location = loc;
+ − 1115
}
+ − 1116
+ − 1117
window.ajaxAdminPage = function()
+ − 1118
{
+ − 1119
// IE <6 pseudo-compatibility
+ − 1120
if ( KILL_SWITCH )
+ − 1121
return true;
+ − 1122
if ( auth_level < USER_LEVEL_ADMIN )
+ − 1123
{
+ − 1124
ajaxPromptAdminAuth(function(k) {
+ − 1125
ENANO_SID = k;
+ − 1126
auth_level = USER_LEVEL_ADMIN;
+ − 1127
var loc = String(window.location + '');
+ − 1128
window.location = append_sid(loc);
+ − 1129
var loc = makeUrlNS('Special', 'Administration', 'module=' + namespace_list['Admin'] + 'PageManager&source=ajax&page_id=' + ajaxEscape(title));
+ − 1130
if ( (ENANO_SID + ' ').length > 1 )
+ − 1131
window.location = loc;
+ − 1132
}, 9);
+ − 1133
return false;
+ − 1134
}
+ − 1135
var loc = makeUrlNS('Special', 'Administration', 'module=' + namespace_list['Admin'] + 'PageManager&source=ajax&page_id=' + ajaxEscape(title));
+ − 1136
window.location = loc;
+ − 1137
}
+ − 1138
+ − 1139
var navto_ns;
+ − 1140
var navto_pg;
+ − 1141
var navto_ul;
+ − 1142
+ − 1143
window.ajaxLoginNavTo = function(namespace, page_id, min_level)
+ − 1144
{
+ − 1145
// IE <6 pseudo-compatibility
+ − 1146
if ( KILL_SWITCH )
+ − 1147
return true;
+ − 1148
navto_pg = page_id;
+ − 1149
navto_ns = namespace;
+ − 1150
navto_ul = min_level;
+ − 1151
if ( auth_level < min_level )
+ − 1152
{
+ − 1153
ajaxPromptAdminAuth(function(k) {
+ − 1154
ENANO_SID = k;
+ − 1155
auth_level = navto_ul;
+ − 1156
var loc = makeUrlNS(navto_ns, navto_pg);
+ − 1157
if ( (ENANO_SID + ' ').length > 1 )
+ − 1158
window.location = loc;
+ − 1159
}, min_level);
+ − 1160
return false;
+ − 1161
}
+ − 1162
var loc = makeUrlNS(navto_ns, navto_pg);
+ − 1163
window.location = loc;
+ − 1164
}
+ − 1165
+ − 1166
window.ajaxAdminUser = function(username)
+ − 1167
{
+ − 1168
// IE <6 pseudo-compatibility
+ − 1169
if ( KILL_SWITCH )
+ − 1170
return true;
+ − 1171
if ( auth_level < USER_LEVEL_ADMIN )
+ − 1172
{
+ − 1173
ajaxPromptAdminAuth(function(k) {
+ − 1174
ENANO_SID = k;
+ − 1175
auth_level = USER_LEVEL_ADMIN;
+ − 1176
var loc = String(window.location + '');
+ − 1177
window.location = append_sid(loc);
+ − 1178
var loc = makeUrlNS('Special', 'Administration', 'module=' + namespace_list['Admin'] + 'UserManager&src=get&user=' + ajaxEscape(username));
+ − 1179
if ( (ENANO_SID + ' ').length > 1 )
+ − 1180
window.location = loc;
+ − 1181
}, 9);
+ − 1182
return false;
+ − 1183
}
+ − 1184
var loc = makeUrlNS('Special', 'Administration', 'module=' + namespace_list['Admin'] + 'UserManager&src=get&user=' + ajaxEscape(username));
+ − 1185
window.location = loc;
+ − 1186
}
793
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 1187
811
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1188
window.ajaxDynamicReauth = function(adminpage, level)
793
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 1189
{
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 1190
var old_sid = ENANO_SID;
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 1191
var targetpage = adminpage;
811
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1192
if ( !level )
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1193
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1194
level = USER_LEVEL_ADMIN;
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1195
}
793
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 1196
ajaxLogonInit(function(k)
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 1197
{
811
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1198
ajaxLoginReplaceSIDInline(k, old_sid, level);
794
720516162012
Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
diff
changeset
+ − 1199
mb_current_obj.destroy();
720516162012
Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
diff
changeset
+ − 1200
console.debug(targetpage);
720516162012
Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
diff
changeset
+ − 1201
if ( typeof(targetpage) == 'string' )
793
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 1202
{
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 1203
ajaxPage(targetpage);
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 1204
}
794
720516162012
Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
diff
changeset
+ − 1205
else if ( typeof(targetpage) == 'function' )
720516162012
Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
diff
changeset
+ − 1206
{
720516162012
Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
diff
changeset
+ − 1207
targetpage();
720516162012
Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
diff
changeset
+ − 1208
}
811
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1209
}, level);
793
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 1210
ajaxLoginShowFriendlyError({
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 1211
error_code: 'admin_session_timed_out',
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 1212
respawn_info: {}
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 1213
});
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 1214
}
794
720516162012
Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
diff
changeset
+ − 1215
720516162012
Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
diff
changeset
+ − 1216
window.ajaxRenewSession = function()
720516162012
Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
diff
changeset
+ − 1217
{
720516162012
Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
diff
changeset
+ − 1218
ajaxDynamicReauth(false);
720516162012
Added support for re-auth on submit to rank manager when session goes bad; still more to come
Dan
diff
changeset
+ − 1219
}
811
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1220
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1221
window.ajaxTrashElevSession = function()
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1222
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1223
load_component(['messagebox', 'fadefilter', 'l10n', 'flyin', 'jquery', 'jquery-ui']);
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1224
miniPromptMessage({
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1225
title: $lang.get('user_logout_confirm_title_elev'),
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1226
message: $lang.get('user_logout_confirm_body_elev'),
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1227
buttons: [
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1228
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1229
text: $lang.get('user_logout_confirm_btn_logout'),
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1230
color: 'red',
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1231
style: {
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1232
fontWeight: 'bold'
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1233
},
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1234
onclick: function()
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1235
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1236
ajaxLoginPerformRequest({
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1237
mode: 'logout',
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1238
level: auth_level,
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1239
csrf_token: csrf_token
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1240
});
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1241
miniPromptDestroy(this);
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1242
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1243
},
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1244
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1245
text: $lang.get('etc_cancel'),
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1246
onclick: function()
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1247
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1248
miniPromptDestroy(this);
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1249
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1250
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1251
]
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1252
});
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1253
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1254
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1255
/**
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1256
* Take an SID and patch all internal links on the page.
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1257
* @param string New key. If false, removes keys from the page.
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1258
* @param string Old key. If false, only appends the new SID (more work as it uses DOM, use when dynamically going up to elevated)
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1259
* @param int New level, not a huge deal but sets auth_level. Try to specify it as some functions depend on it.
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1260
*/
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1261
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1262
window.ajaxLoginReplaceSIDInline = function(key, oldkey, level)
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1263
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1264
var host = String(window.location.hostname);
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1265
var exp = new RegExp('^https?://' + host.replace('.', '\.') + contentPath.replace('.', '\.'), 'g');
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1266
var rexp = new RegExp('^https?://' + host.replace('.', '\.'), 'g');
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1267
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1268
if ( key )
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1269
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1270
if ( oldkey )
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1271
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1272
var body = document.getElementsByTagName('body')[0];
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1273
var replace = new RegExp(oldkey, 'g');
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1274
body.innerHTML = body.innerHTML.replace(replace, key);
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1275
ENANO_SID = key;
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1276
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1277
else
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1278
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1279
// append SID to all internal links
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1280
ENANO_SID = key;
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1281
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1282
var links = document.getElementsByTagName('a');
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1283
for ( var i = 0; i < links.length; i++ )
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1284
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1285
if ( links[i].href.match(exp, links[i]) && links[i].href.indexOf('#') == -1 )
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1286
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1287
var newurl = (String(append_sid(links[i].href))).replace(rexp, '');
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1288
links[i].href = newurl;
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1289
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1290
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1291
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1292
var forms = document.getElementsByTagName('form');
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1293
for ( var i = 0; i < forms.length; i++ )
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1294
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1295
if ( forms[i].method.toLowerCase() == 'post' )
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1296
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1297
if ( forms[i].action.match(exp, links[i]) )
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1298
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1299
var newurl = (String(append_sid(forms[i].action))).replace(rexp, '');
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1300
forms[i].action = newurl;
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1301
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1302
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1303
else
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1304
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1305
if ( !forms[i].auth )
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1306
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1307
var auth = document.createElement('input');
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1308
auth.type = 'hidden';
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1309
auth.name = 'auth';
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1310
auth.value = key;
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1311
forms[i].appendChild(auth);
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1312
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1313
else
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1314
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1315
forms[i].auth.value = key;
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1316
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1317
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1318
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1319
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1320
if ( level )
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1321
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1322
auth_level = level;
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1323
}
824
28d9fbcd4f0d
Login: reauth: window.location.hash is now updated to include the new SID so that page reloads will use it
Dan
diff
changeset
+ − 1324
window.location.hash = '#auth:' + key;
811
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1325
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1326
else
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1327
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1328
auth_level = USER_LEVEL_MEMBER;
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1329
ENANO_SID = false;
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1330
if ( oldkey )
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1331
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1332
var links = document.getElementsByTagName('a');
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1333
for ( var i = 0; i < links.length; i++ )
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1334
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1335
if ( links[i].href.match(exp, links[i]) && links[i].href.indexOf('#') == -1 )
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1336
{
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1337
links[i].href = links[i].href.replace(/\?auth=([a-f0-9]+)(&|#|$)/, '$2').replace(/&auth=([a-f0-9]+)/, '').replace(rexp, '');
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1338
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1339
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1340
}
824
28d9fbcd4f0d
Login: reauth: window.location.hash is now updated to include the new SID so that page reloads will use it
Dan
diff
changeset
+ − 1341
window.location.hash = '#auth:false';
811
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1342
}
5c807fe77020
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan
diff
changeset
+ − 1343
}