|
robert@0
|
1 // js handling the login procedures
|
|
robert@0
|
2
|
|
robert@0
|
3 // constants
|
|
robert@0
|
4 var NORMAL_STATE = 4;
|
|
robert@0
|
5 var LOGIN_PREFIX = 'login.php?';
|
|
robert@0
|
6
|
|
robert@0
|
7 // variables
|
|
robert@0
|
8 var http = getHTTPObject(); // We create the HTTP Object
|
|
robert@0
|
9 var hasSeed = false;
|
|
robert@0
|
10 var loggedIn = false;
|
|
robert@0
|
11 var seed_id = 0;
|
|
robert@0
|
12 var seed = 0;
|
|
robert@0
|
13 var fullname = '';
|
|
robert@0
|
14 var messages = '';
|
|
robert@0
|
15
|
|
robert@0
|
16 // getSeed method: gets a seed from the server for this transaction
|
|
robert@0
|
17 function getSeed()
|
|
robert@0
|
18 { // only get a seed if we're not logged in and we don't already have one
|
|
robert@0
|
19 if (!loggedIn && !hasSeed) {
|
|
robert@0
|
20 // open up the path
|
|
robert@0
|
21 http.open('GET', LOGIN_PREFIX + 'task=getseed', true);
|
|
robert@0
|
22 http.onreadystatechange = handleHttpGetSeed;
|
|
robert@0
|
23 http.send(null);
|
|
robert@0
|
24 }
|
|
robert@0
|
25 }
|
|
robert@0
|
26
|
|
robert@0
|
27 // handleHttpGetSeed method: called when the seed is returned from the server
|
|
robert@0
|
28 function handleHttpGetSeed()
|
|
robert@0
|
29 {
|
|
robert@0
|
30 // if there hasn't been any errors
|
|
robert@0
|
31 if (http.readyState == NORMAL_STATE) {
|
|
robert@0
|
32 // split by the divider |
|
|
robert@0
|
33 results = http.responseText.split('|');
|
|
robert@0
|
34
|
|
robert@0
|
35 // id is the first element
|
|
robert@0
|
36 seed_id = results[0];
|
|
robert@0
|
37
|
|
robert@0
|
38 // seed is the second element
|
|
robert@0
|
39 seed = results[1];
|
|
robert@0
|
40
|
|
robert@0
|
41 // now we have the seed
|
|
robert@0
|
42 hasSeed = true;
|
|
robert@0
|
43 }
|
|
robert@0
|
44 }
|
|
robert@0
|
45
|
|
robert@0
|
46 // validateLogin method: validates a login request
|
|
robert@0
|
47 function validateLogin()
|
|
robert@0
|
48 {
|
|
robert@0
|
49 // ignore request if we are already logged in
|
|
robert@0
|
50 if (loggedIn)
|
|
robert@0
|
51 return;
|
|
robert@0
|
52
|
|
robert@0
|
53 // get form form elements 'username' and 'password'
|
|
robert@0
|
54 username = document.getElementById('username').value;
|
|
robert@0
|
55 password = document.getElementById('password').value;
|
|
robert@0
|
56
|
|
robert@0
|
57 // ignore if either is empty
|
|
robert@0
|
58 if (username != '' && password != '') {
|
|
robert@0
|
59 // compute the hash of the hash of the password and the seed
|
|
robert@0
|
60 hash = hex_md5(hex_md5(password) + seed);
|
|
robert@0
|
61
|
|
robert@0
|
62 // open the http connection
|
|
robert@0
|
63 http.open('GET', LOGIN_PREFIX + 'task=checklogin&username='+username+'&id='+seed_id+'&hash='+hash, true);
|
|
robert@0
|
64
|
|
robert@0
|
65 // where to go
|
|
robert@0
|
66 http.onreadystatechange = handleHttpValidateLogin;
|
|
robert@0
|
67 http.send(null);
|
|
robert@0
|
68 }
|
|
robert@0
|
69 }
|
|
robert@0
|
70
|
|
robert@0
|
71 // handleHttpValidateLogin method: called when the validation results are returned from the server
|
|
robert@0
|
72 function handleHttpValidateLogin()
|
|
robert@0
|
73 {
|
|
robert@0
|
74 // did the connection work?
|
|
robert@0
|
75 if (http.readyState == NORMAL_STATE) {
|
|
robert@0
|
76 // split by the pipe
|
|
robert@0
|
77 results = http.responseText.split('|');
|
|
robert@0
|
78 if (results[0] == 'true')
|
|
robert@0
|
79 {
|
|
robert@0
|
80 hasSeed = false;
|
|
robert@0
|
81 loggedIn = true;
|
|
robert@0
|
82 fullname = results[1];
|
|
robert@0
|
83 messages = '';
|
|
robert@0
|
84 }
|
|
robert@0
|
85 else
|
|
robert@0
|
86 {
|
|
robert@0
|
87 messages = results[1];
|
|
robert@0
|
88 }
|
|
robert@0
|
89 showLogin();
|
|
robert@0
|
90 }
|
|
robert@0
|
91 }
|
|
robert@0
|
92
|
|
robert@0
|
93 // resetLogin method: if logged in, 'logs out' and allows a different user/pass to be entered
|
|
robert@0
|
94 function resetLogin()
|
|
robert@0
|
95 {
|
|
robert@0
|
96 loggedIn = false;
|
|
robert@0
|
97 hasSeed = false;
|
|
robert@0
|
98 } |
