robert@0: // js handling the login procedures robert@0: robert@0: // constants robert@0: var NORMAL_STATE = 4; robert@0: var LOGIN_PREFIX = 'login.php?'; robert@0: robert@0: // variables robert@0: var http = getHTTPObject(); // We create the HTTP Object robert@0: var hasSeed = false; robert@0: var loggedIn = false; robert@0: var seed_id = 0; robert@0: var seed = 0; robert@0: var fullname = ''; robert@0: var messages = ''; robert@0: robert@0: // getSeed method: gets a seed from the server for this transaction robert@0: function getSeed() robert@0: { // only get a seed if we're not logged in and we don't already have one robert@0: if (!loggedIn && !hasSeed) { robert@0: // open up the path robert@0: http.open('GET', LOGIN_PREFIX + 'task=getseed', true); robert@0: http.onreadystatechange = handleHttpGetSeed; robert@0: http.send(null); robert@0: } robert@0: } robert@0: robert@0: // handleHttpGetSeed method: called when the seed is returned from the server robert@0: function handleHttpGetSeed() robert@0: { robert@0: // if there hasn't been any errors robert@0: if (http.readyState == NORMAL_STATE) { robert@0: // split by the divider | robert@0: results = http.responseText.split('|'); robert@0: robert@0: // id is the first element robert@0: seed_id = results[0]; robert@0: robert@0: // seed is the second element robert@0: seed = results[1]; robert@0: robert@0: // now we have the seed robert@0: hasSeed = true; robert@0: } robert@0: } robert@0: robert@0: // validateLogin method: validates a login request robert@0: function validateLogin() robert@0: { robert@0: // ignore request if we are already logged in robert@0: if (loggedIn) robert@0: return; robert@0: robert@0: // get form form elements 'username' and 'password' robert@0: username = document.getElementById('username').value; robert@0: password = document.getElementById('password').value; robert@0: robert@0: // ignore if either is empty robert@0: if (username != '' && password != '') { robert@0: // compute the hash of the hash of the password and the seed robert@0: hash = hex_md5(hex_md5(password) + seed); robert@0: robert@0: // open the http connection robert@0: http.open('GET', LOGIN_PREFIX + 'task=checklogin&username='+username+'&id='+seed_id+'&hash='+hash, true); robert@0: robert@0: // where to go robert@0: http.onreadystatechange = handleHttpValidateLogin; robert@0: http.send(null); robert@0: } robert@0: } robert@0: robert@0: // handleHttpValidateLogin method: called when the validation results are returned from the server robert@0: function handleHttpValidateLogin() robert@0: { robert@0: // did the connection work? robert@0: if (http.readyState == NORMAL_STATE) { robert@0: // split by the pipe robert@0: results = http.responseText.split('|'); robert@0: if (results[0] == 'true') robert@0: { robert@0: hasSeed = false; robert@0: loggedIn = true; robert@0: fullname = results[1]; robert@0: messages = ''; robert@0: } robert@0: else robert@0: { robert@0: messages = results[1]; robert@0: } robert@0: showLogin(); robert@0: } robert@0: } robert@0: robert@0: // resetLogin method: if logged in, 'logs out' and allows a different user/pass to be entered robert@0: function resetLogin() robert@0: { robert@0: loggedIn = false; robert@0: hasSeed = false; robert@0: }