@if (@logon != @logon) @set @logon = 1 String.prototype.ltrim = function(chr) { if (typeof(chr) == "undefined") return this.replace(new RegExp("^\\s*"), ''); else return this.replace(new RegExp('^' + chr + '*'), ''); } String.prototype.rtrim = function(chr) { if (typeof(chr) == "undefined") return this.replace(new RegExp('\\s*$'), ''); else return this.replace(new RegExp(chr + '*$'), ''); } String.prototype.trim = function(chr) { return this.rtrim(chr).ltrim(chr); } String.prototype.toBoolean = function() { return (this.length != 0 && this != '0' && this.toLowerCase() != 'false'); } function getNonce() { var oNonce = postToServer("/_security/GetNonce.asp", "") if (oNonce) { oNonce = oNonce.documentElement; if (oNonce.getAttribute("hashPassword").toBoolean()) return {hashPassword: true, nonce: oNonce.text} else return oNonce.text; } } function SupplementaryLogin(lUserID) { var oRetVal = "dummy" while (oRetVal) { var oRetVal = window.showModalDialog("/_security/password_prompt.asp",null,"dialogHeight:200px;dialogWidth:400px;help:no;status:no") if(oRetVal) { if (validateLogon(lUserID, oRetVal)) return oRetVal else alert("Invalid password") } } } function validateLogon(userID, password) { var oLogon = getLogon(); oLogon.putUserID(userID); oLogon.putNonce(getNonce()); oLogon.createHash(password); var genResult = getGeneric(postToServer('/_security/ValidateLogon.asp',oLogon.element.xml)) return genResult.getAttribute('valid') == 'true'; } function getLogon(source) { return new Logon(getXMLElem("", source)); } //------ Logon Class ------ function Logon(elem) { this.element = elem; } Logon.prototype = new Generic Logon.prototype.getAction = function() { return this.element.getAttribute("action"); } Logon.prototype.putAction = function(value) { putAttributeValue(this.element, "action", value); } Logon.prototype.getUserID = function() { return this.element.getAttribute("userID"); } Logon.prototype.putUserID = function(value) { putAttributeValue(this.element, "userID", value); } Logon.prototype.getHashPassword = function() { return Nz(this.getAttribute("hashPassword", "false")).toBoolean(); } Logon.prototype.putHashPassword = function(value) { putAttributeValue(this.element, "hashPassword", CNull(value)); } Logon.prototype.getAdminUserID = function() { return this.element.getAttribute("adminUserID"); } Logon.prototype.putAdminUserID = function(value) { putAttributeValue(this.element, "adminUserID", value); } Logon.prototype.getUserName = function() { return protGetText(this.element, "userName"); } Logon.prototype.putUserName = function(value) { protPutText(this.element, "userName", CNull(value.toLowerCase())); } Logon.prototype.getNTUser = function() { return protGetText(this.element, "ntUser"); } Logon.prototype.putNTUser = function(value) { protPutText(this.element, "ntUser", CNull(value.toLowerCase())); } Logon.prototype.getNonce = function() { return protGetText(this.element, "nonce"); } Logon.prototype.putNonce = function(value) { if (value && value.nonce) { this.putHashPassword(value.hashPassword); protPutText(this.element, "nonce", CNull(value.nonce)); } else { protPutText(this.element, "nonce", CNull(value)); } } Logon.prototype.getPassword = function() { return protGetText(this.element, "password"); } Logon.prototype.putPassword = function(value) { protPutText(this.element, "password", CNull(value)); } Logon.prototype.getNewPassword = function(oldPassword) { if (typeof(oldPassword) == "undefined") oldPassword = this.getPassword(); return bin2str(b642bin(GetPlainText(protGetText(this.element, "newPassword"), oldPassword).rtrim('='))); } Logon.prototype.putNewPassword = function(value, oldPassword) { if (typeof(oldPassword) == "undefined") oldPassword = this.getPassword(); if (this.getHashPassword()) oldPassword = b64_md5(oldPassword); protPutText(this.element, "newPassword", GetCryptText(bin2b64(str2bin(value)), oldPassword, '=')); } Logon.prototype.getPasswordExpired = function() { return Nz(this.element.getAttribute("pwdExpired"), false); } Logon.prototype.getHash = function() { return protGetText(this.element, "hash"); } Logon.prototype.putHash = function(value) { protPutText(this.element, "hash", CNull(value)); } Logon.prototype.createHash = function(password) { if (this.getHashPassword()) password = b64_md5(password); if (this.getAdminUserID()) { this.putHash(b64_md5(this.getAdminUserID() + password + this.getNonce())); } else if (this.getUserID()) { this.putHash(b64_md5(this.getUserID() + password + this.getNonce())); } else { this.putHash(b64_md5(this.getUserName() + password + this.getNonce())); } return this.getHash(); } @end