/********************************************************** * Authenticate ***********************************************************/ function Authenticate(email, passwd) { // if we do not use v21 goto v22 authentication if (!use_v21_server) { ajaxAuthenticate(email,passwd); return; } // check the user and find what version he uses 2.1 or 2.2 // first check the user in v2.1 var params = "email=" + email; $.ajax({ url: 'core/v21/check_email_available_v21.php', type: 'POST', dataType: 'xml', data: params, error: function(){ alert ('Error in check user '); }, success: function(xml) { var status = getXmlTag(xml, "status"); var message = getXmlTag(xml, "message"); if (status == interface_ok) { // the user exists in 2.1 so authenticate him with v21 ajaxAuthenticate_v21(email,passwd); } else if (status == interface_user_does_not_exist_error_v21) { // the user is not in v21 so authenticate him with v22 ajaxAuthenticate(email,passwd); } else { alert("Error occured: " + message); } // status != interface_ok } }); } /***************************** * Proceed authentication *******************************/ function ajaxAuthenticate(email, passwd) { // create client side cookies var session_key = GenerateRandomSessionKey (); CreateClientSecurePasswordCookie (passwd, session_key); // convert to hex for correct value transfer var session_key_hex = stringToHex(session_key); var passwd_md5 = md5(passwd); var params = "email=" + email + "&passwd_md5=" + passwd_md5 + "&session_key=" + session_key_hex; $.ajax({ url: 'core/authenticate.php', type: 'POST', dataType: 'xml', data: params, error: function(){ alert ('Error occured during authentication'); }, success: function(xml) { var status = getXmlTag(xml, "status"); var message = getXmlTag(xml, "message"); if (status == interface_ok) { var target_alias = getXmlTag(xml, "target_alias"); if (target_alias != null) { window.location = "page.php?id=" + target_alias; } else { window.location = "page.php?id=member_home_page"; } } else { if(status == interface_network_error || status == interface_database_generic_error || status == interface_database_logical_error || status == interface_unknown_error) { window.location = 'page.php?id=down_server'; } else { if(status == interface_user_temp_locked_error || status == interface_user_incorrect_password_temp_locked_error) { alert("Your account is frozen due to a possible security breach.\n\nPlease check your email for more detail."); } else alert("You could not be authenticated. Reason: " + message); if(status == interface_access_denied_password_error || status == interface_access_denied_error) { var prev_login = readCookie('prev_login'); if(prev_login == '' || prev_login == null) { var login_attempt = 1; createCookie('login_attempt', 1, 0,04166); createCookie('prev_login', email,0); } else { if(prev_login != email) { var login_attempt = 1; createCookie('prev_login', email,0); createCookie('login_attempt', 1, 0,04166); } else { var login_attempt = readCookie('login_attempt'); login_attempt = parseInt(login_attempt); } } if(login_attempt == null) createCookie('login_attempt', 1, 0,04166); else { if(login_attempt <= 2) createCookie('login_attempt', login_attempt+1, 0,04166); else { createCookie('login_attempt', login_attempt+1, 0,04166); // show captcha here } } // login_attempt == null }// You could not be authenticated } // interface_network_error } // status != interface_ok } }); } /*************************************************** * Proceed auth in 2.1 ****************************************************/ function ajaxAuthenticate_v21(email, passwd) { // create client side cookies var session_key = GenerateRandomSessionKey (); CreateClientSecurePasswordCookie (passwd, session_key); // convert to hex for correct value transfer var session_key_hex = stringToHex(session_key); var passwd_md5 = md5(passwd); var params = "email=" + email + "&passwd_md5=" + passwd_md5 + "&session_key=" + session_key_hex; $.ajax({ url: 'core/v21/authenticate_v21.php', type: 'POST', dataType: 'xml', data: params, error: function(){ alert ('Error occured during authentication'); }, success: function(xml) { var status = getXmlTag(xml, "status"); var message = getXmlTag(xml, "message"); if (status == interface_ok) { var target_alias = getXmlTag(xml, "target_alias"); if (target_alias != null) { window.location = "page.php?id=" + target_alias; } else { window.location = "page.php?id=member_home_page"; } } else { if(status == interface_network_error || status == interface_database_generic_error || status == interface_database_logical_error || status == interface_unknown_error) { window.location = 'page.php?id=down_server'; } else { alert("You could not be authenticated. Reason: " + message); if(status == interface_access_denied_password_error || status == interface_access_denied_error) { var prev_login = readCookie('prev_login'); if(prev_login == '' || prev_login == null) { var login_attempt = 1; createCookie('login_attempt', 1, 0,04166); createCookie('prev_login', email,0); } else { if(prev_login != email) { var login_attempt = 1; createCookie('prev_login', email,0); createCookie('login_attempt', 1, 0,04166); } else { var login_attempt = readCookie('login_attempt'); login_attempt = parseInt(login_attempt); } } if(login_attempt == null) createCookie('login_attempt', 1, 0,04166); else { if(login_attempt <= 2) createCookie('login_attempt', login_attempt+1, 0,04166); else { createCookie('login_attempt', login_attempt+1, 0,04166); // show captcha here } } // login_attempt == null }// You could not be authenticated } // interface_network_error } // status != interface_ok } }); }