Rev 974 | Rev 1020 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 974 | Rev 982 | ||
---|---|---|---|
Line 22... | Line 22... | ||
22 | // TODO: Put these settings in a "setup configuration file" (hardcoded) |
22 | // TODO: Put these settings in a "setup configuration file" (hardcoded) |
23 | min_password_length = 10; // see also plugins/viathinksoft/publicPages/092_forgot_password_admin/script.js |
23 | min_password_length = 10; // see also plugins/viathinksoft/publicPages/092_forgot_password_admin/script.js |
24 | password_salt_length = 10; |
24 | password_salt_length = 10; |
25 | bcrypt_rounds = 10; |
25 | bcrypt_rounds = 10; |
26 | 26 | ||
27 | function btoa(bin) { |
- | |
28 | var tableStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; |
- | |
29 | var table = tableStr.split(""); |
- | |
30 | for (var i = 0, j = 0, len = bin.length / 3, base64 = []; i < len; ++i) { |
- | |
31 | var a = bin.charCodeAt(j++), b = bin.charCodeAt(j++), c = bin.charCodeAt(j++); |
- | |
32 | if ((a | b | c) > 255) throw new Error(_L('String contains an invalid character')); |
- | |
33 | base64[base64.length] = table[a >> 2] + table[((a << 4) & 63) | (b >> 4)] + |
- | |
34 | (isNaN(b) ? "=" : table[((b << 2) & 63) | (c >> 6)]) + |
- | |
35 | (isNaN(b + c) ? "=" : table[c & 63]); |
- | |
36 | } |
- | |
37 | return base64.join(""); |
- | |
38 | }; |
- | |
39 | - | ||
40 | function hexToBase64(str) { |
- | |
41 | return btoa(String.fromCharCode.apply(null, |
- | |
42 | str.replace(/\r|\n/g, "").replace(/([\da-fA-F]{2}) ?/g, "0x$1 ").replace(/ +$/, "").split(" "))); |
- | |
43 | } |
- | |
44 | - | ||
45 | function _b64EncodeUnicode(str) { |
- | |
46 | if (str == "") { |
- | |
47 | return "''"; |
- | |
48 | } else { |
- | |
49 | return "base64_decode('"+b64EncodeUnicode(str)+"')"; |
- | |
50 | } |
- | |
51 | } |
- | |
52 | - | ||
53 | function b64EncodeUnicode(str) { |
- | |
54 | // first we use encodeURIComponent to get percent-encoded UTF-8, |
- | |
55 | // then we convert the percent encodings into raw bytes which |
- | |
56 | // can be fed into btoa. |
- | |
57 | return btoa(encodeURIComponent(str).replace(/%([0-9A-F]{2})/g, |
- | |
58 | function toSolidBytes(match, p1) { |
- | |
59 | return String.fromCharCode('0x' + p1); |
- | |
60 | })); |
- | |
61 | } |
- | |
62 | - | ||
63 | function generateRandomString(length) { |
- | |
64 | var charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789", |
- | |
65 | retVal = ""; |
- | |
66 | for (var i = 0, n = charset.length; i < length; ++i) { |
- | |
67 | retVal += charset.charAt(Math.floor(Math.random() * n)); |
- | |
68 | } |
- | |
69 | return retVal; |
- | |
70 | } |
- | |
71 | - | ||
72 | String.prototype.replaceAll = function(search, replacement) { |
- | |
73 | var target = this; |
- | |
74 | return target.replace(new RegExp(search, 'g'), replacement); |
- | |
75 | }; |
- | |
76 | - | ||
77 | function adminGeneratePassword(password) { |
27 | function adminGeneratePassword(password) { |
78 | var salt = generateRandomString(password_salt_length); |
28 | var salt = generateRandomString(password_salt_length); |
79 | return salt+'$'+hexToBase64(sha3_512(salt+password)); |
29 | return salt+'$'+hexToBase64(sha3_512(salt+password)); |
80 | } |
30 | } |
81 | 31 | ||
Line 203... | Line 153... | ||
203 | $("#step3")[0].style.display = "Block"; |
153 | $("#step3")[0].style.display = "Block"; |
204 | $("#step4")[0].style.display = "Block"; |
154 | $("#step4")[0].style.display = "Block"; |
205 | } |
155 | } |
206 | } |
156 | } |
207 | 157 | ||
208 | function RemoveLastDirectoryPartOf(the_url) { |
- | |
209 | var the_arr = the_url.split('/'); |
- | |
210 | if (the_arr.pop() == '') the_arr.pop(); |
- | |
211 | return( the_arr.join('/') ); |
- | |
212 | } |
- | |
213 | - | ||
214 | function checkAccess(dir) { |
158 | function checkAccess(dir) { |
215 | if (!dir.toLowerCase().startsWith('https:') && !dir.toLowerCase().startsWith('http:')) { |
159 | if (!dir.toLowerCase().startsWith('https:') && !dir.toLowerCase().startsWith('http:')) { |
216 | var url = '../' + dir; |
160 | var url = '../' + dir; |
217 | var visibleUrl = RemoveLastDirectoryPartOf(window.location.href) + '/' + dir; // xhr.responseURL not available in IE |
161 | var visibleUrl = RemoveLastDirectoryPartOf(window.location.href) + '/' + dir; // xhr.responseURL not available in IE |
218 | } else { |
162 | } else { |
Line 298... | Line 242... | ||
298 | dbplugin_changed(); |
242 | dbplugin_changed(); |
299 | captchaplugin_changed(); |
243 | captchaplugin_changed(); |
300 | performAccessCheck(); |
244 | performAccessCheck(); |
301 | } |
245 | } |
302 | 246 | ||
303 | function getCookie(cname) { |
- | |
304 | // Source: https://www.w3schools.com/js/js_cookies.asp |
- | |
305 | var name = cname + "="; |
- | |
306 | var decodedCookie = decodeURIComponent(document.cookie); |
- | |
307 | var ca = decodedCookie.split(';'); |
- | |
308 | for(var i = 0; i <ca.length; i++) { |
- | |
309 | var c = ca[i]; |
- | |
310 | while (c.charAt(0) == ' ') { |
- | |
311 | c = c.substring(1); |
- | |
312 | } |
- | |
313 | if (c.indexOf(name) == 0) { |
- | |
314 | return c.substring(name.length, c.length); |
- | |
315 | } |
- | |
316 | } |
- | |
317 | return undefined; |
- | |
318 | } |
- | |
319 | - | ||
320 | function getCurrentLang() { |
- | |
321 | // Note: If the argument "?lang=" is used, PHP will automatically set a Cookie, so it is OK when we only check for the cookie |
- | |
322 | var lang = getCookie('LANGUAGE'); |
- | |
323 | return (typeof lang != "undefined") ? lang : DEFAULT_LANGUAGE; |
- | |
324 | } |
- | |
325 | - | ||
326 | function _L() { |
- | |
327 | var args = Array.prototype.slice.call(arguments); |
- | |
328 | var str = args.shift().trim(); |
- | |
329 | - | ||
330 | var tmp = ""; |
- | |
331 | if (typeof language_messages[getCurrentLang()] == "undefined") { |
- | |
332 | tmp = str; |
- | |
333 | } else { |
- | |
334 | var msg = language_messages[getCurrentLang()][str]; |
- | |
335 | if (typeof msg != "undefined") { |
- | |
336 | tmp = msg; |
- | |
337 | } else { |
- | |
338 | tmp = str; |
- | |
339 | } |
- | |
340 | } |
- | |
341 | - | ||
342 | tmp = tmp.replace('###', language_tblprefix); |
- | |
343 | - | ||
344 | var n = 1; |
- | |
345 | while (args.length > 0) { |
- | |
346 | var val = args.shift(); |
- | |
347 | tmp = tmp.replace("%"+n, val); |
- | |
348 | n++; |
- | |
349 | } |
- | |
350 | - | ||
351 | tmp = tmp.replace("%%", "%"); |
- | |
352 | - | ||
353 | return tmp; |
- | |
354 | } |
- | |
355 | - | ||
356 | window.onload = setupOnLoad; |
247 | window.onload = setupOnLoad; |