var dTime = new Date(); function logonTimeOut() { // set a five minute timeout period var dNow = new Date(); if (dNow.getMinutes() >= dTime.getMinutes() + 3) { clearPlainText(); alert('Logon recovery has timed out...'); resetLogon(); } setTimeout('logonTimeOut()',10000) } // left trim a string function leftTrim(thisParam) { var thisChar,param = thisParam; if (param) { for (var i=0; i<=param.length; i++) { thisChar = param.charAt(i); if ((thisChar != ' ') && (thisChar != String.fromCharCode(10)) && (thisChar != String.fromCharCode(13))) break; } } return param.substr(i,param.length); } // right trim a string function rightTrim(thisParam) { var thisChar, param = thisParam; if (param) { var i = param.length; while (i > 0) { i -= 1; thisChar = param.charAt(i); if ((thisChar != ' ') && (thisChar != String.fromCharCode(10)) && (thisChar != String.fromCharCode(13))) break; } } return param.substr(0,i+1); } // trim a string function trim(thisParam) { var param = thisParam; if (param) { param = leftTrim(param); param = rightTrim(param); } return param; } function isValidParameter(ob,nvFieldAlias) { var param = ob.value; if (!param) { alert('Please enter your ' + nvFieldAlias + '...'); ob.focus(); return false } return true } function isValidChecksum() { // NOTE: This function circumvents some simple, automated brute force attempts to talk to the server. var ob = document.content; if (!isValidParameter(ob.nvRecoveryCheck,'your logon recovery confirmation')) return false; if (ob.nvRecoveryCheck.value.toUpperCase() != rdDecrypt(ob.nvRecoveryCheck.value,ob.nvHashValue.value)) { alert('Your recovery check does not match the image. Please try again...'); ob.nvRecoveryCheck.focus(); ob.nvRecoveryCheck.select(); return false } return true } function isValidUserEmail() { var ob = document.content; if (!isValidParameter(ob.nvEmail,'email address')) return false; var acceptNull = false; var showError = true; if (!cs_IsEmail(ob.nvEmail.value, acceptNull, showError)) { ob.nvEmail.select(); return false; } return true } //function isValidUserEmail() { // var ob = document.content; // if (!isValidParameter(ob.nvEmail,'email address')) return false; // if (!cs_IsEmail(ob.nvEmail.value)) { // alert('Please enter a valid email address...'); // ob.nvEmail.focus(); // ob.nvEmail.select(); // return false; // } // return true //} function isValidPasswordConfirmation(iPasswordLength) { var ob = document.content; if (!isValidParameter(ob.nvNewPassword,'your new password')) return false; if (!isValidParameter(ob.nvConfirmPassword,'your password confirmation')) return false; if (ob.nvNewPassword.value.length < iPasswordLength) { alert('Your password must be greater than ' + iPasswordLength + ' characters long. Please enter another password...'); ob.nvNewPassword.focus(); ob.nvNewPassword.select(); return false } if (ob.nvConfirmPassword.value != ob.nvNewPassword.value) { alert('Your confirmation does not match your password. Please\r\nre-confirm your password.\r\n\r\nPlease note: Passwords are case sensitive'); ob.nvConfirmPassword.focus(); ob.nvConfirmPassword.select(); return false } return true } function clearPlainText() { // clear the plain text input values prior to submit var ob = document.content; ob.nvUserName.value = ''; ob.nvEmail.value = ''; ob.pKey.value = ''; if (!isUndefined(ob.nvRecoveryCheck)) ob.nvRecoveryCheck.value = ''; if (!isUndefined(ob.nvResponse)) ob.nvResponse.value = ''; if (!isUndefined(ob.nvNewPassword)) ob.nvNewPassword.value = '' if (!isUndefined(ob.nvConfirmPassword)) ob.nvConfirmPassword.value = '' } function resetInputValues() { // This function effectively makes unsuccessful username and email address pairs plain text. // To disable it, set the pReset value to null on page initialisation. var ob = document.content; if (ob.pReset.value) { var pk = ob.pKey.value; var pt = rdDecrypt(pk,ob.pReset.value); var ar = pt.split(pk); ob.nvUserName.value = ar[0]; ob.nvEmail.value = ar[1]; } else { ob.nvUserName.focus(); } } function encryptReturnValues() { // NOTE: This routine implements a block cipher (symmetric key) encryption algorithm and a message-digest // algorithm to encrypt the return values prior to destroying them. The return values are keyed using themselves // and a random one time pseudo public key. The match variables are derived from a private key held on the server // and a short lived copy of the one time key. Neither the encrypted, decrypted nor plain text return values // processed here are held on the server. var ob = document.content; // capture the input values var un = trim(ob.nvUserName.value); var em = trim(ob.nvEmail.value.toLowerCase()); var rc = (isUndefined(ob.nvRecoveryCheck)) ? '' : trim(ob.nvRecoveryCheck.value.toUpperCase()); var cr = (isUndefined(ob.nvResponse)) ? '' : trim(ob.nvResponse.value.toLowerCase()); var np = (isUndefined(ob.nvNewPassword)) ? '' : trim(ob.nvNewPassword.value); // hash the input values var unh = hex_hmac_sha1(un,un); var emh = hex_hmac_sha1(em,em); var crh = (cr) ? hex_hmac_sha1(cr,cr) : 'undefined'; var nph = (np) ? hex_hmac_sha1(un+np,un+np) : 'undefined'; // define the keys var pk = ob.pKey.value; var ck = (cr) ? hex_hmac_sha1(unh,crh) : hex_hmac_sha1(em,unh); // define the plain text var pt = crh + emh + nph + emh + np + emh + un + emh + cr; // convert the plain text to cipher text ob.pReset.value = rdEncrypt(em,un); ob.nvHashValue.value = rdEncrypt(pk,unh); ob.nvAttempt.value = rdEncrypt(ck,pt) } function isChecked(iPasswordLength) { var ob = document.content; var iState = parseInt(ob.iState.value); var iBruteForceThreshold = 50; if (iState == iBruteForceThreshold) return false if (!isValidParameter(ob.nvUserName,'Username')) return false if (!isValidUserEmail()) return false if (!isUndefined(ob.nvRecoveryCheck)) if (!isValidChecksum()) return false if (!isUndefined(ob.nvResponse)) { if (!isValidParameter(ob.nvResponse,'your response')) return false if (!isValidPasswordConfirmation(iPasswordLength)) return false } encryptReturnValues(); clearPlainText(); return true } function resetLogon() {location.href = 'tp_RMLogon.asp'} function isValidData(param) { switch(param) { case 2: resetLogon(); break; default: resetLogon(); break; } return false } document.write("<\/SCR" + "IPT>");