138


	<?xml version="1.0" encoding="<X-FC-ITEM DATA[Charset]>"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!--138--><!--#if expr="@length('$USETICKETAUTH') == 0"--><!--#set var="USETICKETAUTH" value="0"--><!--#endif--><!--#if expr="$USETICKETAUTH == 0 && <X-FC-SERVER USEDSLOGIN> == 0 && !$SUPPRESSDIGESTLOGIN"--><!--#set var="USEDIGESTLOGIN" value="1"--><!--#if expr="@length('$ENABLEAUTHSAVING') == 0"--><!--#set var="ENABLEAUTHSAVING" value="0"--><!--#endif--><!--#else--><!--#set var="USEDIGESTLOGIN" value="0"--><!--#set var="ENABLEAUTHSAVING" value="0"--><!--#endif--> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=<X-FC-ITEM DATA[Charset]>"/><!--#if expr="$USEDIGESTLOGIN"--> <meta http-equiv="Refresh" content="285;URL=/Login"/><!--#endif--> <title><X-FC-FIELD LANG.141.4 STRING></title><!--#if expr="$USEDIGESTLOGIN"--> <script type="text/javascript"> <!-- var HD=new String("0123456789abcdef");<!--#rem The following functions are necessary since various browser developers have failed to implement arithmetic operations on unsigned 32-bit numbers correctly AND(a,b) == a&b OR(a,b) == a\|b XOR(a,b) == a^b NOT(a) == ~a ADD(a,b) == a+b LS(a,s) == a<<s RS(a,s) == a>>s --> function AND(a,b){ var hb=(a>=0x80000000)&&(b>=0x80000000); var r=0; if(a>=0x80000000)a-=0x80000000; if(b>=0x80000000)b-=0x80000000; r=a&b; if(hb) r+=0x80000000; return r; } function OR(a,b){ var hb=(a>=0x80000000)\|\|(b>=0x80000000); var r=0; if(a>=0x80000000)a-=0x80000000; if(b>=0x80000000)b-=0x80000000; r=a\|b; if(hb) r+=0x80000000; return r; } function XOR(a,b){ var hb=((a>=0x80000000)&&(b<0x80000000))\|\|((a<0x80000000)&&(b>=0x80000000)); var r=0; if(a>=0x80000000)a-=0x80000000; if(b>=0x80000000)b-=0x80000000; r=a^b; if(hb) r+=0x80000000; return r; } function NOT(a){ var b=0x80000000; var n=0; while(b>=1){ if(a>=b) a-=b; else n+=b; b=b/2; } return n; } function ADD(a,b){ var n=0; if(a>=0x80000000){ ++n; a-=0x80000000; } if(b>=0x80000000){ ++n; b-=0x80000000; } a+=b; if(n==1){ if(a>=0x80000000) a-=0x80000000; else a+=0x80000000; } return a; } function LS(a,s){ for(var i=0;i<s;i++){ if(a>=0x80000000) a-=0x80000000; a=a2; } return a; } function RS(a,s){ for(var i=0;i<s;i++){ if(a%2) a-=1; a=a/2; } return a; }<!--#rem function H1 converts the high nibble of the byte c into a hex character --> function HEX1(c){return HD.substr((c>>4)&0x0F,1);}<!--#rem function H2 converts the low nibble of byte c into a hex character --> function HEX2(c){return HD.substr(c&0x0F,1);} var PD=new Array(0x80,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0); var H=new Array(); var B=new Array(); var KV=new Array(); KV[0]=0x5A827999; KV[1]=0x6ED9EBA1; KV[2]=0x8F1BBCDC; KV[3]=0xCA62C1D6; var TL=0; var BL=0; function K(n){ return KV[Math.floor(n/20)]; } function S(v,n){ return OR(LS(v,n),RS(v,32-n)); } function f(n,B,C,D){ switch(Math.floor(n/20)){ case 0:return OR(AND(B,C),AND(NOT(B),D)); case 2:return OR(OR(AND(B,C),AND(B,D)),AND(C,D)); default:return XOR(XOR(B,C),D); } }<!--#rem EC(I,L,O) Encode (Input, Length, Output) Encodes input (UINT4) into output (unsigned char). Assumes len is a multiple of 4. --> function EC(I,L,O){ var i, j; for(i=0,j=0;j<L;i++,j+=4){ O[j]=AND(RS(I[i],24),0xFF); O[j+1]=AND(RS(I[i],16),0xFF); O[j+2]=AND(RS(I[i],8),0xFF); O[j+3]=AND(I[i],0xFF); } }<!--#rem DC(I,L,O) Decode(Input, Length, Output) Decodes input (unsigned char) into output (UINT4). Assumes len is a multiple of 4. --> function DC(I,L,O){ var i, j; for (i=0,j=0;j<L;i++,j+=4){ O[i]=0; O[i]=ADD(O[i],LS(I[j],24)); O[i]=ADD(O[i],LS(I[j+1],16)); O[i]=ADD(O[i],LS(I[j+2],8)); O[i]=ADD(O[i],I[j+3]); } }<!--#rem TF(bl) Transform(block) SHA1 basic transformation. Transforms state based on block. --> function TF(bl){ var a,b,c,d,e,t; var W=new Array(); var i; DC(bl,64,W); for(i=16;i<80;i++){ W[i]=S(XOR(XOR(XOR(W[i-3],W[i-8]),W[i-14]),W[i-16]),1); } a=H[0];b=H[1];c=H[2];d=H[3];e=H[4]; for(i=0;i<80;i++){ t=ADD(ADD(ADD(ADD(S(a,5),f(i,b,c,d)),e),W[i]),K(i)); e=AND(d,0xFFFFFFFF); d=AND(c,0xFFFFFFFF); c=AND(S(b,30),0xFFFFFFFF); b=AND(a,0xFFFFFFFF); a=AND(t,0xFFFFFFFF); } H[0]=ADD(H[0],a); H[1]=ADD(H[1],b); H[2]=ADD(H[2],c); H[3]=ADD(H[3],d); H[4]=ADD(H[4],e); }<!--#rem CA(d, di, s, si, l) CopyArray (Destination, Destination Index, Source, Source Index, Length) --> function CA(d,di,s,si,L){ for(i=0;i<L;i++) d[di+i]=s[si+i]; }<!--#rem UD(I,L) Update (Input, Length) SHA1 block update operation. Continues an SHA1 message-digest operation, processing another message block, and updating the context. --> function UD(I,L){ var i=0; TL+=L; if(BL){ if(64-BL>L) i=L; else i=64-BL; CA(B,BL,I,0,i); BL+=i; if(BL<64) return; TF(B); BL=0; } while(L-i>=64){ CA(B,0,I,i,64); i+=64; TF(B); } CA(B,0,I,i,L-i); BL=L-i; }<!--#rem F() Final () SHA1 finalization. Ends an SHA1 message-digest operation, writing the the message digest and zeroizing the context. --> function F(){ var D=new Array(); var R=""; if(BL<55) CA(B,BL,PD,0,59-BL); else{ if(BL<64) CA(B,BL,PD,0,64-BL); TF(B); CA(B,BL,PD,1,58); } B[59]=AND(RS(AND(TL,0xE0000000),29),0xFF); TL=LS(TL,3); B[60]=AND(RS(TL,24),0xFF); B[61]=AND(RS(TL,16),0xFF); B[62]=AND(RS(TL,8),0xFF); B[63]=AND(TL,0xFF); TF(B);<!--#rem Store state in digest--> EC(H,20,D); for(i=0;i<20;i++){ R+=String(HEX1(D[i])); R+=String(HEX2(D[i])); } return R; }<!--#rem SHA1(C,P) SHA1(challenge, password) computes the SHA-1 digest of the given password --> function SHA1(C,P){ var c=new Array() var p=new Array(); var u; var s,d;<!--#rem Transfer challenge string to challenge byte array--> for(s=0;s<C.length;s++) c[s]=C.charCodeAt(s);<!--#rem Convert password string to upper case, and transfer it to the password byte array as UTF-8--> P=P.toUpperCase(); for (s=0,d=0;s<P.length;s++){ u=P.charCodeAt(s); if(u<0x80){ p[d++]=u; }else if(u<0x0800){ p[d++]=OR(RS(u,6),0xC0); p[d++]=OR(AND(u,0x0000003F),0x80); }else if(u<0x00010000){ p[d++]=OR(RS(u,12),0xE0); p[d++]=OR(AND(RS(u,6),0x0000003F),0x80); p[d++]=OR(AND(u,0x0000003F),0x80); }else if(u<0x00200000){ p[d++]=OR(RS(u,18),0xF0); p[d++]=OR(AND(RS(u,12),0x0000003F),0x80); p[d++]=OR(AND(RS(u,6),0x0000003F),0x80); p[d++]=OR(AND(u,0x0000003F),0x80); } }<!--#rem Load magic initialization constants.--> H[0]=0x67452301; H[1]=0xEFCDAB89; H[2]=0x98BADCFE; H[3]=0x10325476; H[4]=0xC3D2E1F0; TL=0; BL=0; UD(c,c.length); UD(p,p.length); return F(); }<!--#rem CSHA1(F) ComputeSHA1(Form) Determines if an SHA1 digest can be computed for the target HTML form, and if so computes it. --> function CSHA1(F){ var p=self.sp; var E=F.elements; if(p==null) p=E["password"].value; if (E["userid"].length==0\|\|E["password"].length==0) return false; E["sha1"].value=SHA1(E["challenge"].value,p); E["password"].value=""; return true; } var sp=null;<!--#if expr="$ENABLEAUTHSAVING"--><!--#rem lc LoadCredentials checks for cookie saved credentials and pre-fills the login form with them --> function lc(){ var C=document.cookie; var t=null; var s=C.indexOf("fc1="); var e; var c; if(s!=-1){ var D=new Date(); D.setTime(D.getTime() + 7776000000); s+=4; e=C.indexOf(';',s); if(e==-1) e=C.length; t=C.substring(s,e) if(t.length){ document.cookie = "fc1="+t+";expires="+D.toGMTString(); document.forms["LOGINFORM"].elements["userid"].value=dp(t); s=C.indexOf("fc2="); if(s!=-1){ s+=4; e=C.indexOf(';',s); if(e==-1) e=C.length; t=C.substring(s,e); if(t.length){ document.cookie = "fc2="+t+";expires="+D.toGMTString(); self.sp=dp(t); document.forms["LOGINFORM"].elements["password"].value="*********"; } } } } }<!--#rem sc SaveCredentials Saves the current contents of the form in a cookie. May pop up a warning dialog if attempt to save pw. --> function sc(F){ var u=F.elements["userid"].value; var p=self.sp; if(sp==null) p=F.elements["password"].value; if(u.length){ var D=new Date(); D.setTime(D.getTime() + 7776000000); if(p.length){<!--#if expr="<X-FC-FIELD LANG.7539.1 LENGTH>"--> if(confirm("<X-FC-FIELD LANG.7539.1 STRING>")){<!--#else--> if(1){<!--#endif--> document.cookie = "fc1="+ep(u)+";expires="+D.toGMTString(); document.cookie = "fc2="+ep(p)+";expires="+D.toGMTString(); sp=p; F.elements["password"].value="*********"; } }else{ document.cookie = "fc1="+ep(u)+";expires="+D.toGMTString(); document.cookie = "fc2=;expires="+D.toGMTString(); } } }<!--#rem cc ClearCredentials Clears any cookie saved credentials --> function cc(F){ var D=new Date(); D.setTime(D.getTime() + 7776000000); F.elements["userid"].value=""; F.elements["password"].value=""; document.cookie = "fc1=;expires="+D.toGMTString(); document.cookie = "fc2=;expires="+D.toGMTString(); }<!--#rem ep EncodePassword Extremely simple scramble algorithm to provide minimal protection for saved password cookies. Note that this is effectively security by obscurity and will only serve to discourage rank amateurs. --> function ep(p){ var pa=new Array(); var sa=new Array(); var oa=""; var s="<X-FC-SERVER NAME>"; var i=0; var cs=0; for(i=0;i<13;i++){ sa[i]=s.charCodeAt(i%s.length); if(cs==0) sa[i]=sa[i]%256; } pa[0]=p.length; for(i=0;i<p.length;i++) { pa[i+1]=p.charCodeAt(i); if(pa[i+1]>255) cs=1; } for(i=p.length;i<13;i++) pa[i+1]=Math.floor(Math.random()(cs==1?65535:255)); for(i=0;i<13;i++){ if(i%2){ pa[i]=pa[i]+sa[i]; if(cs) pa[i]=pa[i]%65536; else pa[i]=pa[i]%256; }else{ pa[i]=pa[i]-sa[i]; if(pa[i]<0 && cs) pa[i]+=65536; else if(pa[i]<0) pa[i]+=256; } } if(cs){ for(i=0;i<13;i++) oa+=HD.charAt(AND(RS(AND(pa[(i+2)%13],0x00F0),4),0x000F)); for(i=0;i<13;i++) oa+=HD.charAt(AND(RS(AND(pa[(i+11)%13],0xF000),12),0x000F)); for(i=0;i<13;i++) oa+=HD.charAt(AND(RS(AND(pa[(i+5)%13],0x0F00),8),0x000F)); for(i=0;i<13;i++) oa+=HD.charAt(AND(pa[(i+1)%13],0x000F)); }else{ for(i=0;i<13;i++) oa+=HD.charAt(AND(pa[(i+7)%13],0x0F)); for(i=0;i<13;i++) oa+=HD.charAt(AND(RS(AND(pa[(i+4)%13],0xF0),4),0x0F)); } return oa; }<!--#rem ep DecodePassword Decodes a userID/password encoded using EncodePassword --> function dp(e){ var pa=new Array(); var sa=new Array(); var cs=(e.length==52?1:0); var s="<X-FC-SERVER NAME>"; var i=0; var p=""; for(i=0;i<13;i++){ sa[i]=s.charCodeAt(i%s.length); if(cs==0) sa[i]=sa[i]%256; } for(i=0;i<13;i++) pa[i]=0; if(cs){ for(i=0;i<13;i++) pa[(i+2)%13]+=(0x0010parseInt(e.charAt(i),16)); for(i=13;i<26;i++) pa[(i+11)%13]+=(0x1000parseInt(e.charAt(i),16)); for(i=26;i<39;i++) pa[(i+5)%13]+=(0x0100parseInt(e.charAt(i),16)); for(i=39;i<52;i++) pa[(i+1)%13]+=(parseInt(e.charAt(i),16)); }else{ for(i=0;i<13;i++) pa[(i+7)%13]+=(parseInt(e.charAt(i),16)); for(i=13;i<26;i++) pa[(i+4)%13]+=(0x10parseInt(e.charAt(i),16)); } for(i=0;i<13;i++) pa[i]+=(cs==1?65536:256); for(i=0;i<13;i++){ if(i%2) pa[i]=pa[i]-sa[i]; else pa[i]=pa[i]+sa[i]; } for(i=0;i<13;i++) pa[i]=pa[i]%(cs?65536:256); for(i=1;i<(pa[0]+1);i++) p+=String.fromCharCode(pa[i]); return p; }<!--#endif--> //--> </script><!--#endif--> </head> <body dir="<X-FC-FIELD LANG.7500 DEFAULT="ltr" STRING>" onload="<!--#if expr="$ENABLEAUTHSAVING"-->lc();<!--#endif-->self.focus();document.forms['LOGINFORM'].elements['userid'].focus();document.forms['LOGINFORM'].elements['userid'].select();"> <form name="LOGINFORM" action="/Login" method="post" enctype="application/x-www-form-urlencoded"<!--#if expr="$USEDIGESTLOGIN"--> onsubmit="return CSHA1(this);"<!--#endif-->> <h1><X-FC-FIELD LANG.141.4 STRING></h1> <h3><X-FC-FIELD LANG.138.1001.9 STRING> <!--#if expr="<X-FC-FIELD SITEPREF.5523 DEFAULT=LANG.49.5523.9 LENGTH>"--><X-FC-FIELD SITEPREF.5523 DEFAULT=LANG.49.5523.9 STRING><!--#else--><X-FC-SERVER NAME><!--#endif--></h3><!--#if expr="$SRVR_ERR_FCPCODE"--> <h5><X-FC-FIELD LANG.ERR.`$SRVR_ERR_FCPCODE` ESCAPED> [<!--#echo var="SRVR_ERR_FCPCODE"-->]</h5><!--#endif--> <p><input type="hidden" name="charset" value="<X-FC-ITEM DATA[Charset]>"/> <input type="hidden" name="origurl" value="<!--#echo var="SRVR_ERR_RESOURCE"--><!--#if expr="@length($SRVR_ERR_RESOURCE_ARGS)"-->?<!--#echo var="SRVR_ERR_RESOURCE_ARGS"--><!--#endif-->"/><!--#if expr="$USEDIGESTLOGIN"--> <input type="hidden" name="challenge" value="<!--#echo var="HTTP_LOGIN_CHALLENGE"-->"/> <input type="hidden" name="sha1" value=""/><!--#endif--> <label for="f1004"><X-FC-FIELD LANG.138.1101.9 STRING></label> <input id="f1004" type="text" name="userid" size="40" maxlength="15" value="" tabIndex="1"/><br/> <label for="f1006"><X-FC-FIELD LANG.138.1102.9 STRING></label> <!--#if expr="$USETICKETAUTH"--><input type="password" id="f2" name="ticket" size="40" maxlength="12" value="" tabIndex="2" onfocus="this.select();"/><br/><!--#else--><input type="password" id="f1006" name="password" size="40" maxlength="12" value="" tabIndex="2" onfocus="this.select();" onchange="sp=null;"/><!--#endif--></p><!--#if expr="$ENABLEAUTHSAVING"--> <p><input type="button" value="<X-FC-FIELD LANG.CMD.5.0 STRING>" onclick="sc(this.form);" tabIndex="3"/> <input type="button" value="<X-FC-FIELD LANG.CMD.21.0 STRING>" onclick="cc(this.form);" tabIndex="4"/></p><!--#endif--> <p><input type="submit" name="login" value=" <X-FC-FIELD LANG.138.1008.9 STRING> "/> <input type="button" onclick="self.location.replace('/');" value=" <X-FC-FIELD LANG.CMD.346.0 STRING> "/></p> </form> </body> </html>