<%
%>
<!--#include file="include/dbcommon.asp"-->
<%
add_nocache_headers 
doAssignmentByRef auditObj,GetAuditObject("")
if IsEqual(GetRequestValue(RequestForm(),"a"),"logout") or IsEqual(GetRequestValue(Request.QueryString,"a"),"logout") then
	if bValue(auditObj) then
		auditObj.LogLogout 
	end if
	Session.Abandon 
	asp_setcookie "username","",CSmartDbl(time())-(365*1440)*60
	asp_setcookie "password","",CSmartDbl(time())-(365*1440)*60
	asp_header "Location: login.asp"
	Response.End
end if
asp_include "include/xtempl.asp",false
asp_include "classes/runnerpage.asp",false
Set xt = (CreateClass("Xtempl",0,Empty,Empty,Empty,Empty,Empty,Empty,Empty))
doAssignment id,IIF(not IsEqual(postvalue("id"),""),postvalue("id"),1)
Set params = (CreateDictionary2("id",id,"pageType",PAGE_LOGIN))
setArrElementByRef params,"xt",xt
setArrElement params,"tName","global"
setArrElement params,"needSearchClauseObj",false
Set pageObject = (CreateClass("RunnerPage",1,params,Empty,Empty,Empty,Empty,Empty,Empty))
pageObject.isCaptchaOk = 1
useCaptcha = false
if bValue(globalEvents.exists_p1("BeforeProcessLogin")) then
	globalEvents.BeforeProcessLogin_p1 conn
end if
doAssignment myurl,Session("MyURL")
asp_unsetElement Session,"MyURL"
message = ""
doAssignmentByRef pUsername,postvalue("username")
doAssignmentByRef pPassword,postvalue("password")
doAssignmentByRef is508,isEnableSection508()
rememberbox_checked = ""
rememberbox_attrs = CSmartStr(IIF(IsEqual(is508,true),"id=""remember_password"" ","")) & "name=""remember_password"" value=""1"""
if bValue(GetRequestValue(Request.Cookies,"username")) or bValue(GetRequestValue(Request.Cookies,"password")) then
	rememberbox_checked = " checked"
end if
logacc = true
if bValue(auditObj) then
	if bValue(auditObj.LoginAccess()) then
		logacc = false
		doAssignmentByRef message,mysprintf("Access denied for %s minutes",CreateDictionary1(Empty,auditObj.LoginAccess()))
	end if
end if
if IsEqual(GetRequestValue(RequestForm(),"btnSubmit"),"Login") and bValue(logacc) then
	if IsEqual(GetRequestValue(RequestForm(),"remember_password"),1) then
		asp_setcookie "username",pUsername,CSmartDbl(time())+(365*1440)*60
		asp_setcookie "password",pPassword,CSmartDbl(time())+(365*1440)*60
		rememberbox_checked = " checked"
	else
		asp_setcookie "username","",CSmartDbl(time())-(365*1440)*60
		asp_setcookie "password","",CSmartDbl(time())-(365*1440)*60
		rememberbox_checked = ""
	end if
	if bValue(pageObject.isCaptchaOk) then
		setArrElement Session,"login_count_captcha",CSmartDbl(Session("login_count_captcha"))+1
	end if
	strUsername = CSmartStr(pUsername)
	strPassword = CSmartStr(pPassword)
	doAssignment sUsername,strUsername
	doAssignment sPassword,strPassword
	if bValue(NeedQuotes(cUserNameFieldType)) then
		strUsername = ("'" & CSmartStr(db_addslashes(strUsername))) & "'"
	else
		strUsername = 0+CSmartDbl(strUsername)
	end if
	if bValue(NeedQuotes(cPasswordFieldType)) then
		strPassword = ("'" & CSmartStr(db_addslashes(strPassword))) & "'"
	else
		strPassword = 0+CSmartDbl(strPassword)
	end if
	strSQL = (((((((("select * from " & CSmartStr(AddTableWrappers("siteusers"))) & " where ") & CSmartStr(AddFieldWrappers(cUserNameField))) & "=") & CSmartStr(strUsername)) & " and ") & CSmartStr(AddFieldWrappers(cPasswordField))) & "=") & CSmartStr(strPassword)
	retval = true
	logged = false
	Set data = (CreateDictionary())
	if bValue(globalEvents.exists_p1("BeforeLogin")) then
		doAssignmentByRef retval,globalEvents.BeforeLogin_p3(pUsername,pPassword,message)
	end if
	if bValue(retval) then
		doAssignmentByRef rs,db_query(strSQL,conn)
		doAssignmentByRef data,db_fetch_array(rs)
		if bValue(data) then
			if IsEqual(ArrayElement(data,cUserNameField),sUsername) and IsEqual(ArrayElement(data,cPasswordField),sPassword) then
				logged = true
			end if
		end if
	end if
	if bValue(logged) and bValue(pageObject.isCaptchaOk) then
		setArrElement Session,"UserID",pUsername
		setArrElement Session,"AccessLevel",ACCESS_LEVEL_USER
		setArrElement Session,"GroupID",ArrayElement(data,"UserName")
		if bValue(auditObj) then
			auditObj.LogLogin 
			auditObj.LoginSuccessful 
		end if
		if bValue(globalEvents.exists_p1("AfterSuccessfulLogin")) then
			globalEvents.AfterSuccessfulLogin_p3 pUsername,pPassword,data
		end if
		if bValue(myurl) then
			asp_header "Location: " & CSmartStr(myurl)
		else
			asp_header "Location: menu.asp"
		end if
		response.end
	else
		if bValue(auditObj) then
			auditObj.LogLoginFailed_p1 pUsername
			auditObj.LoginUnsuccessful_p1 pUsername
		end if
		if bValue(globalEvents.exists_p1("AfterUnsuccessfulLogin")) then
			globalEvents.AfterUnsuccessfulLogin_p3 pUsername,pPassword,message
		end if
		if IsEqual(message,"") and not bValue(logged) then
			message = "Invalid Login"
		end if
	end if
end if
xt.assign_p2 "rememberbox_attrs",CSmartStr(rememberbox_attrs) & CSmartStr(rememberbox_checked)
xt.assign_p2 "guestlink_block",false
setArrElement Session,"MyURL",myurl
if bValue(myurl) then
	xt.assign_p2 "guestlink_attrs",("href=""" & CSmartStr(myurl)) & """"
else
	xt.assign_p2 "guestlink_attrs","href=""menu.asp"""
end if
if bValue(postvalue("username")) then
	xt.assign_p2 "username_attrs",((CSmartStr(IIF(IsEqual(is508,true),"id=""username"" ","")) & "value=""") & CSmartStr(htmlspecialchars(pUsername))) & """"
else
	xt.assign_p2 "username_attrs",((CSmartStr(IIF(IsEqual(is508,true),"id=""username"" ","")) & "value=""") & CSmartStr(htmlspecialchars(GetRequestValue(Request.Cookies,"username")))) & """"
end if
password_attrs = "onkeydown=""e=event; if(!e) e = window.event; if (e.keyCode != 13) return; e.cancel = true; e.cancelBubble=true; document.forms[0].submit(); return false;"""
if bValue(postvalue("password")) then
	password_attrs = CSmartStr(password_attrs) & (((CSmartStr(IIF(IsEqual(is508,true)," id=""password""","")) & " value=""") & CSmartStr(htmlspecialchars(pPassword))) & """")
else
	password_attrs = CSmartStr(password_attrs) & (((CSmartStr(IIF(IsEqual(is508,true)," id=""password""","")) & " value=""") & CSmartStr(htmlspecialchars(GetRequestValue(Request.Cookies,"password")))) & """")
end if
xt.assign_p2 "password_attrs",password_attrs
if IsEqual(GetRequestValue(Request.QueryString,"message"),"expired") then
	message = "Your session has expired. Please login again."
end if
if bValue(message) then
	xt.assign_p2 "message_block",true
	xt.assign_p2 "message",message
end if
setArrElement pageObject.body,"begin",CSmartStr(ArrayElement(pageObject.body,"begin")) & ("<script type=""text/javascript"" src=""include/jquery.js""></script>" & "<script type=""text/javascript"" src=""include/jsfunctions.js""></script>")
if IsIdentical(pageObject.debugJSMode,true) then
	setArrElement pageObject.body,"begin",CSmartStr(ArrayElement(pageObject.body,"begin")) & "<script language=""JavaScript"" src=""include/runnerJS/RunnerBase.js""></script>" & vbcrlf
else
	setArrElement pageObject.body,"begin",CSmartStr(ArrayElement(pageObject.body,"begin")) & "<script type=""text/javascript"" src=""include/runnerJS/RunnerBase.js""></script>"
end if
setArrElement pageObject.body,"begin",CSmartStr(ArrayElement(pageObject.body,"begin")) & "<form method=post action=""login.asp"" id=form1 name=form1>" & vbcrlf & _
	"		<input type=hidden name=btnSubmit value=""Login"">"
setArrElement pageObject.body,"end",CSmartStr(ArrayElement(pageObject.body,"end")) & "</form>" & vbcrlf & _
	"<script>" & vbcrlf & _
	"function elementVisible(jselement)" & vbcrlf & _
	"{ " & vbcrlf & _
	"	do" & vbcrlf & _
	"	{" & vbcrlf & _
	"		if (jselement.style.display.toUpperCase() == 'NONE')" & vbcrlf & _
	"			return false;" & vbcrlf & _
	"		jselement=jselement.parentNode; " & vbcrlf & _
	"	}" & vbcrlf & _
	"	while (jselement.tagName.toUpperCase() != 'BODY'); " & vbcrlf & _
	"	return true;" & vbcrlf & _
	"}" & vbcrlf & _
	"if(elementVisible(document.forms[0].elements['username']))" & vbcrlf & _
	"	document.forms[0].elements['username'].focus();" & vbcrlf & _
	"</script>"
pageObject.addCommonJs 
pageObject.fillSetCntrlMaps 
setArrElement pageObject.body,"end",CSmartStr(ArrayElement(pageObject.body,"end")) & "<script>"
setArrElement pageObject.body,"end",CSmartStr(ArrayElement(pageObject.body,"end")) & (("window.controlsMap = '" & CSmartStr(jsreplace(my_json_encode(pageObject.controlsHTMLMap)))) & "';")
setArrElement pageObject.body,"end",CSmartStr(ArrayElement(pageObject.body,"end")) & (("window.settings = '" & CSmartStr(jsreplace(my_json_encode(pageObject.jsSettings)))) & "';")
setArrElement pageObject.body,"end",CSmartStr(ArrayElement(pageObject.body,"end")) & (CSmartStr(pageObject.PrepareJS()) & "</script>")
pageObject.addButtonHandlers 
xt.assignbyref_p2 "body",pageObject.body
xt.assign_p2 "username_label",true
xt.assign_p2 "password_label",true
xt.assign_p2 "remember_password_label",true
if bValue(isEnableSection508()) then
	xt.assign_section_p3 "username_label","<label for=""username"">","</label>"
	xt.assign_section_p3 "password_label","<label for=""password"">","</label>"
	xt.assign_section_p3 "remember_password_label","<label for=""remember_password"">","</label>"
end if
templatefile = "login.htm"
if bValue(globalEvents.exists_p1("BeforeShowLogin")) then
	globalEvents.BeforeShowLogin_p2 xt,templatefile
end if
xt.display_p1 templatefile
%>