home *** CD-ROM | disk | FTP | other *** search
/ Quick PC 61 / Quick PC 61.iso / I386 / WMS.CAB / AuthenAnonUserAdmin.asp < prev    next >
Encoding:
Text File  |  2003-02-21  |  16.0 KB  |  436 lines
  1. ∩╗┐<%@ Language=VBScript CODEPAGE=65001 %>
  2. <!--#include file="include/wmsLocStrings.inc"-->
  3. <!--#include file="include/wmsServerHash.inc"-->
  4. <!--#include file="include/wmsPlugins.inc"-->
  5. <!--#include file="include/wmsHeader.inc"-->
  6. <!--#include file="include/wmsPageBanner.inc"-->
  7. <!--#include file="include/wmsError.inc"-->
  8. <%
  9. '+-------------------------------------------------------------------------
  10. '
  11. '  Microsoft Windows Media
  12. '  Copyright (C) Microsoft Corporation. All rights reserved.
  13. '
  14. '  File:       AuthenAnonUserAdmin.asp
  15. '
  16. '  Contents:
  17. '
  18. '--------------------------------------------------------------------------
  19.  
  20. ConnectToPlugin
  21. ConnectToPluginAdmin
  22.  
  23. BeginErrorHandling
  24.  
  25. Dim bError
  26. Dim strUserName
  27. Dim strPassword
  28. Dim strPasswordConfirm
  29. Dim dwTabIndex
  30.  
  31. bError = FALSE
  32. dwTabIndex = 0
  33.  
  34. strUserName = Left( RemoveSpecifiedChars( SafeUnescape( trim( posting( "userName" ) ) ), REGEXT_ILLEGAL_UNAME_CHARS ), MAX_USERNAME )
  35. strPassword = Left( RemoveDangerousCharacters( SafeUnescape( trim( posting( "password" ) ) ) ), MAX_PASSWD )
  36. strPasswordConfirm = Left( RemoveDangerousCharacters( SafeUnescape( trim( posting( "confirm" ) ) ) ), MAX_PASSWD )
  37.  
  38. Dim strOp
  39. strOp = trim( posting( "submit" ) )
  40. if( 0 < Len( strOp ) ) then
  41.     if ( 0 < Len( strUserName ) ) then
  42.         on error resume next
  43.         if( 0 = strcomp( strPassword, strPasswordConfirm, vbTextCompare ) ) then
  44.             if( 0 <> strcomp( strPassword, L_PASSWORDPHOLD_TEXT, vbTextCompare ) ) then
  45.                 if( DetectSpecifiedChars( strUserName, REGEXP_DANGEROUS_CHARS ) ) then
  46.                     Err.Raise( -2 )
  47.                     Err.Description = L_USERNAMEBADCHAR_TEXT
  48.                     ErrorDetected( "PluginAuthenAnonUserName" )
  49.                     bError = TRUE
  50.                 elseif( DetectSpecifiedChars( strPassword, REGEXP_DANGEROUS_CHARS ) ) then
  51.                     Err.Raise( -2 )
  52.                     Err.Description = L_PASSWORDBADCHAR_TEXT
  53.                     ErrorDetected( "PluginAuthenAnonPassword" )
  54.                     bError = TRUE
  55.                 elseif( ( MAX_PASSWD >= Len( strPassword ) ) and ( MAX_USERNAME >= Len( strUserName ) ) ) then
  56.                     s_WMSAdmin.SetAuthenAnonPluginCredentials g_objPluginAdmin, strUserName, strPassword
  57.                     if( ErrorDetected( "PluginAuthenAnonUserName" ) ) then
  58.                         bError = TRUE
  59.                     end if
  60.                 end if
  61.             end if        
  62.         else
  63.             err.Raise( -1 )
  64.             err.Description = L_SPECIFYUSERNAME_TEXT
  65.             bError = TRUE
  66.             Session( "PageReloadedToDisplayError" ) = 1
  67.             err.description = RemoveDangerousCharacters( L_PASSWORDMISMATCH_TEXT )
  68.             ErrorDetected( "PluginAuthenAnonPasswordConf" )
  69.         end if
  70.         
  71.         strPassword = Server.HTMLEncode( L_PASSWORDPHOLD_TEXT )
  72.         strPasswordConfirm = Server.HTMLEncode( L_PASSWORDPHOLD_TEXT )
  73.         
  74.         if ( FALSE = bError ) then
  75.             if( "" <> g_strEncodedPubPointName ) then
  76.                 Response.Redirect "../pubpoints/pubpoint_props.asp?server=" & g_strQueryStringServer & "&ppID=" & g_strPubPointID & "&category=" & g_strCategory & "&pluginIndex=" & GetPostOrQsVal("pluginIndex")
  77.             else
  78.                 Response.Redirect "../server_props.asp?server=" & g_strQueryStringServer & "&category=" & g_strCategory & "&pluginIndex=" & GetPostOrQsVal("pluginIndex")
  79.             end if
  80.         end if
  81.     else
  82.         Err.Raise( -1 )
  83.         Err.Description = RemoveDangerousCharacters( L_SPECIFYUSERNAME_TEXT )
  84.         bError = TRUE
  85.         Session( "PageReloadedToDisplayError" ) = 1
  86.         ErrorDetected( "PluginAuthenAnonUserName" )
  87.     end if
  88. else
  89.     strUserName = g_objPluginAdmin.AnonymousUserName
  90.     if( g_objPluginAdmin.IsPasswordSet ) then
  91.         strPassword = Server.HTMLEncode( L_PASSWORDPHOLD_TEXT )
  92.         strPasswordConfirm = Server.HTMLEncode( L_PASSWORDPHOLD_TEXT )
  93.     else
  94.         strPassword = ""
  95.         strPasswordConfirm = ""
  96.     end if
  97. end if
  98.  
  99. WriteHTMLHeader( g_strDecodedServerName ) 
  100. %>
  101. <link rel="stylesheet" type="text/css" href="<%= Session( "cssName" ) %>">
  102. <% WritePluginJSUtils %>
  103. <script language="JavaScript">
  104. <!--
  105. /*@cc_on @*/
  106. var g_bBadUsernameAlerted = false;
  107.  
  108.  
  109. ///////////////////////////
  110. function RemoveBadUsernameChars( szUnfiltered )
  111. {
  112.     <% jsTRY %>
  113.         var szSafeString = new String( szUnfiltered );
  114.         var re = /\<|\>|\"|`|!|@|#|\$|\%|\^|\||\[|\]|\;|\:|\?|\(|\)|\{|\}|\&|\u201C|\u201D|\u201E|\"\&/gim;
  115.         szSafeString = szUnfiltered.replace( re, "" );
  116.  
  117.         return( szSafeString );
  118.     <% jsCATCH %>
  119. }
  120.  
  121. var g_bUserAlertedToBadUerName = false;
  122. var g_bUserAlertedToBadPasswd = false;
  123. var g_IsValidationMutexBusy = false;
  124.  
  125. ///////////////////////////
  126. function CheckIfUserChanged()
  127. {
  128.     <% jsTRY %>
  129.         var szUser;
  130.         var szPass;
  131.         var szConfirm;
  132.  
  133.         if( document.forms.pluginForm.username.value == "<%= EscBackslashChar( Left( RemoveSpecifiedChars( SafeUnescape( trim( strUserName ) ), REGEXT_ILLEGAL_UNAME_CHARS ), MAX_USERNAME ) ) %>" )
  134.         {
  135.             return( false );
  136.         }
  137.  
  138.         if( document.forms.pluginForm.password.value == "<%= Server.HTMLEncode( L_PASSWORDPHOLD_TEXT ) %>" )
  139.         {
  140.             document.forms.pluginForm.password.value = "";
  141.             document.forms.pluginForm.confirm.value = "";
  142.             return( true );
  143.         }
  144.  
  145.         if( document.forms.pluginForm.confirm.value == "<%= Server.HTMLEncode( L_PASSWORDPHOLD_TEXT ) %>" )
  146.         {
  147.             document.forms.pluginForm.password.value = "";
  148.             document.forms.pluginForm.confirm.value = "";
  149.             return( true );
  150.         }
  151.  
  152.         szUser = new String( document.forms.pluginForm.username.value );
  153.         if( 0 == szUser.length )
  154.         {
  155.             return( true );
  156.         }
  157.     <% jsCATCH %>
  158.     return( true );
  159. }
  160.  
  161. ///////////////////////////
  162. function ValidateUserPass()
  163. {
  164.     <% jsTRY %>
  165.         var szUser = "";
  166.         var szPass = "";
  167.         var szConf = "";
  168.         var bUserOkay = true;
  169.         var bError = false;
  170.         var bUserChanged = false;
  171.  
  172.         if( true == g_IsValidationMutexBusy )
  173.         {
  174.             return( true );
  175.         }
  176.         g_IsValidationMutexBusy = true;
  177.         
  178.         document.forms.pluginForm.ok.disabled = false;
  179.         
  180.         bUserChanged = CheckIfUserChanged();
  181.         
  182.         szUser = new String( document.forms.pluginForm.username.value )
  183.         szPass = new String( document.forms.pluginForm.password.value )
  184.         szConf = new String( document.forms.pluginForm.confirm.value )
  185.  
  186.         if( ( 0 == szUser.length ) && ( 0 == szPass.length ) && ( 0 == szConf.length ) )
  187.         {
  188.             // it's legal to clear all credentials
  189.             if( false == bError )
  190.             {
  191.                 document.forms.pluginForm.ok.disabled = false;
  192.                 window.status = "";
  193.             }
  194.             g_IsValidationMutexBusy = false;
  195.             return( true );
  196.         }
  197.         
  198.         if( ( 0 == szUser.length ) || bUserChanged )
  199.         {
  200.             document.forms.pluginForm.ok.disabled = ( 0 == szUser.length ) && ( ( 0 < szPass.length ) || ( 0 < szConf.length ) );
  201.         }
  202.         
  203.         // check username
  204.         var szFilteredUser = RemoveBadUsernameChars( szUser );
  205.         if( szUser.length != szFilteredUser.length )
  206.         {
  207.             document.forms.pluginForm.username.style.color = "#FF0000";
  208.             document.forms.pluginForm.ok.disabled = true;
  209.             bError = true;
  210.             window.status = "<%= L_USERNAMEBADCHAR_TEXT %>";
  211.             if( false == g_bUserAlertedToBadUerName )
  212.             {
  213.                 g_bUserAlertedToBadUerName = true;
  214.                 window.alert( "<%= L_INVALIDCHARSINUSERNAME_TEXT %>" );
  215.             }
  216.         }
  217.         else
  218.         {
  219.             document.forms.pluginForm.username.style.color = "#000000";
  220.         }
  221.         
  222.         // if any changes to pass or confirm, wipe canned password fields
  223.         if( ( ( "<%= L_PASSWORDPHOLD_TEXT %>" == document.forms.pluginForm.password.value ) &&
  224.               ( "<%= L_PASSWORDPHOLD_TEXT %>" != document.forms.pluginForm.confirm.value ) ) ||
  225.             ( ( "<%= L_PASSWORDPHOLD_TEXT %>" != document.forms.pluginForm.password.value ) && 
  226.               ( "<%= L_PASSWORDPHOLD_TEXT %>" == document.forms.pluginForm.confirm.value ) ) )
  227.         {
  228.             document.forms.pluginForm.password.value = document.forms.pluginForm.confirm.value = "";
  229.             g_IsValidationMutexBusy = false;
  230.             return( true );
  231.         }
  232.  
  233.         // if any changes to username, wipe canned password fields
  234.         if( ( ( 0 < szConf.length ) || ( 0 < szPass.length ) ) && ( szPass.length != szConf.length ) )
  235.         {
  236.             if( ( "<%= L_PASSWORDPHOLD_TEXT %>" == document.forms.pluginForm.password.value ) || 
  237.                 ( "<%= L_PASSWORDPHOLD_TEXT %>" == document.forms.pluginForm.confirm.value ) )
  238.             {
  239.                 szPass = "";
  240.                 szConf = "";
  241.                 document.forms.pluginForm.password.value = document.forms.pluginForm.confirm.value = "";
  242.                 g_IsValidationMutexBusy = false;
  243.                 return( true );
  244.             }
  245.         }
  246.  
  247.         if( "<%= L_PASSWORDPHOLD_TEXT %>" != document.forms.pluginForm.password.value )
  248.         {
  249.             var szFilteredPass = RemoveDangerousCharacters( szPass );
  250.             if( szPass.length != szFilteredPass.length )
  251.             {
  252.                 document.forms.pluginForm.password.style.color = "#FF0000";
  253.                 document.forms.pluginForm.ok.disabled = true;
  254.                 szPass = "";
  255.                 bError = true;
  256.                 window.status = "<%= L_PASSWORDBADCHAR_TEXT %>";
  257.                 if( false == g_bUserAlertedToBadPasswd )
  258.                 {
  259.                     g_bUserAlertedToBadPasswd = true;
  260.                     window.alert( "<%= L_PASSWORDBADCHAR_TEXT %>" );
  261.                 }
  262.             }
  263.             else
  264.             {
  265.                 document.forms.pluginForm.password.style.color = "#000000";
  266.             }
  267.         }
  268.  
  269.         if( "<%= L_PASSWORDPHOLD_TEXT %>" != document.forms.pluginForm.confirm.value )
  270.         {
  271.             var szFilteredConf = RemoveDangerousCharacters( szConf );
  272.             if( szConf.length != szFilteredConf.length )
  273.             {
  274.                 document.forms.pluginForm.confirm.style.color = "#FF0000";
  275.                 document.forms.pluginForm.ok.disabled = true;
  276.                 szConf = "";
  277.                 bError = true;
  278.                 window.status = "<%= L_PASSWORDBADCHAR_TEXT %>";
  279.                 if( false == g_bUserAlertedToBadPasswd )
  280.                 {
  281.                     g_bUserAlertedToBadPasswd = true;
  282.                     window.alert( "<%= L_PASSWORDBADCHAR_TEXT %>" );
  283.                 }
  284.             }
  285.             else
  286.             {
  287.                 document.forms.pluginForm.confirm.style.color = "#000000";
  288.             }
  289.         }
  290.         
  291.         if( true == bError )
  292.         {
  293.             document.forms.pluginForm.ok.disabled = true;
  294.         }
  295.         else
  296.         {
  297.             window.status = "";
  298.             if( ( 0 == szUser.length ) && ( 0 == szPass.length ) && ( 0 == szConf.length ) )
  299.             {
  300.                 document.forms.pluginForm.ok.disabled = false;
  301.                 g_IsValidationMutexBusy = false;
  302.                 return( true );
  303.             }
  304.                 
  305.             if( ( false == bError ) && document.forms.pluginForm.password.value == document.forms.pluginForm.confirm.value )
  306.             {
  307.                 if( 0 < szUser.length )
  308.                 {
  309.                     document.forms.pluginForm.ok.disabled = false;
  310.                 }
  311.                 g_IsValidationMutexBusy = false;
  312.                 return( true );
  313.             }
  314.         }
  315.                 
  316.         document.forms.pluginForm.ok.disabled = true;
  317.         g_IsValidationMutexBusy = false;
  318.         return( true );
  319.     <% jsCATCH %>
  320. }
  321. -->
  322. </script>
  323. </head>
  324. <body class="pluginBody" oncontextmenu="JavaScript:event.cancelBubble=true;return false;">
  325. <% DrawPluginBanner %>
  326. <table width=<%= Server.HTMLEncode( STDTABLEWIDTH ) %>>
  327. <tr>
  328.     <td valign=top>
  329.  
  330.         <% WriteStdPluginForm %>
  331.         
  332.         <p>
  333.          
  334.         
  335.         <p>
  336.         
  337.         <table class="propgroupbox" border=0 cellspacing=2 cellpadding=2 width=100%>
  338.         <tr>
  339.           <td colspan=3>
  340.             <div align="left" class="helptext"><%= Server.HTMLEncode( L_AUTHENANONHELP_TEXT ) %></div><br>
  341.           </td>
  342.         </tr>
  343.         <tr>
  344.             <td class="defaultcursor">
  345.                 <% RenderWithErrorCheck Server.HTMLEncode( L_USERNAMECOLON_TEXT ), "PluginAuthenAnonUserName" %>
  346.             </td>
  347.         </tr>
  348.         <tr>
  349.             <td class="defaultcursor">
  350.                 <input 
  351.                     type="text" 
  352.                     name="username" 
  353.                     onKeyUp="JavaScript:ValidateUserPass();" 
  354.                     onKeyDown="JavaScript:ValidateUserPass();" 
  355.                     onChange="JavaScript:ValidateUserPass();" 
  356.                     onPaste="JavaScript:ValidateUserPass();" 
  357.                     maxlength="<%= Server.HTMLEncode( MAX_USERNAME ) %>" 
  358.                     value="<%= EscBackslashChar( Left( RemoveSpecifiedChars( SafeUnescape( trim( strUserName ) ), REGEXT_ILLEGAL_UNAME_CHARS ), MAX_USERNAME ) ) %>" 
  359.                     tabindex=1 
  360.                     AUTOCOMPLETE="OFF">
  361.             </td>
  362.         </tr>    
  363.         <tr>
  364.             <td class="defaultcursor">
  365.                 <% RenderWithErrorCheck Server.HTMLEncode( L_PASSWORDCOLON_TEXT ), "PluginAuthenAnonPassword" %>
  366.             </td>
  367.         </tr>
  368.         <tr>
  369.             <td class="defaultcursor">
  370.                 <input 
  371.                     type="password" 
  372.                     name="password" 
  373.                     value="<%= RemoveSpecifiedChars( strPassword, REGEXP_DANGEROUS_CHARS ) %>" 
  374.                     onChange="JavaScript:ValidateUserPass();" 
  375.                     onPaste="JavaScript:ValidateUserPass();" 
  376.                     onKeyUp="JavaaScript:ValidateUserPass();" 
  377.                     onKeyDown="JavaaScript:ValidateUserPass();" 
  378.                     tabindex=2
  379.                     AUTOCOMPLETE="OFF">
  380.             </td>
  381.         </tr>    
  382.         <tr>
  383.             <td class="defaultcursor">
  384.                 <% RenderWithErrorCheck Server.HTMLEncode( L_CONFIRMPASSCOLON_TEXT ), "PluginAuthenAnonPasswordConf" %>
  385.             </td>
  386.         </tr>
  387.         <tr>
  388.             <td class="defaultcursor">
  389.                 <input 
  390.                     type="password" 
  391.                     name="confirm" 
  392.                     value="<%= RemoveSpecifiedChars( strPasswordConfirm, REGEXP_DANGEROUS_CHARS ) %>" 
  393.                     onChange="JavaScript:ValidateUserPass();"
  394.                     onPaste="JavaScript:ValidateUserPass();"
  395.                     onKeyUp="JavaScript:ValidateUserPass();"
  396.                     onKeyDown="JavaScript:ValidateUserPass();"
  397.                     tabindex=3
  398.                     AUTOCOMPLETE="OFF">
  399.             </td>
  400.         </tr>    
  401.         </table>
  402.     </td>
  403. </tr>
  404. <tr>
  405.     <td>
  406.          <br> 
  407.     </td>
  408.     <td>
  409.          
  410.     </td>
  411. <tr>
  412.     <td valign=bottom>
  413.         <input type="submit" align="baseline" name="ok" value="<%= Server.HTMLEncode( L_OKAYBUTTON_TEXT ) %>" tabIndex=4> 
  414.         <input type="button" align="baseline" name="cancel" onclick="Cancel()" value="<%= Server.HTMLEncode( L_CANCELBUTTONSPACED_TEXT ) %>" tabIndex=5> 
  415.         <input type="button" align="baseline" name="help" onclick="JavaScript:DoPluginHelp( '<%= H_AUTHENANONUSERHELPTOPIC %>' )" value="<%= Server.HTMLEncode( L_HELPBUTTONSPACED_TEXT ) %>" id="help" tabindex=6>
  416.     </td>
  417. </tr>
  418. </table>
  419. </font>
  420. </form>
  421. <% 
  422. AlertUserWithPopupErrorDialog
  423. 'OnErrorGoBack 
  424. DrawStdFooter
  425. %>
  426. </body>
  427. </html>
  428. <% 
  429. LatchCurrentPage "plugins/AuthenAnonUserAdmin.asp", qs
  430. EndErrorHandling "AuthenAnonUserAdmin.asp" 
  431.  
  432. on error resume next
  433. PluginsASPCleanup
  434. %>
  435.  
  436.