// JavaScript Document

function doStepOne() {
document.getElementById("f_cont").innerHTML = "Your email address: <input type='text' id='email' class='tx' /> <a href='javascript:;' onclick='doStepTwo()'>Next</a>"
}

var email = ""
function doStepTwo() {
email = document.getElementById("email").value

if (checkEmail(email)) {
document.getElementById("f_cont").innerHTML = "Please follow the instructions in the image:<table><tr><td><a href='javascript:;' onclick=recapts('" + document.getElementById("capid").value + "')><img id='captimg' border='0' src='resources/load.gif' /></a></td></tr><tr><td><input type='text' id='capval' />&nbsp;<a href='javascript:;' onclick='sendRecover()'>Next</a></td></tr></table>"

recapts(document.getElementById("capid").value)
}
else {
alert("Email address not valid")
}
}

var capt = ""
function sendRecover() {
capt = document.getElementById("capval").value

if (capt.length == 3) {
document.getElementById("f_cont").innerHTML = "<img src='resources/load.gif' />"
sendRec()
}
else {
alert("Please check your CAPTCHA value, if you're having trouble reading it try another one by clicking on the image")
}

}

function recapts(fval) {
now = new Date();
var cpt = document.getElementById("captimg")

cpt.src = "docapt.aspx?s=" + fval + "#" + now.getMinutes() + now.getSeconds() + now.getMilliseconds()


}

function checkEmail(ste) {
var emaila = ste;
var filter = /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;
if (!filter.test(emaila)) {
return false;
}
return true;
}

function sendRec() {
var xmlhttp;
if (window.XMLHttpRequest)
  {
  // code for IE7+, Firefox, Chrome, Opera, Safari
  xmlhttp=new XMLHttpRequest();
  }
else if (window.ActiveXObject)
  {
  // code for IE6, IE5
  xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
  }
else
  {
  alert("Your browser does not support XMLHTTP!");
  }
xmlhttp.onreadystatechange=function()
{
if(xmlhttp.readyState==4)
  {
  var oi = 0
  if (xmlhttp.responseText=="ok") {
document.getElementById("f_cont").innerHTML = "If the email address corresponds to an account on file we've sent instructions on how to reset your password.<br/>If you don't receive it soon, please check your junk-email in case our email was misfiltered."
  oi = 1
  }
  
  if (xmlhttp.responseText=="err1") {
doStepTwo()
alert("Please check your CAPTCHA value, if you're having trouble reading it try another one by clicking on the image")
oi = 1
  }
  
  if (oi==0) {
  document.getElementById("f_cont").innerHTML = "We're sorry - an error occurred while processing the request, please <a href='javascript:;' onclick='doStepOne()'>try again</a>"
  }
  
  }
}
var params = "email=" + email + "&capt=" + capt + "&capid=" + document.getElementById("capid").value



xmlhttp.open("POST","dorecov.aspx?mode=checksend",true);
xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xmlhttp.setRequestHeader("Content-length", params.length);
xmlhttp.setRequestHeader("Connection", "close");

xmlhttp.send(params);

}


function doChange() {

var pu = document.getElementById("pt").value
var xmlhttp;
if (window.XMLHttpRequest)
  {
  // code for IE7+, Firefox, Chrome, Opera, Safari
  xmlhttp=new XMLHttpRequest();
  }
else if (window.ActiveXObject)
  {
  // code for IE6, IE5
  xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
  }
else
  {
  alert("Your browser does not support XMLHTTP!");
  }
xmlhttp.onreadystatechange=function()
{
if(xmlhttp.readyState==4)
  {
  var oi = 0
  if (xmlhttp.responseText=="ok") {
document.getElementById("f_cont").innerHTML = "Your password was successfully reset - <a href='default.aspx'>go to homepage</a>"
  oi = 1
  }
 
  
  if (oi==0) {
  document.getElementById("f_cont").innerHTML = "We're sorry - an error occurred while processing the request, please <a href='recoverpassword.aspx?pw=" + pu + "'>try again</a>"
  document.getElementById("f_cont").innerHTML += xmlhttp.responseText
  }
  
  }
}
var params = "px=" + document.getElementById("pt").value + "&newp=" + document.getElementById("newp").value

document.getElementById("f_cont").innerHTML = "<img src='resources/load.gif' />"


xmlhttp.open("POST","dorecov.aspx?mode=change",true);
xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xmlhttp.setRequestHeader("Content-length", params.length);
xmlhttp.setRequestHeader("Connection", "close");

xmlhttp.send(params);

}

function Passworda(arg_password, arg_spc_chars)
{
    var password = arg_password;
    var spc_chars = arg_spc_chars;
    this.lcase_count = 0;
    this.ucase_count = 0;
    this.num_count = 0;
    this.schar_count = 0;
    this.length = 0;
    this.strength = 0;
    this.runs_score = 0;
    this.verdict = '';

    // These numbers are just guesses on my part (and not
    // all that educated, either ;) Adjust accordingly.
    var verdict_conv = {'weak':2.7, 'medium':53, 'strong':150};

    // These are weighting factors.  I figure that including
    // numbers is a little better than including uppercase
    // because numbers probably are not vulnerable to
    // dictionary searches, and including special chars is
    // even better.  These factors provide yet another
    // dimension.  Again, there are only guesses.
    var flc = 1.0;  // lowercase factor
    var fuc = 1.0;  // uppercase factor
    var fnm = 1.3;  // number factor
    var fsc = 1.5;  // special char factor

    this.getStrength = function()
    {
        if ((this.run_score = this.detectRuns()) <= 1)
        {
            return 0;
        }

        var regex_sc = new RegExp('['+spc_chars+']', 'g');

        this.lcase_count = password.match(/[a-z]/g);
        this.lcase_count = (this.lcase_count) ? this.lcase_count.length : 0;
        this.ucase_count = password.match(/[A-Z]/g);
        this.ucase_count = (this.ucase_count) ? this.ucase_count.length : 0;
        this.num_count   = password.match(/[0-9]/g);
        this.num_count   = (this.num_count) ? this.num_count.length : 0;
        this.schar_count = password.match(regex_sc);
        this.schar_count = (this.schar_count) ? this.schar_count.length : 0;
        this.length = password.length;

        var avg = this.length / 4;

        // I'm dividing by (avg + 1) to linearize the strength a bit.
        // To get a result that ranges from 0 to 1, divide 
        // by Math.pow(avg + 1, 4)
        this.strength = ((this.lcase_count * flc + 1) * 
                         (this.ucase_count * fuc + 1) *
                         (this.num_count * fnm + 1) * 
                         (this.schar_count * fsc + 1)) / (avg + 1);

        if (this.strength > verdict_conv.strong)
            this.verdict = 3;
        else if (this.strength > verdict_conv.medium)
            this.verdict = 2;
        else if (this.strength > verdict_conv.weak)
            this.verdict = 1;
        else
            this.verdict = "Forget it!";

        return this.verdict;
    }

    // This is basically an edge detector with a 'rectified' (or
    // absolute zero) result.  The difference of adjacent equivalent 
    // char values is zero.  The greater the difference, the higher
    // the result.  'aaaaa' sums to 0. 'abcde' sums to 1.  'acegi'
    // sums to 2, etc.  'aaazz', which has a sharp edge, sums to  
    // 6.25.  Any thing 1 or below is a run, and should be considered
    // weak.
    this.detectRuns = function()
    {
        var parts = password.split('');
        var ords = new Array();
        for (i in parts)
        {
            ords[i] = parts[i].charCodeAt(0);
        }

        var accum = 0;
        var lasti = ords.length-1

        for (var i=0; i < lasti; ++i)
        {
            accum += Math.abs(ords[i] - ords[i+1]);
        }

        return accum/lasti;
    }


    this.toString = function()
    {
        return 'lcase: '+this.lcase_count+
               ' -- ucase: '+this.ucase_count+
               ' -- nums: '+this.num_count+
               ' -- schar: '+this.schar_count+
               ' -- strength: '+this.strength+
               ' -- verdict: '+this.verdict;
    }
}


function doCompxs() {

if (document.getElementById("newp").value == document.getElementById("conp").value) {
document.getElementById("fbk2").innerHTML = "<img src='resources/icons/accept.png' />"
document.getElementById("sbfm").disabled = ""
}
else {

document.getElementById("fbk2").innerHTML = "<img src='resources/icons/cross.png' />"
document.getElementById("sbfm").disabled = "disabled"
}
}

function doTestPasd() {

var bannedPwd = new Array("password","ruddigore","gilbert","nottingham","sullivan","nott","pass","pinafore")

pwd = document.getElementById("newp").value

if (pwd.length<8) {
document.getElementById("fbk1").innerHTML = "<img src='resources/icons/cross.png' />"
document.getElementById("fbk2").innerHTML = "<img src='resources/icons/cross.png' />"
document.getElementById("sbfm").disabled = "disabled"
}
else {
var special_chars = "~!@#$%&*";

    var pw = new Passworda(pwd,special_chars);

    var verdict = pw.getStrength();
	
	for (i=0;i<bannedPwd.length;i++) {
	var dem = new RegExp(bannedPwd[i],"i")
	if (pwd.match(dem)) {
	verdict = 0
	}
	}
	
	if (verdict==0) {
	document.getElementById("fbk2").innerHTML = "<img src='resources/icons/cross.png' />"
document.getElementById("fbk1").innerHTML = "<img src='resources/icons/vweak.png' />"
document.getElementById("sbfm").disabled = "disabled"
    }
	if (verdict==1) {
document.getElementById("fbk1").innerHTML = "<img src='resources/icons/weak.png' />"
doCompxs()
    }
	if (verdict==2) {
document.getElementById("fbk1").innerHTML = "<img src='resources/icons/medium.png' />"
doCompxs()
    }
	if (verdict==3) {
document.getElementById("fbk1").innerHTML = "<img src='resources/icons/strong.png' />"
doCompxs()
    }
	
}


}