function encryptusername(username, password) { var timenow = new Date(); var datestr; var keyArray, ptArray = []; var key, ciphertext; var pad = new Array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m"); var y = 0; // Defined externally keySizeInBits = 256; blockSizeInBits = 128; //Pad out to 12 bytes with random characters while(username.length < 12){ username += String.fromCharCode(Math.round(Math.random()*90) + 32); } //Pad out to 12 bytes while(password.length < 12){ password += pad[y++]; } //32 bytes plaintext=>20 random bytes + XOR(username, password, date(YYYYMMDDWWWW)) // Generate 20 random bytes while(ptArray.length < 20){ ptArray[ptArray.length] = Math.round(Math.random() * 255); } // XOR(name, password) for(var x = 0; x < username.length; x++){ ptArray[20 + x] = username.charCodeAt(x) ^ password.charCodeAt(x); } // datestr = YYYYMMDDWWWW datestr = String(timenow.getUTCFullYear()); datestr += (timenow.getUTCMonth() + 1) < 10 ? "0" + String((timenow.getUTCMonth() + 1)) : String((timenow.getUTCMonth() + 1)); datestr += timenow.getUTCDate() < 10 ? "0" + String(timenow.getUTCDate()) : String(timenow.getUTCDate()); datestr += "0" + String(timenow.getUTCDay()); datestr += "1" + String(timenow.getUTCDay()); // XOR(datestr, XOR(name, password)) for(var x = 0; x < datestr.length; x++){ ptArray[20 + x] ^= datestr.charCodeAt(x); } //32 bytes key=>password + password + date(YYYYMMDD) key = password + password + datestr.slice(0,8); keyArray = hexToByteArray(StringToHex(key)); ciphertext = byteArrayToHex(rijndaelEncrypt(ptArray, keyArray, "ECB")); return ciphertext; } function encryptnewpassword(newpassword, password) { var timenow = new Date(); var datestr; var keyArray, ptArray = []; var key, ciphertext; var pad = new Array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m"); var y = 0; // Defined externally keySizeInBits = 256; blockSizeInBits = 128; //Pad out to 12 bytes with white space while(newpassword.length < 12){ newpassword += " "; } //Pad out to 12 bytes while(password.length < 12){ password += pad[y++]; } //32 bytes plaintext=>20 random bytes + XOR(newpassword, password, date(YYYYMMDDWWWW)) // Generate 20 random bytes while(ptArray.length < 20){ ptArray[ptArray.length] = Math.round(Math.random() * 255); } // XOR(newpassword, password) for(var x = 0; x < newpassword.length; x++){ ptArray[20 + x] = newpassword.charCodeAt(x) ^ password.charCodeAt(x); } // datestr = YYYYMMDDWWWW datestr = String(timenow.getUTCFullYear()); datestr += (timenow.getUTCMonth() + 1) < 10 ? "0" + String((timenow.getUTCMonth() + 1)) : String((timenow.getUTCMonth() + 1)); datestr += timenow.getUTCDate() < 10 ? "0" + String(timenow.getUTCDate()) : String(timenow.getUTCDate()); datestr += "0" + String(timenow.getUTCDay()); datestr += "1" + String(timenow.getUTCDay()); // XOR(datestr, XOR(name, password)) for(var x = 0; x < datestr.length; x++){ ptArray[20 + x] ^= datestr.charCodeAt(x); } //32 bytes key=>password + password + date(YYYYMMDD) key = password + password + datestr.slice(0,8); keyArray = hexToByteArray(StringToHex(key)); ciphertext = byteArrayToHex(rijndaelEncrypt(ptArray, keyArray, "ECB")); return ciphertext; } function verifyPassword() { if(this.document.changepassword.newpassword.value.length < 6){ alert("Password must be at least six characters long."); this.document.changepassword.verify.focus(); this.document.changepassword.verify.select(); return false; } if(this.document.changepassword.newpassword.value != this.document.changepassword.verify.value){ alert("Passwords don't match."); this.document.changepassword.verify.focus(); this.document.changepassword.verify.select(); return false; } return true; } function submitChangePassword(http_target) { var url; if(!verifyPassword()){ return false; } url = http_target + "/cnw-bin/cnw.cgi?"; url += "page=" + this.document.changepassword.page.value; url += "&token=" + encryptusername(this.document.changepassword.accountname.value, this.document.changepassword.password.value); url += "&newpassword=" + encryptnewpassword(this.document.changepassword.newpassword.value, this.document.changepassword.password.value); this.location.href = url; return false; } function readUnescapedCookie(cookieName) { var cookieValue = document.cookie; var cookieRegExp = new RegExp("\\b" + cookieName + "=([^;]*)"); cookieValue = cookieRegExp.exec(cookieValue); if(cookieValue != null){ cookieValue = cookieValue[1]; } return cookieValue; } function checkCookie(cookieName) { var cookieValue; cookieValue = readUnescapedCookie(cookieName); if(cookieValue == null || cookieValue.length == 0){ return false; } return true; } function openNewWindow(winName, newUrl) { var newWin; newWin = window.open(newUrl, winName, 'toolbar=no,location=no,menubar=no,personalbar=no,resizable=yes,scrollbars=yes,width=550,height=400'); newWin.moveTo(0, 0); newWin.focus(); } function openNewWindowPrint(winName, newUrl) { var newWin; newWin = window.open(newUrl, winName, 'toolbar=no,location=no,menubar=no,personalbar=no,resizable=yes,scrollbars=yes,width=500,height=550'); newWin.moveTo(0, 0); newWin.focus(); } function clearForm(thisform) { var x; for(x = 0; x < thisform.length; x++){ if(thisform.elements[x].type == 'checkbox'){ thisform.elements[x].checked = false; } else if(thisform.elements[x].type == 'text'){ thisform.elements[x].value = ""; } else if(thisform.elements[x].type == 'textarea'){ thisform.elements[x].value = ""; } else if(thisform.elements[x].type == 'password'){ thisform.elements[x].value = ""; } else if(thisform.elements[x].type == 'radio'){ thisform.elements[x].checked = false; } else if(thisform.elements[x].type == 'select'){ thisform.elements[x].selectdIndex = 0; } } } function uncheckAll(checklist) { var x; for(x = 0; x < checklist.length; x++){ checklist[x].checked = false; } } function checkAll(checklist) { var x; for(x = 0; x < checklist.length; x++){ checklist[x].checked = true; } } function escape_string(inStr) { var x; var outStr = ""; for(x = 0; x < inStr.length; x++){ switch(inStr.charAt(x)){ case '+': outStr += "%2B"; break; case '>': outStr += "%3E"; break; case '^': outStr += "%5E"; break; case '{': outStr += "%7B"; break; case '}': outStr += "%7D"; break case '<': outStr += "%3C"; break; case '\\': outStr += "%5C"; break; case '`': outStr += "%60"; break; case '|': outStr += "%7C"; break; case '"': outStr += "%22"; break; case '&': outStr += "%26"; break; case '#': outStr += "%23"; break; case '%': outStr += "%25"; break; case ' ': outStr += "%20"; break; case '/': outStr += "%2F"; break; default: outStr += inStr.charAt(x); break; } } return outStr; } function token_count(str, token) { var x, count = 0; for(x = 0; x < str.length; x++){ if(str.charAt(x) == token){ count++; } } return count; } function submitQuickSearch() { var url = ""; if(this.document.qsearch.query.value.length == 0){ alert("No query specified."); this.document.qsearch.query.focus(); return false; } url = "/cnw-bin/cnw.cgi?"; url += "page=" + this.document.qsearch.page.value; url += "&query=" + escape_string(this.document.qsearch.query.value); this.location.href = url; return false; } function submitAdvSearch() { var url = ""; var wires = ""; var x; var startDate = "", endDate = ""; url = "/cnw-bin/cnw.cgi?"; url += "page=" + this.document.advsearch.page.value; url += "&query=" + escape_string(this.document.advsearch.query.value); // City if(this.document.advsearch.city.value.length){ url += "&city=" + escape_string(this.document.advsearch.city.value); } // State if(this.document.advsearch.state.selectedIndex > 0){ if(this.document.advsearch.state[this.document.advsearch.state.selectedIndex].value != "--"){ url += "&state=" + escape_string(this.document.advsearch.state[this.document.advsearch.state.selectedIndex].value); } } // Country if(this.document.advsearch.country.selectedIndex > 0){ url += "&country=" + escape_string(this.document.advsearch.country[this.document.advsearch.country.selectedIndex].value); } // Category if(this.document.advsearch.category.selectedIndex > 0){ url += "&category=" + escape_string(this.document.advsearch.category[this.document.advsearch.category.selectedIndex].value); } // Display Format for(x = 0; x < this.document.advsearch.display_format.length; x++){ if(this.document.advsearch.display_format[x].checked == true){ url += "&display_format=" + this.document.advsearch.display_format[x].value; } } //Boolean Type url += "&boolean_type=" + this.document.advsearch.boolean_type[this.document.advsearch.boolean_type.selectedIndex].value // Number returned if(this.document.advsearch.max_perpage.selectedIndex > 0){ url += "&max_perpage=" + this.document.advsearch.max_perpage[this.document.advsearch.max_perpage.selectedIndex].value; } url += formatDate("startdate", this.document.advsearch.StartYEAR, this.document.advsearch.StartMONTH, this.document.advsearch.StartDAY); url += formatDate("enddate", this.document.advsearch.EndYEAR, this.document.advsearch.EndMONTH, this.document.advsearch.EndDAY); // Start Date startDate = formatDate(this.document.advsearch.StartYEAR, this.document.advsearch.StartMONTH, this.document.advsearch.StartDAY); if(startDate != "" && validDate(startDate) == false){ alert("Invalid Date"); this.document.advsearch.StartMONTH.focus(); return false; } else if(startDate != ""){ url += "&startdate=" + startDate; } // End Date endDate = formatDate(this.document.advsearch.EndYEAR, this.document.advsearch.EndMONTH, this.document.advsearch.EndDAY); if(endDate != "" && validDate(endDate) == false){ alert("Invalid Date"); this.document.advsearch.EndMONTH.focus(); return false; } else if(endDate != ""){ url += "&enddate=" + endDate; } if((startDate != "") && (endDate != "") && (startDate > endDate)){ alert("From Date must be less than To Date"); return false; } this.location.href = url; return false; } function confirmDownload(url) { if(checkCookie('CNWNewswire_UserID') == false){ alert("Images can only be accessed by accredited members of the media. Please sign in to download or contact us."); return false; } self.location.href = url; return true; } function confirmDownloadFR(url) { if(checkCookie('CNWNewswire_UserID') == false){ alert("Ces images sont facilement accessibles par les membres des m" + String.fromCharCode(233) + "dias. Veuillez ouvrir une session pour les t" + String.fromCharCode(233) + "l" + String.fromCharCode(233) + "charger ou communiquer avec nous."); return false; } self.location.href = url; return true; } function submitPhotoReqRequest() { if(this.document.photosignup.email.value.length > 0){ if(validate_email(this.document.photosignup.email) == false){ if(readUnescapedCookie("CNWNewswire_Language") == 'french'){ alert("S'il vous pla"+String.fromCharCode(238)+"t entrer une adresse e-mail valide"); } else{ alert("Please enter a valid E-mail address"); } this.document.photosignup.email.select(); this.document.photosignup.email.focus(); return false; } } return true; } function submitAssignmentRequest() { var url = ""; var startDate = ""; if(this.document.assignment_req.email.value.length > 0){ if(validate_email(this.document.assignment_req.email) == false){ if(readUnescapedCookie("CNWNewswire_Language") == 'french'){ alert("S'il vous pla"+String.fromCharCode(238)+"t entrer une adresse e-mail valide"); } else{ alert("Please enter a valid E-mail address"); } this.document.assignment_req.email.select(); this.document.assignment_req.email.focus(); return false; } } url = "/cnw/register.php?"; url += "page=" + this.document.assignment_req.page.value; url += "&firstname=" + escape_string(this.document.assignment_req.firstname.value); url += "&lastname=" + escape_string(this.document.assignment_req.lastname.value); url += "&voicenumber=" + escape_string(this.document.assignment_req.voicenumber.value); url += "&faxnumber=" + escape_string(this.document.assignment_req.faxnumber.value); url += "&email=" + escape_string(this.document.assignment_req.email.value); startDate = formatDate(this.document.assignment_req.StartYEAR, this.document.assignment_req.StartMONTH, this.document.assignment_req.StartDAY); if(startDate != "" && validDate(startDate) == false){ alert("Invalid Date"); this.document.advsearch.StartMONTH.focus(); return false; } else if(startDate != ""){ url += "&adate=" + startDate; } url += formatTime("atime", this.document.assignment_req.StartHOUR, this.document.assignment_req.StartMINUTE); url += "&asubject=" + escape_string(this.document.assignment_req.subject.value); // State if(this.document.assignment_req.state.selectedIndex > 0){ url += "&astate=" + escape_string(this.document.assignment_req.state[this.document.assignment_req.state.selectedIndex].value); } url += "&aaddress=" + escape_string(this.document.assignment_req.address.value); url += "&ainstructions=" + escape_string(this.document.assignment_req.instructions.value); url += "&recaptcha_challenge_field=" + escape_string(this.document.assignment_req.recaptcha_challenge_field.value); url += "&recaptcha_response_field=" + escape_string(this.document.assignment_req.recaptcha_response_field.value); this.location.href = url; return false; } function formatDate(Year, Month, Day) { var fDate = ""; // Ignore if partial date if(Year.selectedIndex && Month.selectedIndex && Day.selectedIndex){ // YYYYMMDD fDate += Year[Year.selectedIndex].value; fDate += Month[Month.selectedIndex].value; fDate += Day[Day.selectedIndex].value; return fDate; } return ""; } function validDate(DateStr){ var Datevalue = ""; var day; var month; var year; var leap = 0; var err = 0; /* YYYYMMDD */ DateValue = DateStr; if (DateValue.length != 8) { err = 19; } /* year is wrong if year = 0000 */ year = DateValue.substr(0,4); if (year == 0) { err = 20; } /* Validation of month*/ month = DateValue.substr(4,2); if ((month < 1) || (month > 12)) { err = 21; } /* Validation of day*/ day = DateValue.substr(6,2); if (day < 1) { err = 22; } /* Validation leap-year / february / day */ if ((year % 4 == 0) || (year % 100 == 0) || (year % 400 == 0)) { leap = 1; } if ((month == 2) && (leap == 1) && (day > 29)) { err = 23; } if ((month == 2) && (leap != 1) && (day > 28)) { err = 24; } /* Validation of other months */ if ((day > 31) && ((month == "01") || (month == "03") || (month == "05") || (month == "07") || (month == "08") || (month == "10") || (month == "12"))) { err = 25; } if ((day > 30) && ((month == "04") || (month == "06") || (month == "09") || (month == "11"))) { err = 26; } if (err != 0) { return false; } return true; } function formatTime(fieldName, Hour, Minute) { var fTime; // Ignore if partial time if(Hour.selectedIndex && Minute.selectedIndex){ // HHMM fTime = "&" + fieldName + "="; fTime += Hour[Hour.selectedIndex].value; fTime += Minute[Minute.selectedIndex].value; return fTime; } return ""; } function prepForm(form) { if(form.email.value.length > 0){ if(validate_email(form.email) == false){ if(readUnescapedCookie("CNWNewswire_Language") == 'french'){ alert("S'il vous pla"+String.fromCharCode(238)+"t entrer une adresse e-mail valide"); } else{ alert("Please enter a valid E-mail address"); } form.email.select(); form.email.focus(); return false; } } form.terms.value = ""; return true; } function validate_email(email) { if(email.value.match(/^[a-zA-Z][\w\.-]*[a-zA-Z0-9]@[a-zA-Z0-9][\w\.-]*[a-zA-Z0-9]\.[a-zA-Z][a-zA-Z\.]*[a-zA-Z]$/) == null){ return false; } return true; }