Marc Kupietz | 484ec8e | 2023-02-25 11:23:07 +0100 | [diff] [blame] | 1 | // Example starter JavaScript for disabling form submissions if there are invalid fields |
| 2 | (function () { |
| 3 | 'use strict'; |
| 4 | window.addEventListener('load', function () { |
Marc Kupietz | 145f5b9 | 2023-03-09 20:39:31 +0100 | [diff] [blame] | 5 | update_total_due(); |
Marc Kupietz | 8252b6d | 2023-03-10 06:46:32 +0100 | [diff] [blame] | 6 | update_paper_id_field(); |
Marc Kupietz | 484ec8e | 2023-02-25 11:23:07 +0100 | [diff] [blame] | 7 | // Fetch all the forms we want to apply custom Bootstrap validation styles to |
| 8 | var forms = document.getElementsByClassName('needs-validation'); |
| 9 | // Loop over them and prevent submission |
| 10 | var validation = Array.prototype.filter.call(forms, function (form) { |
| 11 | form.addEventListener('submit', function (event) { |
| 12 | if (form.checkValidity() === false) { |
| 13 | event.preventDefault(); |
| 14 | event.stopPropagation(); |
| 15 | } |
| 16 | form.classList.add('was-validated'); |
| 17 | }, false); |
| 18 | }); |
| 19 | }, false); |
| 20 | })(); |
| 21 | |
Marc Kupietz | 145f5b9 | 2023-03-09 20:39:31 +0100 | [diff] [blame] | 22 | function update_total_due() { |
Marc Kupietz | 0be2b46 | 2023-03-08 09:29:11 +0100 | [diff] [blame] | 23 | var costs = 0; |
| 24 | |
| 25 | |
| 26 | if ($('#participate').is(":checked")) { |
| 27 | costs += parseInt($("#conference_fee").text(),10); |
| 28 | if ($('#student').is(":checked")) { |
| 29 | costs -= parseInt($("#student_discount").text(), 10); |
| 30 | } |
| 31 | if ($('#conference_dinner').is(":checked")) { |
| 32 | costs += parseInt($("#conference_dinner_price").text(), 10); |
| 33 | } |
| 34 | } |
Marc Kupietz | 145f5b9 | 2023-03-09 20:39:31 +0100 | [diff] [blame] | 35 | $("#total_due").val(costs.toLocaleString('en-US', {minimumFractionDigits: 2, maximumFractionDigits: 2})); |
Marc Kupietz | 0be2b46 | 2023-03-08 09:29:11 +0100 | [diff] [blame] | 36 | } |
| 37 | |
| 38 | function update_paper_id_field() { |
| 39 | var paper_id = $("#paper_id"); |
| 40 | if ($('#author').is(":checked")) { |
| 41 | paper_id.removeAttr('disabled'); |
| 42 | paper_id.attr('placeholder', '0000'); |
| 43 | paper_id.attr('pattern', '\\d{4}'); |
| 44 | paper_id.attr('required', 'required'); |
| 45 | } else { |
| 46 | paper_id.val(''); |
| 47 | paper_id.attr('disabled', 'disabled'); |
| 48 | paper_id.removeAttr('placeholder'); |
| 49 | paper_id.removeAttr('pattern'); |
| 50 | paper_id.removeAttr('required'); |
| 51 | } |
| 52 | } |
Marc Kupietz | 484ec8e | 2023-02-25 11:23:07 +0100 | [diff] [blame] | 53 | |
| 54 | function check_password_match() { |
| 55 | pass = $("#pw1").val(); |
| 56 | pass2 = $("#pw2").val(); |
| 57 | |
| 58 | if (pass2.length > 0) { |
| 59 | $("#pwconfirm")[0].classList.add('was-validated') |
| 60 | if (pass != pass2) { |
| 61 | $("#pw2")[0].setCustomValidity("Passwords do not match"); |
| 62 | } else { |
| 63 | $("#pw2")[0].setCustomValidity(""); // is valid |
| 64 | } |
| 65 | } else { |
| 66 | $("#pwconfirm")[0].classList.remove('was-validated') |
| 67 | } |
| 68 | passUpdated(); |
| 69 | } |
| 70 | |
| 71 | TOO_SHORT = 'Password too short, still %% characters needed'; |
| 72 | TOO_LONG = 'Password too long, please remove %% characters'; |
| 73 | INVALID_CHARS = 'Password contains invalid characters'; |
| 74 | QUAL_NONE = 'Password is very weak' |
| 75 | QUAL_LOW = 'Password is weak'; |
| 76 | QUAL_MEDIUM = 'Password is average' |
| 77 | QUAL_GOOD = 'Password is good'; |
| 78 | QUAL_STRONG = 'Password is strong'; |
| 79 | REP_OK = 'Repetition ok'; |
| 80 | REP_NE = 'Passwords not identical'; |
| 81 | PWNED = 'Password found in public password list'; |
| 82 | |
| 83 | String.prototype.strReverse = function () { |
| 84 | var newstring = ''; |
| 85 | for (var s = 0; s < this.length; s++) |
| 86 | newstring = this.charAt(s) + newstring; |
| 87 | return newstring; |
| 88 | }; |
| 89 | |
| 90 | function isPasswordPwned(pass, callback) { |
| 91 | const sha1Hash = CryptoJS.enc.Hex.stringify(CryptoJS.SHA1(pass)).toUpperCase(); |
| 92 | const passwordChunk1 = sha1Hash.substring(0, 5); |
| 93 | const passwordChunk2 = sha1Hash.substring(5); |
| 94 | $.get('https://api.pwnedpasswords.com/range/' + passwordChunk1).done(function (data, status) { |
| 95 | var isPwned = false; |
| 96 | if (status == "success") { |
| 97 | if (data && data.length) { |
| 98 | const chunks = data.split('\r\n'); |
| 99 | const matches = chunks.filter(s => s.includes(passwordChunk2)); |
| 100 | |
| 101 | if (matches.length) { |
| 102 | isPwned = true |
| 103 | } |
| 104 | } |
| 105 | callback(isPwned) |
| 106 | } |
| 107 | }); |
| 108 | } |
| 109 | |
| 110 | //var checkTimer; |
| 111 | |
| 112 | function passUpdated() { |
| 113 | var nScore = 0; |
| 114 | var message = ''; |
| 115 | |
| 116 | var pass = $('#pw1').val(); |
| 117 | var pass2 = $('#pw2').val(); |
| 118 | |
| 119 | //clearTimeout(checkTimer); |
| 120 | |
| 121 | try { |
| 122 | if (!pass) |
| 123 | throw ''; |
| 124 | |
| 125 | if (pass.match(/[^a-zA-Z0-9!@#$%()_+=:;",.?/-]/)) |
| 126 | throw INVALID_CHARS; |
| 127 | |
| 128 | var nLength = pass.length; |
| 129 | if (nLength < 8) |
| 130 | throw TOO_SHORT.replace('%%', 8 - nLength); |
| 131 | if (nLength > 20) |
| 132 | throw TOO_LONG.replace('%%', nLength - 20); |
| 133 | |
| 134 | nScore = 4 * nLength; |
| 135 | |
| 136 | // check for upper-/lowercase, numeric and special chars pattern matches |
| 137 | var nAlphaUC = 0, nAlphaLC = 0, nNumber = 0, nSpecial = 0; |
| 138 | var nMidChar = 0, nRepChar = 0, nRepInc = 0; |
| 139 | var nConsecAlphaUC = 0, nConsecAlphaLC = 0, nConsecNumber = 0; |
| 140 | var nTmpAlphaUC = '', nTmpAlphaLC = '', nTmpNumber = ''; |
| 141 | for (var i = 0; i < nLength; i++) { |
| 142 | if (pass[i].match(/[A-Z]/g)) { // uppercase characters |
| 143 | if (nTmpAlphaUC !== '' && (nTmpAlphaUC + 1) == i) { |
| 144 | nConsecAlphaUC++; |
| 145 | } |
| 146 | nTmpAlphaUC = i; |
| 147 | nAlphaUC++; |
| 148 | } else if (pass[i].match(/[a-z]/g)) { // lowercase characters |
| 149 | if (nTmpAlphaLC !== '' && (nTmpAlphaLC + 1) == i) { |
| 150 | nConsecAlphaLC++; |
| 151 | } |
| 152 | nTmpAlphaLC = i; |
| 153 | nAlphaLC++; |
| 154 | } else if (pass[i].match(/[0-9]/g)) { // numbers |
| 155 | if (i > 0 && i < (nLength - 1)) { |
| 156 | nMidChar++; |
| 157 | } |
| 158 | if (nTmpNumber !== '' && (nTmpNumber + 1) == i) { |
| 159 | nConsecNumber++; |
| 160 | } |
| 161 | nTmpNumber = i; |
| 162 | nNumber++; |
| 163 | } else { // special characters |
| 164 | if (i > 0 && i < (nLength - 1)) { |
| 165 | nMidChar++; |
| 166 | } |
| 167 | nSpecial++; |
| 168 | } |
| 169 | |
| 170 | // check for repeated characters |
| 171 | var bCharExists = false; |
| 172 | for (var j = 0; j < nLength; j++) { |
| 173 | if (pass[i] == pass[j] && i != j) { |
| 174 | bCharExists = true; |
| 175 | nRepInc += Math.abs(nLength / (j - i)); |
| 176 | } |
| 177 | } |
| 178 | if (bCharExists) { |
| 179 | nRepChar++; |
| 180 | var nUnqChar = nLength - nRepChar; |
| 181 | nRepInc = (nUnqChar) ? Math.ceil(nRepInc / nUnqChar) : Math.ceil(nRepInc); |
| 182 | } |
| 183 | } |
| 184 | |
| 185 | // check for sequential alpha string patterns (forward and reverse) |
| 186 | var sAlphas = "abcdefghijklmnopqrstuvwxyz"; |
| 187 | var nSeqAlpha = 0; |
| 188 | for (var i = 0; i < 23; i++) { |
| 189 | var sFwd = sAlphas.substring(i, i + 3); |
| 190 | var sRev = sFwd.strReverse(); |
| 191 | if (pass.toLowerCase().indexOf(sFwd) != -1 |
| 192 | || pass.toLowerCase().indexOf(sRev) != -1) |
| 193 | nSeqAlpha++; |
| 194 | } |
| 195 | |
| 196 | // check for sequential numeric string patterns (forward and reverse) |
| 197 | var sNumerics = "01234567890"; |
| 198 | var nSeqNumber = 0; |
| 199 | for (var i = 0; i < 8; i++) { |
| 200 | var sFwd = sNumerics.substring(i, i + 3); |
| 201 | var sRev = sFwd.strReverse(); |
| 202 | if (pass.toLowerCase().indexOf(sFwd) != -1 |
| 203 | || pass.toLowerCase().indexOf(sRev) != -1) |
| 204 | nSeqNumber++; |
| 205 | } |
| 206 | |
| 207 | // general point assignment |
| 208 | if (nAlphaUC > 0 && nAlphaUC < nLength) // uppercase characters |
| 209 | nScore += 2 * (nLength - nAlphaUC); |
| 210 | if (nAlphaLC > 0 && nAlphaLC < nLength) // lowercase characters |
| 211 | nScore += 2 * (nLength - nAlphaLC); |
| 212 | if (nNumber > 0 && nNumber < nLength) // numbers |
| 213 | nScore += 2 * nNumber; |
| 214 | if (nSpecial > 0) // special characters |
| 215 | nScore += 4 * nSpecial; |
| 216 | if (nMidChar > 0) // mid numbers/special characters |
| 217 | nScore += 2 * nMidChar; |
| 218 | |
| 219 | // point deductions for poor practices |
| 220 | if ((nAlphaLC > 0 || nAlphaUC > 0) |
| 221 | && nSpecial === 0 && nNumber === 0) // characters only |
| 222 | nScore -= nLength; |
| 223 | if (nAlphaLC === 0 && nAlphaUC === 0 |
| 224 | && nSpecial === 0 && nNumber > 0) // numbers only |
| 225 | nScore -= nLength; |
| 226 | if (nRepChar > 0) // same character exists more than once |
| 227 | nScore -= nRepInc; |
| 228 | if (nConsecAlphaUC > 0) // consecutive uppercase letters exist |
| 229 | nScore -= 2 * nConsecAlphaUC; |
| 230 | if (nConsecAlphaLC > 0) // consecutive lowercase letters exist |
| 231 | nScore -= 2 * nConsecAlphaLC; |
| 232 | if (nConsecNumber > 0) // consecutive numbers exist |
| 233 | nScore -= 2 * nConsecNumber; |
| 234 | if (nSeqAlpha > 0) // sequential alpha strings exist (3 chars or more) |
| 235 | nScore -= 3 * nSeqAlpha; |
| 236 | if (nSeqNumber > 0) // sequential numeric strings exist (3 chars or more) |
| 237 | nScore -= 3 * nSeqNumber; |
| 238 | |
| 239 | // determine if mandatory requirements have been met |
| 240 | var arrChars = [nAlphaUC, nAlphaLC, nNumber, nSpecial]; |
| 241 | var nReqChar = 0; |
| 242 | for (var i = 0; i < arrChars.length; i++) { |
| 243 | if (arrChars[i]) { |
| 244 | nReqChar++; |
| 245 | } |
| 246 | } |
| 247 | if (nReqChar >= arrChars.length) |
| 248 | nScore += 2 * nReqChar; |
| 249 | else if (nReqChar < arrChars.length - 1) |
| 250 | nScore -= 2 * nReqChar; |
| 251 | |
| 252 | // limit points to 3..100 |
| 253 | nScore = Math.max(3, Math.min(nScore, 100)); |
| 254 | |
| 255 | // set message according to points |
| 256 | if (nScore >= 80) |
| 257 | message = QUAL_STRONG; |
| 258 | else if (nScore >= 60) |
| 259 | message = QUAL_GOOD; |
| 260 | else if (nScore >= 40) |
| 261 | message = QUAL_MEDIUM; |
| 262 | else if (nScore >= 10) |
| 263 | message = QUAL_LOW; |
| 264 | else |
| 265 | message = QUAL_NONE; |
| 266 | } catch (error) { |
| 267 | nScore = 3; |
| 268 | message = error; |
| 269 | } |
| 270 | /* |
| 271 | if (pass.length > 0 && pass2.length > 0) { |
| 272 | message+=' / '; |
| 273 | message+=(pass == pass2) ? REP_OK : REP_NE; |
| 274 | } |
| 275 | */ |
| 276 | $('#pwqinfo').val(message); |
| 277 | |
| 278 | var progress = $('#pwqbar'); |
| 279 | progress.width(nScore + '%'); |
| 280 | progress.attr('aria-valuenow', nScore); |
| 281 | if (nScore >= 60) |
| 282 | progress.removeClass('bg-danger bg-warning').addClass('bg-success'); |
| 283 | else if (nScore >= 40) |
| 284 | progress.removeClass('bg-danger bg-success').addClass('bg-warning'); |
| 285 | else |
| 286 | progress.removeClass('bg-warning bg-success').addClass('bg-danger'); |
| 287 | |
| 288 | if (nScore >= 40) { |
| 289 | $("#password-div")[0].classList.add('was-validated'); |
| 290 | $('#btn_change').prop('disabled', pass !== pass2); |
| 291 | $("#pw1")[0].setCustomValidity(""); |
| 292 | isPasswordPwned(pass, function (isPwned) { |
| 293 | if (isPwned) { |
| 294 | $('#pwqinfo').val(PWNED); |
| 295 | progress.removeClass().addClass('low'); |
| 296 | progress.val(3); |
| 297 | $("#pw1")[0].setCustomValidity("Password is pwned"); |
| 298 | } |
| 299 | }); |
| 300 | } else { |
| 301 | $("#password-div")[0].classList.add('was-validated'); |
| 302 | $('#btn_change').prop('disabled', 1); |
| 303 | $("#pw1")[0].setCustomValidity("Password is to week"); |
| 304 | } |
| 305 | |
| 306 | } |