// 			AJAX XML Login
																																	//
																																	//				by:			Joey Ryken
																																	//								and Kris Ryken
																																	//				Date:		May 11, 2007
	var user;
	var session = 0;
	var timer;
	var warn;
	var alias;
	var email;
	var user_type;
	var ticker_warn;
	var ticker_timer;

	session = 0;																				//removes the session id
	user = "";																					//clears the username
	timer = 0;																					//clear the timeout and warning timeout values.
	warn = 0;

function preprocess_login(s, u){
				var pass;
				var fail;

				user = document.getElementById("u").value;
				pass = document.getElementById("p").value;

				if(s && u){	//session
					user = u;
					ready("Login/xml_login.php?s=" + s + "&u=" + u);
				}else if(user && pass){
					ready("Login/xml_login.php?u=" + user + "&p=" + pass);
				}else if(!user && !pass){
					document.getElementById("di_login_error").innerHTML = "";
				}else if(user){
					document.getElementById("di_login_error").innerHTML = "Enter your password.";
					fail++;
				}else if(pass){
					document.getElementById("di_login_error").innerHTML = "Enter your email.";
					fail++;
				}
			
				return false;
			}
																		// Called after preprocess login, shows the login box as logged in
			function process_login(){
			
				session = req2.responseXML.getElementsByTagName("authentication")[0].firstChild.nodeValue;

				if(session > 0){

					timer = req2.responseXML.getElementsByTagName("authentic_time")[0].firstChild.nodeValue;		//pulls the timeout value...
					warn = req2.responseXML.getElementsByTagName("authentic_warn")[0].firstChild.nodeValue;		//...the timeout warning value...
					alias= req2.responseXML.getElementsByTagName("authentic_alias")[0].firstChild.nodeValue;		//...and the user's name
					email = req2.responseXML.getElementsByTagName("authentic_email")[0].firstChild.nodeValue;		//...and the user's email
					user_type = req2.responseXML.getElementsByTagName("authentic_type")[0].firstChild.nodeValue;	//type of user.

					show_logout();																																	//reveals the logout stuff.
					if(user_type == "Admin"){
						document.getElementById("di_pane").innerHTML = "<br /><b>" + user_type;
					}
					upon_login();
				}else{
					document.getElementById("di_login_error").innerHTML = "Incorrect! Try again.";
				}
			}
																		// Updates the users session so it doesn't time out.
			function update_login(){			// Called whenever there is user interaction to keep the session alive.

				if(ticker_warn){
					clearTimeout(ticker_warn);
				}
				if(ticker_timer){
					clearTimeout(ticker_timer);
				}
				if(warn > 0){
					ticker_warn = setTimeout("timeout_warning()", warn);
				}
				if(timer > 0){
					ticker_timer = setTimeout("preprocess_logout()", timer);
				}

				var w = document.getElementById("di_warn");
				if(w){
					w.innerHTML = "<br />";	//clears the timeout warning
					document.getElementById("ii_session").src = "Login/iframe_session.php?status=update&u="+user;		//updates the php session
				}
			}
																		// Shows the standard logout and profile stuff that all users see regardless of rank
			function show_logout(){
				var login_box;							//the iframe in the login_box actually starts the php session
				
																		//MAKE THE PASSED SESSION TAKE SEVERAL VARIABLES SO HACK CANT FORCE LOGOUT ALL:
				login_box = document.getElementById("di_login");
/*
				login_box.innerHTML = "Welcome <b>" + alias + "</b>, <a href='javascript:preprocess_logout(" + session + ");'>Logout</a><br /><br /><div id='di_indy'><br /></div><a href='javascript:edit_my_profile();'>Edit My Profile</a><br /><a href='javascript:view_purchases();'>View Purchases</a><div id='di_warn'><br /></div><div id='di_pane'></div>";
*/
				login_box.innerHTML = "Welcome <b>" + alias + "</b>, <a href='javascript:preprocess_logout(" + session + ");'>Logout</a><br /><br /><div id='di_indy'><br /></div><div id='di_warn'><br /></div><div id='di_pane'></div>";
				document.getElementById("ii_session").src = "Login/iframe_session.php?status=start&u="+user;		//starts the php session

				clearTimeout(ticker_warn);	//clear the timers in case of logout and log back in
				clearTimeout(ticker_timer);

				ticker_warn = setTimeout("timeout_warning()", warn);			//the return value for these is used to cancel the timeouts in case of renewal...
				ticker_timer = setTimeout("preprocess_logout()", timer);
			}
																		// Shows a link the user can click to keep from timing out.
			function timeout_warning(){			//this warning is displayed when the session is about to timeout.
				document.getElementById("di_warn").innerHTML = "<a href='javascript:update_login();'>Stay logged in.</a>";
			}
																		// Logs the user out.
			function preprocess_logout(){

				document.getElementById("di_warn").innerHTML = "<br />";	//clears the timeout warning
				document.getElementById("ii_session").src = "Login/iframe_session.php?status=unset&u="+user;		// *** IF THIS PAGE DOESN'T GET HIT THE LOGOUT WON'T WORK!! THAT'S WHY I'M CALLING THE DELAY HERE:
			
				clearTimeout(ticker_warn);	//clear the timers in case of logout and log back in
				clearTimeout(ticker_timer);
																		// NEXT TWO LINES MAY FAIL TO LOG USER OUT IF CONNECTION IS SLOW!
				setTimeout("draw_login_box();", 1000);
				setTimeout("upon_logout();", 1000);
			}
			
			function draw_login_box(){		// Called when the page is loaded and no one is logged in or is drawn when the session times out.
				var login_box;
				login_box = document.getElementById("di_login");
				login_box.innerHTML = "<div class=\"dc_login_row\"><div class=\"dc_login_row_left\">Email:</div><div class=\"dc_login_row_right\"><input type=\"text\" name=\"u\" id=\"u\" class=\"login_fields\" /></div></div><div class=\"dc_login_row\"><div class=\"dc_login_row_left\">Password:</div><div class=\"dc_login_row_right\"><input type=\"password\" name=\"p\" id=\"p\" class=\"login_fields\" /></div></div><div id=\"di_login_error\"></div><div class=\"dc_login_row\"><div class=\"dc_login_row_left\">&nbsp;</div><div class=\"dc_login_row_right\"><input type=\"submit\" value=\"Login\" class=\"login_fields\" /></div></div>";
			}
																		// Called upon login, logs the user in if session is still active or shows the login box if not

			function destruct(){
				var garbage;

				if(document.getElementById("ii_session")){
					document.getElementById("ii_session").src = "";
				}
			}
/*
			THESE FUNCTIONS MUST BE PLACED IN THE DOCUMENT.

			function upon_login(){
					;
			}

			function upon_logout(){
				window.location = ".";
			}
*/













		function aim(url){
	
	    if(window.XMLHttpRequest){		// branch for native XMLHttpRequest object
        req2 = new XMLHttpRequest();
        req2.onreadystatechange = fire;
        req2.open("GET", url, true);
        req2.send(null);
			}else if(window.ActiveXObject){	// branch for IE/Windows ActiveX version
        isIE = true;
        req2 = new ActiveXObject("Microsoft.XMLHTTP");
        if(req2){
            req2.onreadystatechange = fire;
            req2.open("GET", url, true);
            req2.send();
        }
    	}
		}

		function fire(){				// handle onreadystatechange event of req object
			if(req2.readyState == 4){					// only if req2 shows "loaded"
				if(req2.status == 200){					// only if "OK"
					fuel();
				}else{
					//THIS ERRORS ALSO WHEN THE RECORD HAS BEEN DELETED
					document.getElementById("edit_item_div").innerHTML = "Please check your internet connection ("+req2.statusText+").";
				}
			}
		}

		function ready(z){
		
			if(window.XMLHTTPRequest){
				var authentic = new XMLHttpRequest();
			}else if(window.ActiveXObject){
				var authentic = new ActiveXObject("Microsoft.XMLHTTP");
			}

			authentic = aim(z);
		}

		function fuel(){
			var o;
			var type_of_xml;

			type_of_xml = req2.responseXML.getElementsByTagName('shop')[0].getAttribute("value");

			if(type_of_xml == "login"){
				process_login();
			}
		}