/*
	A challenge based login with AJAX
*/
function login() {
	var unl = document.getElementById('curio_login').value.length;
	var pwl = document.getElementById('curio_pwd').value.length;
	document.getElementById('curio_error').innerHTML = " ";
	if(unl == 0 || pwl == 0) {
		document.getElementById('curio_error').innerHTML = "Nie podano wymaganych informacji";
		return;
	}
	AJAXRequest("POST","/miniblog/login.php","action=get_secret",doLogin,true);
}

function doLogin(responseObject) {
	var login = document.getElementById('curio_login').value;
	var password = hex_md5(document.getElementById('curio_pwd').value);
	var json = responseObject.responseText;
	if(json.length>0) {
		var response = eval('('+json+')');
		if(response.secret) {
			password = hex_sha1(response.secret+password);
			AJAXRequest("POST","/miniblog/login.php","action=doLogin&login="+login+"&pwd="+password+"&target="+curio_target,loginResult,true);
		} else {
			document.getElementById('curio_error').innerHTML = "Niepoprawna nazwa konta lub hasło";
		}
	} else {
		document.getElementById('curio_error').innerHTML = "Serwer nie odpowiada. Jeszcze raz?";
	}
}

function loginResult(responseObject) {
	var json = responseObject.responseText;
	var response = eval('('+json+')');
	if(response.status == "OK") {
		eval(decode64(response.expression));
	} else {
		document.getElementById('curio_error').innerHTML = response.message;
	}
}