// holds an instance of XMLHttpRequest
var xmlHttp = createXmlHttpRequestObject();
// holds the remote server address and parameters
var serverAddress = "login2.php";
var serverAddress2 = "logout.php";

var L_username = "";
var L_password = "";

var username = '';

// creates an XMLHttpRequest instance
function createXmlHttpRequestObject() {
	// will store the reference to the XMLHttpRequest object
	var xmlHttp;
	// this should work for all browsers except IE6 and older
	try {
		// try to create XMLHttpRequest object
		xmlHttp = new XMLHttpRequest();
	} catch(e) {
		// assume IE6 or older
		var XmlHttpVersions = new Array("MSXML2.XMLHTTP.6.0",
																		"MSXML2.XMLHTTP.5.0",
																		"MSXML2.XMLHTTP.4.0",
																		"MSXML2.XMLHTTP.3.0",
																		"MSXML2.XMLHTTP",
																		"Microsoft.XMLHTTP");
		// try every prog id until one works
		for (var i=0; i<XmlHttpVersions.length && !xmlHttp; i++) {
			try {
				// try to create XMLHttpRequest object
				xmlHttp = new ActiveXObject(XmlHttpVersions[i]);
			} catch (e) { }
		}
	}
	
	// return the created object or display an error message
	if (!xmlHttp)
		displayError("Error creating the XMLHttpRequest object.");
	else 
		return xmlHttp;
}

// call server asynchronously
function login( redirect ) {
	//log('login()');
	
	// get username and password
	L_username = document.forms['loginform'].username.value;
	L_password = document.forms['loginform'].passwort.value;
	
	if ((L_username == '') || (L_password == '')) {
		loginNotClicked()
		return;
	}
	
	// only continue if xmlHttp isn't void
	if (xmlHttp) {
		// try to connect to the server
		try {
			// make asynchronous HTTP request to retrieve new message
			xmlHttp.open("GET", serverAddress + "?username=" + L_username + "&password=" + L_password + "&redirect=" + redirect, true);
			xmlHttp.onreadystatechange = handleCheckLogin;
			xmlHttp.send(null);
		} catch(e) {
			log('error: ' + e.toString());
		}
	}
}

// function called when the state of the HTTP request changes
function handleCheckLogin() {
	//log('handleCheckLogin()');
	
	// when readyState is 4, we are ready to read the server response
	if (xmlHttp.readyState == 4) {
		// continue only if HTTP status is "OK"
		if (xmlHttp.status == 200) {
			try {
				// do something with the response from the server
				checkLogin();
			} catch(e) {
				// display error message
				displayError(e.toString());
			}
		}
		else {
			// display error message
			displayError(xmlHttp.statusText);   
		}
	}
}

// handles the response received from the server
function checkLogin() {
	//log('checkLogin()');
	
	// retrieve the server's response 
	var response = xmlHttp.responseText;
	  
	//log('checkLogin - response: ' + response);  
	response = response.split(';');
	
	//log('checkLogin - response: ' + response);  
	// login ok
	if (response[0] > 0) {
		setUserID(response[0]);
		setAdmin(response[1]);
		loggedIn();
		begintimer();
	} else {
		window.location='login.php';
	}
}


function loginNotClicked( redirect ) {
	var htmlContent =
		'<table><tr>'+
			'<td><a href="javascript:loginClicked(\''+redirect+'\');">Anmelden</a></td>'+
			'<td><a href="javascript:loginClicked(\''+redirect+'\');"><img src="../img/pages/topbar/loginout.png" /></a></td>' +
		'</tr></table>';
		
	$('innerbar').innerHTML = htmlContent;
	$('control_topmenu').innerHTML = unregisteredTopMenu();
}

function unregisteredTopMenu() {

	return globalTopMenu +
			'<div class="right">'+
			'<img src="../img/pages/topmenu/arrow.png" />'+
			'<a class="last orange" href="./register.php">Neu registrieren</a>'+
			'</div>';
}

function loggedInTopMenu() {

	return globalTopMenu +
			'<div class="right">'+
			'<a href="list_single_user.php?user_id='+ globalStatus.user_id +'" class="orange">'+
				'<img src="../img/pages/topmenu/arrow.png" />&nbsp;'+
				'Meine Unorte'+
			'</a>'+
			'<a class="last" href="editprofile.php">Profil bearbeiten</a>'+
			'</div>';
}

function loginClicked( redirect ) {
	var html =
		'<form name="loginform" action="javascript:doLogin(\''+redirect+'\');" method="post">' +
			'<table><tr>' +
				'<td><img src="../img/pages/topbar/dot_line.png" /></td>' +
				'<td><a href="passwordrecovery.php" class="underlined">Passwort vergessen?</a></td>' +
				'<td><img src="../img/pages/topbar/dot_line.png" /></td>' +
				'<td>Name</td>' +
				'<td><input style="width:90px;float:left;margin-top:0px;" type="text" name="username" id="username" tabindex="1" /></td>' +
				'<td>Passwort</td>' +
				'<td><input style="width:90px;float:left;margin-top:0px;" type="password" name="passwort" tabindex="2" /></td>' +
				//'<td><a href="javascript:doLogin(\''+redirect+'\');"><img src="../img/pages/topbar/loginout.png" /></a></td>' +
				'<td><input type="image" id="submit" src="../img/pages/topbar/loginout.png" alt="anmelden" tabindex="3" /></td>' +
			'</tr></table>' +
		'</form>';
		
	$('innerbar').innerHTML = html;
	$('username').focus();
}

function doLogin( redirect ) {
	L_username = document.forms['loginform'].username.value;
	L_password = document.forms['loginform'].passwort.value;
	query = "login2.php?username=" + L_username + "&password=" + L_password + "&redirect=" + redirect;
	window.location = query;
}

function loggedIn( redirect ) {
	var html = 
		'<table><tr>';
	
	if (username != '')
		html += 
			'<td>Angemeldet als: <a href="./editprofile.php">' + username + '</a></td>';
		
	html +=
			'<td><a href="logout.php?redirect='+redirect+'">Abmelden</a></td>'+
			'<td><a href="logout.php?redirect='+redirect+'"><img src="../img/pages/topbar/loginout.png" /></a></td>'+
		'</tr></table>';
		
	$('innerbar').innerHTML = html;
	$('control_topmenu').innerHTML = loggedInTopMenu();
}

function logout() {
	setUserID(-1);
		
	// only continue if xmlHttp isn't void
	if (xmlHttp) {
		// try to connect to the server
		try {
			// make asynchronous HTTP request to retrieve new message
			xmlHttp.open("GET", serverAddress2, true);
			xmlHttp.onreadystatechange = handleLogout;
			xmlHttp.send(null);
		} catch(e) {
			log('error: ' + e.toString());
		}
	}
}

// function called when the state of the HTTP request changes
function handleLogout() {
	//log('handleCheckLogout()');
	
	// when readyState is 4, we are ready to read the server response
	if (xmlHttp.readyState == 4) {
		// continue only if HTTP status is "OK"
		if (xmlHttp.status == 200) {
			try {
				// remove userid value otherwise the creation of an unort is still possible
				//mf setUserID(-1);
				loginNotClicked();
			} catch(e) {
				// display error message
				displayError(e.toString());
			}
		} else {
			// display error message
			displayError(xmlHttp.statusText);   
		}
	}
}