Odyssey
hcuProfileSecurity.prg
1 <?php
2  /*
3  * File: hcuProfileSecurity
4  *
5  * Purpose: Handle the client-side updating of the user's challenge questions/answers.
6  *
7  */
8 
9  // ** SET SCRIPT LEVEL VARIABLES
10  $serviceShowInfo = true;
11  $serviceLoadMenu = true;
12  $serviceShowMenu = true;
13 
14  // ** INCLUDE MAIN GLOBAL SCRIPT -- Handles security / global variable values
15  require_once(dirname(__FILE__) . '/../library/hcuService.i');
16 
17  /*
18  * ** CHECK USER FEATURE PERMISSIONS **
19  * NOTE: DOES NOT RETURN ON FAILURE
20  */
21  PermCheckFeatureScreen($dbh, $HB_ENV, $MC, FEATURE_BASIC);
22 
23  // ** INSERT BUSINESS LOGIC FOR THIS FORM
24  $dms_ok = array("security_curpwd"=>"string", "security_token"=>"string");
25 
26  dms_import_v2($HB_ENV, 'HCUPOST', $dms_ok);
27 
28  // ** SET VARIABLES FOR WEBSITE FLAGS
29 
30  // ** INCLUDE PRE CONTENT SCRIPT
31  require_once(dirname(__FILE__) . '/../includes/hcuPreContent.i');
32 
33  /*
34  * ** START CONTENT
35  */
36  $randomNbr = Return_Random4Challenge($HB_ENV);
37 
38  // these are used in several places so get them now
39  $aryMbrChg = Get_MemberChallengeResponses($dbh, $HB_ENV, $HB_ENV['Cn']);
40 
41  // This client-side script file only handles the first step - re-authenticating
42 
43  $errorList = array();
44  $act = "auth"; // default to first screen
45  if ($HB_ENV['HCUPOST']['security_curpwd'] != '') {
46  // ** We are validating against the current password
47 
48  $validPwd['settings_password']['current'] = $HB_ENV['HCUPOST']['security_curpwd'];
49  $aryUpdate = Validate_Settings($dbh, $HB_ENV, $validPwd, $MC);
50 
51  if ($aryUpdate['status']['code'] == '000') {
52  // ** Password passed authentication -- NOW
53  // ** GET the current memberinfo and create the security token
54  $mbrPwd = GetUserInfo($dbh, $HB_ENV, $MC, Array("user_id" => $HB_ENV['Uid'], "cu" => $HB_ENV['Cu']));
55 
56  if ($mbrPwd['status']['code'] != '000') {
57  // ** An error occurred retrieving the saved password hash value
58  $errorList = array( "id" => "", "message" => $mbrPwd['status']['errors'] );
59  } else {
60  // ** Get the database pwd hashed value
61  $mbrPwdHash = $mbrPwd['data']['cuusers_passwd'];
62 
63  // sort the choices in order for consistency
64  $choices = array();
65  foreach ($aryMbrChg as $questId => $questResp) {
66  $choices[] = $questId;
67  }
68  sort( $choices );
69  $choiceString = implode( $choices );
70 
71  // * Create the security token - - HASHED PWD + RANDOM NBR + current challenge choices + SECRET
72  // NOTE: this is checked in hcuProfile.data
73  $securityToken = sha1($mbrPwdHash . $randomNbr . $choiceString . $HB_ENV['secret']);
74 
75  $retAry['data']['security_token'] = $securityToken;
76  $act = "settings";
77 
78  }
79  } else{
80  $errorList = array( "id" => "", "message" => $MC->msg('Invalid Authentication', HCU_DISPLAY_AS_RAW) );
81  }
82 
83  } else {
84  // ** FAILED - send back to password confirmation screen
85  $errorList = array( "id" => "", "message" => $MC->msg('Invalid Authentication', HCU_DISPLAY_AS_RAW) );
86  }
87 
88 
89  /* At this point we have one of the following actions:
90  * auth (default): Show authentication screen so user can enter password
91  * settings: Show settings screen so user can change security settings
92  * validated: security token has been validated so process security settings update
93  *
94  */
95  if ( $act == "auth" ) {
96  // set a password cookie to help with authentication step
97  // * Create random number
98  // * Store in a two part value in a cookie
99  // * Nbr=XX&Exp=Now()+900&Ch=Hashedvalue of {Nbr + Exp + 2FactorCookie}
100  $randomNbr = rand(1000, 9999);
101  $cookieName = "PWDCHG";
102  $cookieExpires = time() + (60 * 15); // * FIFTEEN MINUTE WINDOW TO POST
103  $p3 = MD5($HB_ENV['secret'] . MD5(join (':', array($randomNbr, $cookieExpires))));
104  $cookieValue = "p1={$randomNbr}&p2={$cookieExpires}&p3={$p3}";
105 
106  // ** COOKIE CREATED FOR RANDOM NUMBER
107  HCU_setcookie_env($HB_ENV['SYSENV'], $cookieName, $cookieValue, 0);
108  } else if ( $act == "settings" ) {
109  // get the confidence word
110  $mbrConfidence = $mbrPwd["data"]["cuusers_confidence"];
111 
112  // get current list of phone numbers
113  $aryPhones = array();
114  $sql = "
115  SELECT phones
116  FROM {$HB_ENV['Cu']}usercontact c
117  LEFT JOIN {$HB_ENV['Cu']}user u
118  ON u.contact = c.contact_id
119  WHERE u.user_name = '{$HB_ENV['Cn']}'";
120  $sqlRs = db_query($sql, $dbh);
121  if ($sqlRs) {
122  $aryPhones = db_fetch_assoc($sqlRs, 0);
123  if ($aryPhones['phones'] === null) {
124  $aryPhones = array(
125  "mobile" => array()
126  );
127  } else {
128  $aryPhones = HCU_JsonDecode($aryPhones['phones']);
129  }
130  }
131 
132  // gather the challenge questions and current answers
133  $aryChallengeQuestions = GetChallengeQuestions("DISPLAY", $dbh, $HB_ENV, $MC);
134  $aryCurrentQuestions = GetChallengeQuestions("CURRENT", $dbh, $HB_ENV, $MC, $HB_ENV['Cn']);
135 
136  /*
137  * Challenge questions are stored in the database as &#HEX;
138  * The way we are displaying these, we need to first get them back to their
139  * original entity
140  *
141  */
142  foreach ($aryChallengeQuestions as $chgKey => $chgValue) {
143  $chgValue['display'] = html_entity_decode($chgValue['display'], ENT_QUOTES, 'UTF-8');
144  $aryChallengeQuestions[$chgKey] = $chgValue;
145  }
146  reset($aryChallengeQuestions);
147  if ( count( $aryMbrChg ) ) {
148  $formPopulate = array();
149  foreach ($aryMbrChg as $questId => $questResp) {
150  $formPopulate[] = array( "security_qst" => $questId, "security_rsp" => $questResp );
151  }
152  } else {
153  for ( $i = 0; $i < $HB_ENV['cu_chgqst_count']; $i++ )
154  $formPopulate[] = array( "security_qst" => $aryChallengeQuestions[0]["cqid"], "security_rsp" => "" );
155  }
156 
157  }
158 
159  ?>
160 <script type="text/javascript">
161  CloseWaitWindow();
162  $(document).ready(function() {
163  // ON SUBMIT SHOW WAIT WINDOW
164  $("#formSecurity").on("submit", function(e) {
165  ShowWaitWindow();
166  });
167 
168  <?php if ($act === "settings") { ?>
169  // CHALLENGE QUESTIONS
170  var hcuChallengeQuestions = <?php print HCU_JsonEncode($aryChallengeQuestions); ?>;
171  var hcuCurrentQuestions = <?php print HCU_JsonEncode($aryCurrentQuestions); ?>;
172  var hcuPhonesList = <?php print HCU_JsonEncode($aryPhones); ?>;
173  var hcuPhonesData = [];
174 
175  if (hcuPhonesList.mobile) {
176  for (var i = 0; i < hcuPhonesList.mobile.length; i++) {
177  var phone = hcuPhonesList.mobile[i];
178  var phoneParts = hcuPhonesList.mobile[i].split(/[-\s]/);
179  var phone = "";
180 
181  if (phoneParts.length === 3) {
182  phone += "(" + phoneParts[0].replace(/\D/g, '') + ") ";
183  phone += phoneParts[1] + "-";
184  phone += phoneParts[2];
185  } else {
186  phone += phoneParts[0] + "-";
187  phone += phoneParts[1];
188  }
189 
190  hcuPhonesData.push({
191  id: i+1,
192  value: phone,
193  new: false
194  });
195  }
196  }
197 
198  if (hcuPhonesData.length < 5) {
199  hcuPhonesData.push({
200  value: null,
201  id: -1,
202  new: false
203  });
204  }
205  <?php } ?>
206 
207  // status will be shown in the default info location
208  function ShowStatus( statusMessage ) {
209  $.homecuValidator.settings.formStatusField = "formStatus";
210  $.homecuValidator.settings.formInfoTitle = "";
211  $.homecuValidator.displayMessage(statusMessage);
212  }
213 
214  function ClearStatus( ) {
215  $.homecuValidator.settings.formStatusField = "formStatus";
216  $.homecuValidator.settings.formInfoTitle = "";
217  $.homecuValidator.displayMessage(null);
218  }
219 
220  function validateForm() {
221  // validate other fields first
222  var valid = $.homecuValidator.validate();
223 
224  var grid = $("#phoneGrid").data("kendoGrid");
225  var data = grid.dataSource.data();
226  var regex = new RegExp(/^[2-9]\d{2}-\d{3}-\d{4}$/);
227 
228  for (var i = 0; i < data.length; i++) {
229  var id = data[i].id;
230 
231  if (id === -1) {
232  continue;
233  }
234 
235  var phone = data[i].value;
236  phone = phone.replace(/[_\(\)]/g, '');
237  phone = phone.replace(/\s/g, '-');
238  var phoneValid = regex.test(phone);
239 
240  // if invalid, append this message onto current errors
241  if (phoneValid === false) {
242  valid = false;
243  var message = "<?php echo $MC->msg("Phone Invalid", HCU_DISPLAY_AS_JS); ?>";
244  var errors = $.homecuValidator.homecuKendoValidator.errors();
245  var show = errors.concat(message);
246 
247  $.homecuValidator.displayMessage(show, $.homecuValidator.settings.statusError);
248  }
249  }
250 
251  return valid;
252  }
253 
254  function phoneEdit(container, options) {
255  var maskedTextBox = $("<input name=\"" + options.field + "\">")
256  .appendTo(container)
257  .kendoMaskedTextBox({
258  mask: "(000) 000-0000",
259  change: function() {
260  var value = this.value();
261  var valueStrip = value.replace(/_/g, '');
262  valueStrip = valueStrip.replace(/\s/g, '-');
263  valueStrip = valueStrip.replace(/[\(\)]/g, '');
264 
265  options.model.phone = valueStrip;
266  }
267  })
268  .data("kendoMaskedTextBox");
269  }
270 
271  var challengeChoices = kendo.observable({
272  <?php
273  if ( $act == "settings" ) {
274  for ( $i = 0; $i < $HB_ENV['cu_chgqst_count']; $i++ ) {
275  print "questionList{$i}: hcuChallengeQuestions,\n";
276  $qstId = intval($formPopulate[$i]["security_qst"]);
277  print "selectedQuestion{$i}: {$qstId},\n";
278  print "response{$i}: \"{$formPopulate[$i]["security_rsp"]}\",\n";
279  }
280  print "confidence: \"{$mbrConfidence}\",\n";
281  print "token: \"{$securityToken}\",\n";
282  }
283  ?>
284  <?php if ($act === "settings") { ?>
285  gridSource: new kendo.data.DataSource({
286  data: hcuPhonesData,
287  schema: {
288  model: {
289  id: "id",
290  fields: {
291  id: { type: "number" },
292  value: { type: "string" },
293  new: { type: "boolean", default: true }
294  }
295  }
296  },
297  sort: [
298  { field: "new", dir: "asc" },
299  { field: "id", dir: "desc" }
300  ]
301  }),
302  gridbind: function() {
303  var grid = $("#phoneGrid").data("kendoGrid");
304  var data = grid.dataSource.data();
305 
306  if (data.length >= 6) {
307  $(".addRow").hide();
308  } else {
309  $(".addRow").show();
310  }
311  },
312  <?php } ?>
313  });
314 
315  // ** set currently selected answers if any exist
316  <?php if ($act == "settings") { ?>
317  if (hcuCurrentQuestions.hasOwnProperty("answers")) {
318  var i = 0;
319  for (key in hcuCurrentQuestions.answers) {
320  challengeChoices["selectedQuestion" + i] = key;
321  challengeChoices["response" + i] = hcuCurrentQuestions.answers[key];
322  i++;
323  }
324  }
325  <?php } ?>
326 
327  kendo.bind($("#profile"), challengeChoices);
328 
329  <?php if ($act === "settings") { ?>
330  var grid = $("#phoneGrid").data("kendoGrid");
331  $.each(grid.columns, function(idx, column) {
332  if (column.field === "value")
333  column.editor = phoneEdit;
334  });
335 
336  $("#phoneGrid").on("click", ".removeBtn", function() {
337  var row = $(this).closest("tr");
338  var grid = $("#phoneGrid").data("kendoGrid");
339  var data = grid.dataSource.data();
340 
341  grid.removeRow(row);
342  return false;
343  });
344 
345  $("#phoneGrid").on("click", ".addRow", function() {
346  var row = $(this).closest("tr");
347  var grid = $("#phoneGrid").data("kendoGrid");
348  var data = grid.dataSource.data();
349 
350  grid.addRow();
351  return false;
352  });
353  <?php } ?>
354 
355  $("#btnNext").click( function() {
356  if ($.homecuValidator.validate()) {
357  // submit form
358  $("#formSecurity").submit();
359  }
360  });
361 
362  $("#btnUpdate").click( function() {
363 
364  if ( validateForm() ) {
365  var request = {
366  action: "challenge_save",
367  security_token: challengeChoices.token,
368  security_confidence: challengeChoices.confidence,
369  security_phones: {
370  mobile: hcuPhonesList.mobile,
371  home: hcuPhonesList.home,
372  work: hcuPhonesList.work
373  }
374  };
375 
376  request.security_phones.mobile = [];
377 
378  var grid = $("#phoneGrid").data("kendoGrid");
379  var data = grid.dataSource.data();
380  for (var i = 0; i < data.length; i++) {
381  if (data[i].id === -1) {
382  continue;
383  }
384  var value = data[i].value;
385  value = value.replace(/[\)\(]/g, '');
386  value = value.replace(/\s/g, '-');
387  request.security_phones.mobile.push(value);
388  }
389 
390  request["security_phones"] = JSON.stringify(request["security_phones"]);
391 
392  // add the rest of the info to the request
393  for ( var i = 0; i < <?php echo $HB_ENV['cu_chgqst_count']; ?>; i++ ) {
394  request["security_qst" + i] = eval( "challengeChoices.selectedQuestion" + i );
395  request["security_rsp" + i] = eval( "challengeChoices.response" + i );
396  }
397 
398  // use AJAX to update because it is difficult to use the datasource for a simple POST command
399  $.ajax({
400  url: "hcuProfile.data?cu=<?php echo $HB_ENV["cu"] ?>",
401  type: "post",
402  data: request,
403  beforeSend: function( xhr ) {
404  ShowWaitWindow();
405  }
406  }).done(function( data, textStatus, jqXHR ) {
407  if ( data && data.homecuErrors ) {
408  // show the error information
409  $.homecuValidator.displayMessage(data.homecuErrors, $.homecuValidator.settings.statusError);
410  } else {
411 
412  if ( data && data.homecuInfo && (data.homecuInfo.message.length > 0) ) {
413  ShowStatus( data.homecuInfo.message );
414 
415  $("#phoneGrid").find(".k-dirty").remove();
416  }
417 
418  // remove dirty flags from phone grid
419  $("#phoneGrid").find(".k-dirty").remove();
420 
421  // present the device key to the apps
422  if ( data.homecuData &&
423  data.homecuData.homecuKey &&
424  (data.homecuData.homecuKey.length > 0) ) {
425  var appInfo = JSON.stringify( { deviceKey: data.homecuData.homecuKey } );
426 
427  <?php if ( $HB_ENV["platform"] == "ADA" ) : ?>
428  AndroidController.notifyCommand("NEW_DEVICE_KEY", appInfo);
429  <?php elseif ( $HB_ENV["platform"] == "APP" ) : ?>
430  var postObject = {
431  body: {
432  cmd: "NEW_DEVICE_KEY",
433  params: appInfo
434  }
435  };
436  window.webkit.messageHandlers.interOp.postMessage(postObject);
437  <?php endif ?>
438  }
439 
440  <?php
441  // let apps know we did an update to profile info
442  if ( $HB_ENV["platform"] == "APP" || $HB_ENV["platform"] == "ADA" ) {
443  $paramsForApps = array( "script" => "ProfileSecurity" );
444  $paramsJSON = HCU_JsonEncode($paramsForApps);
445  ?>
446  var appInfo = '<?php echo $paramsJSON; ?>';
447 
448  <?php if ( $HB_ENV["platform"] == "ADA" ) : ?>
449  AndroidController.notifyCommand("PROFILE_UPDATE", appInfo);
450  <?php elseif ( $HB_ENV["platform"] == "APP" ) : ?>
451  var postObject = {
452  body: {
453  cmd: "PROFILE_UPDATE",
454  params: appInfo
455  }
456  };
457  window.webkit.messageHandlers.interOp.postMessage(postObject);
458  <?php endif ?>
459  <?php
460  }
461  ?>
462  }
463  }).fail(function(jqXHR, textStatus, errorThrown) {
464  // show the error information
465  $.homecuValidator.displayMessage(textStatus, $.homecuValidator.settings.statusError);
466  }).always(function(jqXHR, textStatus, errorThrown) {
467  // stop the progress bar
468  CloseWaitWindow();
469  });
470  }
471  });
472 
473  // set up some validation, using the default error location
474  $.homecuValidator.setup({
475  formValidate: "formSecurity",
476  formErrorTitle: "<?php echo $MC->msg("Error Occurred", HCU_DISPLAY_AS_JS) ?>"
477  });
478 
479  homecuTooltip.bind({
480  reenterTip: "<?php echo $MC->msg("Tip Re-enter Password", HCU_DISPLAY_AS_JS); ?>",
481  confidenceTip: "<?php echo $MC->msg("Set Config Conf Msg", HCU_DISPLAY_AS_JS); ?>",
482  phoneTip: "<?php echo $MC->msg("TXT Secure Access Codes", HCU_DISPLAY_AS_JS); ?>"
483  });
484 
485  <?php
486  // show any errors
487  if ( isset( $_REQUEST["security_curpwd"] ) && count( $errorList ) ) {
488  ?>
489  var error = <?php echo HCU_JsonEncode($errorList); ?>;
490  $.homecuValidator.displayMessage(error, $.homecuValidator.settings.statusError);
491  <?php
492  }
493  ?>
494 });
495 
496 </script>
497 
498 <!-- HTML STYLING -->
499 <style type="text/css">
500 .hcuProfileSettingsDiv {
501  min-width: 300px;
502  max-width: 700px;
503  margin-left: 0px;
504  margin-top: 15px;
505 }
506 
507 .k-block > .k-header {
508  white-space: normal;
509  height: 100%;
510 }
511 
512 .hcu-info-margin, .hcu-error-margin {
513  margin: 15px 0;
514 }
515 
516 .hcu-info-padding, .hcu-error-padding {
517  padding: 15px;
518 }
519 
520 .hcu-full-width {
521  width: 100%;
522 }
523 
524 /* top-bottom margin */
525 .hcu-container-margin {
526  margin: 15px 0;
527 }
528 
529 .hcu-no-padding {
530  padding: 0;
531 }
532 
533 #phoneGrid .k-grid-header {
534  display: none;
535 }
536 
537 #phoneGrid .removeBtn {
538  color: #A00;
539 }
540 
541 #phoneGrid .addBtn {
542  color: #507f50;
543 }
544 
545 /**
546  MAKE DROPDOWNS CONFORM TO SMALLER SIZES WITHOUT OVERFLOW
547 **/
548 .k-dropdown .k-input,.k-selectbox .k-input {
549  white-space: normal;
550 }
551 
552 </style>
553 <!-- HTML CONTENT -->
554 <div class="container-fluid hcuProfileSettingsDiv" id="profile">
555  <div class="well well-sm">
556 
557  <!-- HEADER -->
558  <div>
559  <h3><?php echo $MC->msg('Security', HCU_DISPLAY_AS_HTML); ?></h3>
560  </div>
561 
562  <!-- FORM CONTENT -->
563  <form method="post" id='formSecurity' name='formSecurity'
564  action="<?php echo $HB_ENV["loginpath"]."/{$HB_ENV['currentscript']}?".$HB_ENV["cuquery"] ?>">
565 
566  <?php if ($act == "settings") { ?>
567  <fieldset>
568  <div class="col-xs-12 col-md-6 hcu-container-margin">
569  <label for="security_confidence">
570  <span><?php echo $MC->msg('Set Config Conf Label', HCU_DISPLAY_AS_HTML); ?>:</span>
571  <span class="fa fa-question-circle-o" id="confidenceTip"></span>
572  </label>
573 
574  <input type="text" name="security_confidence"
575  id="security_confidence"
576  class="k-textbox hcu-full-width"
577  placeholder="<?php echo $MC->msg('Set Config Conf Label', HCU_DISPLAY_AS_HTML); ?>"
578  maxlength=20
579  data-bind="value: confidence"
580  data-required-msg="<?php echo $MC->msg('Set Config Enter Word', HCU_DISPLAY_AS_HTML); ?>"
581  required >
582 
583  </div>
584  </fieldset>
585 
586  <!-- if use mfa confidence word flag is set, do not show mfa questions -->
587  <?php if (intval($HB_ENV['flagset3'] & $GLOBALS['CU3_MFA_AUTHCODE']) === 0) { ?>
588  <fieldset>
589  <?php for($i = 0; $i < $HB_ENV['cu_chgqst_count']; $i++) {?>
590  <div class="col-xs-12 col-md-6 hcu-container-margin">
591 
592  <label for="challenge<?php echo $i; ?>">
593  <span><?php echo $MC->msg('Set Config Question', HCU_DISPLAY_AS_HTML) . " " . ($i+1); ?>:</span>
594  </label>
595 
596  <select name="challengeQuestion<?php echo $i ?>"
597  id="challengeQuestion<?php echo $i ?>"
598  class="unique_select hcu-full-width"
599  data-role="dropdownlist"
600  data-text-field="display"
601  data-value-field="cqid"
602  data-bind="source: questionList<?php echo $i; ?>, value: selectedQuestion<?php echo $i; ?>"
603  data-homecuCustomDistinct-msg="<?php echo $MC->msg('Challenge questions once', HCU_DISPLAY_AS_HTML); ?>"
604  homecu-distinct="unique_select"></select>
605 
606  <span class="k-invalid-msg" data-for="challengeQuestion<?php echo $i ?>"></span>
607 
608  <br><br>
609 
610  <input type="text" name="challenge<?php echo $i; ?>"
611  id="challenge<?php echo $i; ?>"
612  class="k-textbox hcu-full-width"
613  placeholder="<?php echo $MC->msg('Set Config Response', HCU_DISPLAY_AS_HTML); ?>"
614  data-bind="value: response<?php echo $i; ?>"
615  data-required-msg="<?php echo $MC->msg('Challenge answer blank', HCU_DISPLAY_AS_HTML); ?>"
616  required >
617  </div>
618  <?php } ?>
619  </fieldset>
620  <?php } ?>
621  <fieldset>
622  <div class="col-xs-12 col-md-6 hcu-container-margin">
623  <label for="security_phone">
624  <span><?php echo $MC->msg('TXT Enabled', HCU_DISPLAY_AS_HTML); ?>:</span>
625  <?php if (intval($HB_ENV['flagset3'] & GetFlagsetValue('CU3_MFA_AUTHCODE'))) { ?>
626  <span class="fa fa-question-circle-o" id="phoneTip"></span>
627  <?php } ?>
628  </label>
629 
630  <div id="phoneGrid"
631  data-role="grid"
632  data-row-template="gridRow"
633  data-editable="{
634  confirmation: false
635  }"
636  data-columns="[
637  { width: 30 },
638  { title: 'Mobile', field: 'value' }
639  ]"
640  data-bind="
641  source: gridSource,
642  events: { dataBound: gridbind }"
643  ></div>
644  </div>
645  </fieldset>
646 
647  <?php } else { ?>
648 
649  <!-- INITIAL -->
650  <fieldset>
651  <div class="col-xs-12 col-md-6 hcu-container-margin">
652  <label for="security_curpwd">
653  <span><?php echo $MC->msg('Re-enter Password', HCU_DISPLAY_AS_HTML); ?>:</span>
654  <span class="fa fa-question-circle-o" id="reenterTip"></span>
655  </label>
656 
657  <i><?php echo $MC->msg("Verify Login", HCU_DISPLAY_AS_HTML); ?></i>
658 
659  <input type="password" name="security_curpwd"
660  id="security_curpwd"
661  class="k-textbox hcu-full-width"
662  placeholder="<?php echo $MC->msg('Re-enter Password', HCU_DISPLAY_AS_HTML); ?>"
663  data-required-msg="<?php echo $MC->msg('Invalid login or password', HCU_DISPLAY_AS_HTML) ?>"
664  required >
665 
666  </div>
667  </fieldset>
668  <?php } ?>
669  </form>
670  </div>
671 
672  <div class="hcu-template">
673  <div class="hcu-edit-buttons k-state-default">
674  <?php if ($act == "settings") { ?>
675  <a href="##" id="btnUpdate" class="k-button k-primary">
676  <i class="fa fa-check fa-lg"></i><?php echo $MC->msg("Update", HCU_DISPLAY_AS_HTML); ?>
677  </a>
678  <?php } else { ?>
679  <a href="##" id="btnNext" class="k-button k-primary">
680  <i class="fa fa-arrow-right fa-lg"></i><?php echo $MC->msg("Next", HCU_DISPLAY_AS_HTML); ?>
681  </a>
682  <?php } ?>
683  </div>
684  </div>
685 </div>
686 
687 <script type="text/x-kendo-template" id="gridRow">
688  # if (id === -1) { #
689  <tr data-uid="#: uid #" class="addRow">
690  <td class="addBtn"><span class="fa fa-plus-circle"></span></td>
691  <td>Add Phone</td>
692  </tr>
693  # } else { #
694  <tr data-uid="#: uid #">
695  <td class="removeBtn"><span class="fa fa-minus-circle"></span></td>
696  <td>#: value #</td>
697  </tr>
698  # } #
699 </script>
700 
701 <?php
702  /*
703  * ** END CONTENT
704  */
705 
706  // ** INCLUDE POST CONTENT SCRIPT
707  require_once(dirname(__FILE__) . '/../includes/hcuPostContent.i');
708 
709 ?>
Generated by   doxygen 1.8.15