<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Higher Logic || MagnetMail</title> <link rel="icon" type="image/png" href="/art/favicon.png" /> <link rel="stylesheet" type="text/css" href="/css/futurama.css?v=2" /> <link rel="stylesheet" type="text/css" href="/css/futurama-layout.css?v=2" /> <link rel="stylesheet" type="text/css" href="/css/login/login.css?v=2" /> <!--Below include is ie6 conditional and is applied only to banner logo. Script allows for transparent png images in ie6.--> <!--[if lte IE 6]> <script type="text/javascript" src="/js/supersleight/supersleight.js"></script> </style> <![endif]--> <!--Below include is ie6 conditional and is applied only to banner logo. Script allows for transparent png images in ie6.--> <!--[if lte IE 6]> <script type="text/javascript" src="/js/supersleight/supersleight.js"></script> </style> <![endif]--> </head> <body> <div class="login-page-container"> <div class="login-container"> <div class="login-form-container"> <div class="rm-logo"> <img class="login-logo" src="/art/hl-logo.png"> </div> <div class="browser-outdated ft-hide"> <p> <span class="warning-icon right-margin" title="Outdated Browser">!</span> It looks like you have an outdated version of your browser. For the best experience, please upgrade to the latest version. </p> </div> <div class="login-help-text"> </div> <form class="login-form styled-form" method="post" action="/checkSession.cfm"> <div class="vertical-group"> <label for="login_name">Username</label> <input type="text" name="login_name" id="loginNameField"> </div> <div class="vertical-group"> <label for="login_pass">Password</label> <input type="password" name="login_pass"> <input type="hidden" name="login_action" value="1"> </div> <div class="forgot-password"> <a href="forgotpwd.cfm">Forgot password?</a> </div> <div class="horizontal-group top-margin ft-clearfix"> <button type="submit" class="btn login-btn ft-fr">Login</button> </div> <input type="hidden" name="redirectTo" value=""> <input type="hidden" name="authToken" value=""> </form> </div> <div class="contact-us"> <a href="https://www.higherlogic.com/contact-us/">Contact Us</a> | <a href="https://www.higherlogic.com/privacy">Privacy Policy</a> </div> </div> </div> <!-- Google Analytics --> <script> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','//www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-1776690-3', { 'cookieDomain': 'magnetmail.net', 'userId': '' }); ga('set', 'dimension1', ''); ga('send', 'pageview'); </script> <!-- End Google Analytics --> <script type="text/javascript"> <!-- if(top.location.href.indexOf('www.magnetmail.net') > -1) { if (top.location != self.location) { top.location = self.location.href; } } //--> var Templates = {}; </script> <script src="/js/templates/soyutils.js"></script> <!-- login target --> <!-- login start --><script src="/js/dist/manifest.eea740c15dc29edcde0c.bundle.js"></script><script src="/js/dist/vendor.5f023258c321758cd426.bundle.js"></script><script src="/js/dist/login.93822efca19e1bb8cb18.bundle.js"></script><!-- login end --> <!-- CSRF token injection code starts here --> <script type="text/javascript"> try { globalJSCSRFTokenFieldName = 'csrf_token'; globalJSCSRFToken = 'E26F7E05472019F7F911FF82768E45A281B10E01'; globalJSCSRFTokenHeader = 'X-CSRF-Token'; //The following code somehow doesn't work in Chrome. The memory usage in Chrome becomes very high to a point that it becomes unresponsive. if (window.jQuery || window.Ext) { if (window.jQuery) { jQuery(document).ready(function() { InjectCSRFTokenForJQueryAjaxCalls(); // saveAllGridConfigs(); }); } if (window.Ext) { InjectCSRFTokenForExtAjaxCalls(); } } function InjectCSRFTokenForForms () { var jsFormsObj = document.forms; // For in-page forms, that are submitted directly on the main page if (jsFormsObj.length > 0) { var jsTokenInput = document.createElement('input'); jsTokenInput.type = 'hidden'; jsTokenInput.name = "csrf_token"; jsTokenInput.value = "E26F7E05472019F7F911FF82768E45A281B10E01"; var i; for (i = 0; i < jsFormsObj.length; i++) { /* As per https://developer.mozilla.org/en-US/docs/Web/API/Node/appendChild: ========================================================================= If the given child is a reference to an existing node in the document, appendChild() moves it from its current position to the new position. This means that a node can't be in two points of the document simultaneously. So if the node already has a parent, the node is first removed, then appended at the new position. The Node.cloneNode() method can be used to make a copy of the node before appending it under the new parent. For the above reason, for subsequent forms, after the first one, we need to first clone the input nodes and then append it to the forms else we end up with the input nodes getting appended ONLY to the last form. */ // Inject the CSRF token element only if it doesn't already exist if (typeof jsFormsObj[i].csrf_token == 'undefined' ) { if (i == 0) { jsFormsObj[i].appendChild(jsTokenInput); } else { var jsTokenInputClone = jsTokenInput.cloneNode(false); jsFormsObj[i].appendChild(jsTokenInputClone); } } else { // do nothing here } } } } function InjectCSRFTokenForJQueryAjaxCalls () { // For ajax post requests, we append the token to the existing data before the post actually happens by calling the function "jQuery.ajaxPrefilter" jQuery.ajaxPrefilter( function( options, originalOptions){ if ((typeof options.type != 'undefined' && options.type != '') || (typeof originalOptions.type != 'undefined' && originalOptions.type != '')) { if ((/post/i.test(options.type) || /post/i.test(originalOptions.type)) && (typeof options.url == 'string') && (options.url.toLowerCase().indexOf(".cfm") > -1 || options.url.toLowerCase().indexOf(".cfc") > -1)) { var optionsHeaderObj = {}; optionsHeaderObj[globalJSCSRFTokenHeader] = globalJSCSRFToken; options.headers = optionsHeaderObj; /* // If data type is string and not empty for the ajax call, we append the csrf token field name to the existing data else we add as new data if (typeof options.data == 'string') { if (options.data != '') { var regExp = /(csrf_token=)+/gi; // Reg exp to check if the data to be posted already has the csrf token field name, if yes, then we don't append or else we append the csrf token field to the existing data var regExpMatch = options.data.match(regExp); if (regExpMatch == null) { options.data += '&csrf_token=E26F7E05472019F7F911FF82768E45A281B10E01'; } } else { // If data is string and empty for the ajax call, we assign the csrf token field as new data options.data = 'csrf_token=E26F7E05472019F7F911FF82768E45A281B10E01'; } } else if (typeof options.data == 'undefined') { // If data is undefined for the ajax call, we assign the csrf token field as new data options.data = 'csrf_token=E26F7E05472019F7F911FF82768E45A281B10E01'; } else { // If data type is anything other than string (may be object), we append the csrf token field to the existing data using the FormData object as other options of appending doesn't work if options.data is of type "object" (may contain binary data) var csrfTokenFormTempObj = new FormData(); csrfTokenFormTempObj = options.data; csrfTokenFormTempObj.append("csrf_token", "E26F7E05472019F7F911FF82768E45A281B10E01"); options.data = csrfTokenFormTempObj; } */ } } } ); } // For ajax post requests that return back a html document that has a form in it, call the function "InjectCSRFTokenForForms" again to inject the csrf token hidden input to the form. This is required as the csrf token won't get injected for such forms loaded via ajax calls. if (window.jQuery) { jQuery(document).ajaxSuccess( function (event, xhr, settings) { // We only append the csrf token field for CF scripts and requests that return an html data type that has at least one form embedded if (typeof settings.url == 'string' && (settings.url.toLowerCase().indexOf(".cfm") > -1 || settings.url.toLowerCase().indexOf(".cfc") > -1) && typeof settings.dataType == 'string' && settings.dataType.toLowerCase() == "html" && typeof xhr.responseText == 'string' && xhr.responseText != '') { var regExp = /(<form )+/gim; // Reg exp to check if the response has any <form> tag var regExpMatch = xhr.responseText.match(regExp); if (regExpMatch != null) { InjectCSRFTokenForForms(); } } } ); } function InjectCSRFTokenForExtAjaxCalls () { Ext.Ajax.on('beforerequest', function(con, options) { var httpMethod = options.method || options.type; if (httpMethod && (/post/i.test(httpMethod))) { if ((typeof options.url == 'string') && (options.url.toLowerCase().indexOf(".cfm") > -1 || options.url.toLowerCase().indexOf(".cfc") > -1)) { Ext.Ajax.extraParams = {'csrf_token' : 'E26F7E05472019F7F911FF82768E45A281B10E01'}; } } }); } } catch (error) { console.log("JS error with CSRF code: " + error); } </script> <!-- CSRF token injection code ends here --> <script type="text/javascript">InjectCSRFTokenForForms();</script> </body> </html>