useCaptcha =true;
function UserManager(ajaxPage) {

	var validated= false;
	var readyToSubmit = false;


	
	//generate a string of the same length as the password to avoid
	//momentary blaniking of the field on submit.
	function generateFiller(password) {
		var filler ='';
		for (var i=0; i< password.length; i++) {
			filler += "X";
		}
		return filler;
	}
	
	this.renderLogInForm = function(formID, className, action, container) {
		var form = jQuery("<form></form>");
		form.attr('id', formID);
		form.attr('class', className);
		//form.attr('action', action);
		form.attr('method', 'post');
	
	
		var table= jQuery("<table></table>");
		table.append("<tr><td>Username:</td><td><input type=\"text\" id=\"" + formID + "_userName\" name=\"userName\"></td></tr>");
		table.append("<tr><td>Password:</td><td><input type=\"password\" id=\"" + formID + "_userPassword\" name=\"userPassword\"></td></tr>");
		table.append("<tr><td colspan=\"2\"><input type=\"submit\" value=\"Log In\" /></td></tr>");
			jQuery(document).ready(function () {jQuery("#" + formID + "_userName" ).focus() });		
		form.append(table);
		jQuery(container).append(form);
		this.setupLoginForm(formID);
	}
	
	this.setupLogInForm = function(formID) {

		jQuery("#" + formID ).append("<input type=\"hidden\" name=\"LoginAction\" value=\"login\" />");
		jQuery("#" + formID ).submit(function(event) {
		
			if (readyToSubmit) {
				readyToSubmit = false;
				return true;
			} else {
				event.preventDefault();
			}
		
			var userName = jQuery("#" + formID + "_userName").val();
			var password = jQuery("#"  +formID +"_userPassword").val();
			var challenge = "";
			var next ="";
	
			//get the challenge for the userName
			jQuery.ajax({
				type: 'POST',
				url: ajaxPage,
				data: "action=getChallenges&userName=" + encodeURIComponent(userName),
				error: function(xReq,textStatus, errorThrown) {
					showAlert(errorThrown, function() {}, "Error");
					return false;
				},
				success: function(data,textStatus) {
					if (location.href.indexOf('#') != -1) {
						var urlHash = location.hash.substr(1);//location.href.substring(location.href.indexOf('#') +1);
					} else {
						var urlHash ="";
					}
					
					challenge = jQuery(data).find("results").find("challenge").text();
					challengeNext = jQuery(data).find("results").find("nextChallenge").text();
					
					//compute the hashed responses
					var passwordHash = hex_hmac_sha1(password, challenge);
					//var nextHash = hex_sha1(hex_hmac_sha1(password, challengeNext));
					var nextHash = Crypto.PBKDF2(hex_hmac_sha1(password, challengeNext), challengeNext, 20, { iterations: 1000 });
					
					jQuery("#" + formID ).append("<input type=\"hidden\" name=\"passwordHash\"  id=\""+ formID +"_passwordHash\" value=\""+ passwordHash + "\"/>");
					jQuery("#" + formID ).append("<input type=\"hidden\" name=\"next\" id=\""+ formID +"_next\" value=\""+ nextHash + "\"/>");
					if (urlHash != undefined) {
						jQuery("#" + formID ).append(
							$('<input name="urlHash" "type="hidden">')
								
								.attr('id', formID +"_urlHash")
								.val(urlHash)
								.css('display', 'none'));
					}
					
					jQuery("#"  +formID +"_userPassword").val(generateFiller(password));
					
					readyToSubmit = true;
					jQuery("#" + formID).submit();
				},
				dataType: 'xml'
			});			
		});
	}
	
	this.submitSignUpForm = function(formID, canSubmit, displayError) {
		var self = this;
		
		var userName = jQuery("#" + formID + "_userName").val();
		var password = jQuery("#"  +formID +"_userPassword").val();
		var confirmPassword =  jQuery("#"  +formID +"_confirmPassword").val();
		var errorMessage ='';
		
		/*
		if (!password) {
		
			errorMessage = "Please enter a password.";
			
		} else if (!userName) {
			errorMessage = "Please enter your email address.";
			
		}else if (password !=  confirmPassword ) {
			errorMessage = "The passwords you entered do not match.";
			
		}else {
			//errorMessage = testPasswordStrength(password)) {	
		}
		if (errorMessage) {
			if (errorContainer != undefined) {
				errorContainer.text(errorMessage);
			} else {
				showAlert(errorMessage);
			}
			return false;
		}
		*/
		
		
		if (!validated) {
			$.ajax({
				url: ajaxPage,
				
				data: {
					action: 'validateFormInput',
					username:  jQuery("#" + formID + "_userName").val(),
					challenge: jQuery("#recaptcha_challenge_field").val(),
					response: jQuery("#recaptcha_response_field").val()
				},
				success: function() {
					
					if (canSubmit) {
						validated = true;
						jQuery("#" + formID ).submit();
						return true;
					}
				},
				error: function(jqXHR, textStatus, errorThrown) {
					
					if (displayError != undefined) {
						displayError(errorThrown)
						
						
					} else {
						showAlert(errorThrown, function() {}, "Error");
					}
					return false;
				}
			});
			return true;
		}
		
		if (readyToSubmit)  {
			validated = false;
			readyToSubmit = false;
			//this will submit the form
			return true;
			$(this).dialog('close');
		}
		
		
		
		//get the challenge for the user
		jQuery.ajax({
			type: 'POST',
			url: ajaxPage,
			data: "action=getNewUserChallenge",
			error: function(xReq, textStatus, errorThrown) {
				if (errorContainer != undefined) {
					errorContainer.text(errorThrown);
				} else {
					showAlert(errorThrown, function() {}, "Error");
				}
				return false;
			},
			success: function(data,textStatus) {
				
				challenge = jQuery(data).find("results").find("challenge").text();
				
				//compute the hashed responses
				//var passwordHash = hex_sha1(hex_hmac_sha1(password, challenge));
				var passwordHash = Crypto.PBKDF2(hex_hmac_sha1(password, challenge), challenge, 20, { iterations: 1000 });
				
				
				jQuery("#" + formID ).append("<input type=\"hidden\" name=\"passwordHash\"  id=\"" + formID + "_su_passwordHash\" value=\""+ passwordHash + "\"/>");
				jQuery("#"  +formID +"_userPassword").val(generateFiller(password));
				jQuery("#"  +formID +"_confirmPassword").val(generateFiller(password));
				
				readyToSubmit = true;
				jQuery("#" + formID ).submit();
			},
			dataType: 'xml'
		});
		return false;
	}
	
	this.renderSignUpForm = function(formID, className, action, container, includeButtons, recaptchaKey) {
		var self = this;
		var form = jQuery("<form></form>");
		form.attr('id', formID);
		form.attr('class', className);
		//form.attr('action', action);
		form.attr('method', 'post');
		form.append("<input type=\"hidden\" name=\"LoginAction\" value=\"signup\" />");
		
		var table = jQuery("<table></table>");
		table.append("<tr><td>Email:</td><td><input type=\"text\" id=\"" + formID + "_userName\" name=\"userName\"></td></tr>");
		table.append("<tr><td>Password:</td><td><input type=\"password\" id=\"" + formID + "_userPassword\" name=\"userPassword\"></td></tr>");
		table.append("<tr><td>Confirm Password:</td><td><input type=\"password\" id=\"" + formID + "_confirmPassword\" name=\"confirmPassword\"></td></tr>");
		
		//recaptchaHTML = $('<div/>').html(recaptchaHTML).text();
		table.append(
				$("<tr/>")
					.append(
						$("<td/>")
							.attr('colspan', '2')
							.attr('id',formID + '_captcha')
					)
				);
	
		if (includeButtons) {
			table.append("<tr><td colspan=\"2\"><button id=\"" + formID + "_signupSubmit\">Sign Up</button></td></tr>");
		}
		
		form.append(table);
		jQuery(container).append(form);
		
		if (useCaptcha) {
			/*Recaptcha.create(recaptchaKey, formID + "_captcha", {
				 theme: "red",
				 callback: Recaptcha.focus_response_field}
			);*/
		}
		
		jQuery("#signupSubmit").click(function() {
			return self.submitSignUpForm(formID);
			
		});
		
		jQuery("#" + formID ).submit(function (event) {
			
			return self.submitSignUpForm(formID);
		});
	}
	
	this.renderSignUpDialog =function(formID, dialogId, dialogTitle, className, action, container, recaptchaKey) {
		var um= this;
		var div =jQuery("<div class=\"shadowBox\" id=\""+dialogId +"\" title=\""+dialogTitle +"\"></div>");
		this.renderSignUpForm(formID, className, action, div, false, recaptchaHTML);
		jQuery('body').append(div);
		//container.append("<a style=\"cursor:pointer\" id=\"btnChangePass\" >Change Password</a>");
		jQuery("#" + formID ).submit(function (event) {
			
			return self.submitSignUpForm(formID);
		});
		jQuery("#" + dialogId).dialog({
				bgiframe: true,
				autoOpen: false,
				modal: true,
				width: '325px',
				resizable: false,
				buttons: {
					
					'Sign Up': function() {
						return jQuery("#" + formID ).submit();
					
					},
					'Cancel': function() {
						
						//clear the form values
						//jQuery("#" +formID + "_oldPassword").val("");
						//jQuery("#" + formID + "_newPassword").val("");
						//jQuery("#" + formID + "_confirmPassword").val("");
						jQuery(this).dialog('close');
							
					}
				}
			});
			
		container.click(function () { 		jQuery("#" + dialogId).dialog('open'); });	
		
	}
	
	this.renderChangePasswordForm = function(formID, className, action, container) {
		var form = jQuery("<form></form>");
		form.attr('id', formID);
		form.attr('class', className);
		form.attr('action', action);
		form.attr('method', 'post');
	
		form.append("<input type=\"hidden\" name=\"LoginAction\" value=\"changepass\" />");
		var table = jQuery("<table></table>");
	
		table.append("<tr><td style=\"text-align:right\"><label for=\"" + formID + "_oldPassword\">Old password:</label></td><td><input type=\"password\" id=\"" + formID + "_oldPassword\" name=\"oldPassword\"></td></tr>");
		table.append("<tr><td colspan=\"2\">&nbsp;</td></tr>");
		table.append("<tr><td style=\"text-align:right\"><label for=\"" + formID + "_newPassword\">New password:</label></td><td><input type=\"password\" id=\"" + formID + "_newPassword\" name=\"newPassword\"></td></tr>");
		table.append("<tr><td style=\"text-align:right\"><label for=\"" + formID + "_confirmPassword\">Confirm new password:</label></td><td><input type=\"password\" id=\"" + formID + "_confirmPassword\" name=\"confirmPassword\"></td></tr>");
		table.append("<tr><td colspan=\"2\" class=\"errorMessage\"></td></tr>");
		form.append(table);
	
		jQuery(container).append(form);

	}
	
	this.submitChangePasswordForm = function(formID) {
		var oldPasswordHash;
		var newPasswordHash;
		
		jQuery("#" +formID + " .error").removeClass('error');
		jQuery("#" +formID + " .errorMessage").empty();
		
		var oldPassword = jQuery("#" +formID + "_oldPassword").val();
		var newPassword = jQuery("#" + formID + "_newPassword").val();
		var confirmPassword = jQuery("#" + formID + "_confirmPassword").val();
	
	
		if (newPassword !=  confirmPassword ) {
			jQuery("#" + formID + " .errorMessage").html("Could not change password:<br/>The passwords do not match");
			jQuery("label[for=" + formID + "_newPassword]").addClass('error');
			jQuery("label[for=" + formID + "_confirmPassword]").addClass('error');
			return false;
		}
		
		var message = testPasswordStrength(newPassword);
		
		if (message !== true) {
			jQuery("#" + formID + " .errorMessage").html("Could not change password:<br/>" + message);
			jQuery("label[for=" + formID + "_newPassword]").addClass('error');
			jQuery("label[for=" + formID + "_confirmPassword]").addClass('error');
			return false;
		}
		
		//get the challenge for the user
		jQuery.ajax({
			type: 'POST',
			url: ajaxPage,
			data: "action=getChallenges",
			error: function(xReq, textStatus, errorThrown) {
				jQuery("#" + formID + " .errorMessage").html("Could not change password:<br/>" +errorThrown);
				return false;
			},
			success: function(data,textStatus) {
				
				challenge = jQuery(data).find("results").find("challenge").text();
				challengeNext = jQuery(data).find("results").find("nextChallenge").text();
				
				//compute the hashed responses
				oldPasswordHash = hex_hmac_sha1(oldPassword, challenge);
				
				//newPasswordHash = hex_sha1(hex_hmac_sha1(newPassword, challengeNext));
				newPasswordHash = Crypto.PBKDF2(hex_hmac_sha1(newPassword, challengeNext), challengeNext, 20, { iterations: 1000 });
				
				
				jQuery("#" + formID).append("<input type=\"hidden\" name=\"oldPasswordHash\"  id=\"oldPasswordHash\" value=\""+ oldPasswordHash + "\"/>");
				jQuery("#" + formID).append("<input type=\"hidden\" name=\"newPasswordHash\" id=\"newPasswordHash\" value=\""+ newPasswordHash + "\"/>");
				jQuery("#" + formID + "_oldPassword").val(generateFiller(oldPassword));
				jQuery("#" + formID + "_newPassword").val(generateFiller(newPassword));
				jQuery("#" + formID + "_confirmPassword").val(generateFiller(newPassword));
				
				jQuery.ajax({
					type: 'POST',
					url: ajaxPage,
					data: "action=updatePassword&oldPasswordHash=" + oldPasswordHash + "&newPasswordHash=" + newPasswordHash,
					error: function(xReq,textStatus, errorThrown) {
						jQuery("#" + formID + " .errorMessage").html("Could not change password:<br/>" +errorThrown);
						jQuery("label[for=" + formID + "_oldPassword]").addClass('error');
					},
					success: function(data,textStatus) {
						jQuery("#changePasswordDiaog").dialog('close'); 
						showAlert("Your password has been updated!");		
					},
					dataType: 'xml'
				});						
		
			},
			dataType: 'xml'
		});				
	}
	
	this.renderChangePasswordDialog =function(formID, dialogId, className, action, container) {
		var um= this;
		var div =jQuery("<div class=\"shadowBox\" id=\""+ dialogId +"\" title=\"Change Password\"></div>");
		this.renderChangePasswordForm(formID, className, action, div);
		jQuery('body').append(div);
		//container.append("<a style=\"cursor:pointer\" id=\"btnChangePass\" >Change Password</a>");
		jQuery("#" + dialogId).dialog({
				bgiframe: true,
				autoOpen: false,
				modal: true,
				width: '325px',
				resizable: false,
				buttons: {
					'Change Password': function() {
						um.submitChangePasswordForm(formID);
					
					},
					'Cancel': function() {
						jQuery(this).dialog('close');
							
					}
				},
				open: function() {
					jQuery("#" +formID + "_oldPassword").val("");
					jQuery("#" + formID + "_newPassword").val("");
					jQuery("#" + formID + "_confirmPassword").val("");
					jQuery("#" +formID + " .error").removeClass('error');
					jQuery("#" +formID + " .errorMessage").empty();
					
				}
			});
			
		container.click(function () { 		jQuery("#" + dialogId).parent().css({position:"fixed"}).end().dialog('open'); });	
		
	}
	
	this.renderForgotPasswordDialog =function(dialogId, container, usernamePrompt, callback) {
		var um= this;
		var div =jQuery("<div class=\"shadowBox\" id=\""+ dialogId +"\" title=\"Reset Password\"></div>");
		div.append(jQuery("<p>")
			.text(usernamePrompt)
			.append('&nbsp;')
			.append(jQuery("<input>").attr('type', 'text').attr('id',dialogId +"_username")));	

		jQuery('body').append(div);
		//container.append("<a style=\"cursor:pointer\" id=\"btnChangePass\" >Change Password</a>");
		jQuery("#" + dialogId).dialog({
				bgiframe: true,
				autoOpen: false,
				modal: true,
				width: '325px',
				resizable: false,
				buttons: {
					'Reset Password': function() {
						$.ajax({
							url: ajaxPage,
							data: {
								action: 'forgotPassword',
								username:jQuery("#" + dialogId +"_username").val()
							},
							success: function() {
								jQuery("#" + dialogId).dialog('close');
								callback(jQuery("#" + dialogId +"_username").val());
							}
						});	
					},
					'Cancel': function() {
						
						//clear the form values
						jQuery("#" + dialogId +"_username").val("");
						jQuery(this).dialog('close');
							
					}
				}
			});
			
		container.live('click', function () { 	jQuery("#" + dialogId).dialog('open'); });	
		
	}
	
	this.submitForgotPasswordForm = function(hash, username, newPassword, errorContainer) {
	
		
		//get the challenge for the user
		jQuery.ajax({
			
			url: ajaxPage,
			data: {
				action: "getChallenges",
				userName: username
			},
			error: function(xReq, textStatus, errorThrown) {
				showAlert(errorThrown);
				return false;
			},
			success: function(data,textStatus) {
				
				challenge = jQuery(data).find("results").find("challenge").text();
				challengeNext = jQuery(data).find("results").find("nextChallenge").text();
				
				//newPasswordHash = hex_sha1(hex_hmac_sha1(newPassword, challengeNext));
				newPasswordHash = Crypto.PBKDF2(hex_hmac_sha1(newPassword, challengeNext), challengeNext, 20, { iterations: 1000 });
				
				
				jQuery.ajax({
					
					url: ajaxPage,
					data: {
						action:'updatePasswordforgot',
						newPasswordHash:newPasswordHash,
						username: username,
						hash: hash
					},
					error: function(jqXHR, textStatus, errorThrown){
						if (errorContainer) {
							errorContainer.text(errorThrown);
						} else {
							showAlert(errorThrown);
						}
					},
					success: function(data,textStatus) {
						showAlert("Your password has been reset.", function() {location.replace('./');}, "Password Reset");
							
					},
					dataType: 'xml'
				});						
		
			},
			dataType: 'xml'
		});				
	}
	
	this.renderLogOutForm = function(formID, className, action, container) {
		var form = jQuery("<form></form>");
		form.attr('id', formID);
		form.attr('class', className);
		form.attr('action', action);
		form.attr('method', 'post');
		form.append("<input type=\"hidden\" name=\"LoginAction\" value=\"logout\" />");
		form.attr('height', '0px');
		//input type=\"submit\" value=\"Log Out\" />");
		container.append(form);
		container.append("<a id=\"btnLogout\" style=\"cursor:pointer\" onclick=\"document.forms['" +formID +"'].submit()\" >Sign Out</a>");
	}
	
	this.renderTimeout = function(length) {
	
		/*return setTimeout(function(){
			
			alert("You have been automatically logged out following a period of inactivity.");
			$("#btnLogout").trigger('click');
			
		}, length); */
			
		

	}
	
}