[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: HTTPAPI to SSL Website



Scott:

Alright, here we go...

I installed the new beta LIBHTTP code prior to doing any of this.

When I tried your sample program verbatim, I got the same results that I had been getting previously. That is, the second page that comes back is actually the "first" page with "<li>Your session has timed out.</li>" embedded in it.

I also noticed that you're not initializing SSL, which I found interesting...

When I tried MY program, dumping the output the debug file, the second fetch doesn't seem to be dumped to the DEBUG file. It looks like it tried to go get it, but the server returns 0 bytes available, or that DEBUG "magically" got turned off.

Thinking that it might be caused by using a variable (rather than hard-coding) the URL, I tried that too (hard coding). Same result.

I've included the files that your program generated, the DEBUG log from my program, and the source from my program. There's a little extra "stuff" in my program, as I'm trying to learn / build / think about finalized code / etc. as I go...

From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Juracich, Jon [Jon.Juracich@xxxxxxxxxxx]
Sent: Tuesday, July 01, 2008 3:44 PM
To: HTTPAPI and FTPAPI Projects
Subject: RE: HTTPAPI to SSL Website

Scott:

Thanks for continuing to look at this!

After I had sent the program / described what it was doing (yesterday, actually), I changed it to perform a GET, rather than a POST. I did that based on watching the packets with the Firefox TamperData add in. Since I was using the non-beta version of your code, it did the same thing (session timeout).

I'll get the beta code & try it again.

Thanks again for your help on this - I really, REALLY appreciate it!

Jon Juracich, IBM Certified Specialist: RPG IV Developer
Sr. Staff Consultant, IBM Solutions Practice

Affiliated, Inc.
(614)889-6555, ext 355

www.aresgrp.com

Affiliated helps growing & Mid-Market organizations identify, evaluate, and implement solutions that use new & existing technology & resources that improve operational efficiency or increase revenue. Both make your organization more profitable and more successful.
________________________________________
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Scott Klement [sk@xxxxxxxxxxxxxxxx]
Sent: Tuesday, July 01, 2008 2:59 PM
To: HTTPAPI and FTPAPI Projects
Subject: Re: HTTPAPI to SSL Website

Hi Jon,

I tried to write a quick program to test your CFLC web site, I did got
it working (maybe... I'm not exactly sure what the program is supposed
to do).  I noticed the following:

a) You were sending a POST request (instead of a GET) for the
addEnrolee.do page -- which might've caused the dispatch variable to not
be found by the server, since the server was expecting a GET request.

b) When I ran my own copy of the program I got a Cookie error in the
debug log.  (This error wasn't in your log, which I can't explain!)  I
traced the error to a bug in the "case-sensitivity" update that I sent
you on June 26.

c) So I fixed the bug in the case-sensitivity code, and now my program
works!  Here's the code I'm testing with:


      H DFTACTGRP(*NO) ACTGRP(*NEW) BNDDIR('LIBHTTP/HTTPAPI')

       /copy httpapi_h

      D rc              s             10i 0

       /free
        http_debug(*ON);

        rc=http_url_get('https://webapps.doj.ca.gov/cflc/index.jsp'
                       : '/tmp/deleteme');
        if (rc<>1);
          http_crash();
        endif;

        rc=http_url_get('https://webapps.doj.ca.gov/cflc/addEnrolee.do'
                       + '?dispatch=enrollmentGuidelines'
                       : '/tmp/deleteme');
        if (rc<>1);
          http_crash();
        endif;

        *inlr = *on;

       /end-free

To get my updated HTTPAPI (with the fix I made to the bug in the
case-sensitivity code) please download the latest copy from
http://www.scottklement.com/httpapi/beta

I'm still confused about why the bug didn't show up in your log file
(with a cookie error message).  Did you notice the problem and fix it on
your end already?  That's all I can think of...  but it seems unlikely
you'd do that without mentioning it... so I'm puzzled.


Juracich, Jon wrote:
> I don't know that I'm having a problem with the SSL part, per se.
> It's more like what I'm trying to send (the session cookie value, for
> the second page), or maybe what I'm not sending. I've used a couple
> of the tools available for Firefox (Firebug and TamperData) but I
> don't really know how to read what I'm seeing. Using TamperData, it
> LOOKS like Firefox is doing a straight GET to retrieve the second
> page. Does that involve sending anything up to the server, other than
> the "GET" request? If it does, and HTTPAPI doesn't do that, I would
> think that I would have to "send" something with the cookie value.
> Maybe.
>
> I've also used the HTTPAPI debug tool to dump the communications out
> to a file. That, I can kind of read (but not necessarily completely
> understand!).

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
   spacer

   [1]skip to content
   CFLC logo
     * [2]AG Home Page

     * Version  1.5.0.73
     * [3]CONTACT US
     * [4]HELP

   * Indicates Required Field

   If you can read this, then your browser is not css compliant, or the
   linked style sheet was not found.

   This page requires Javascript to function properly.

Log In to CFLC

   Not yet enrolled in CFLC?

   If you have not already enrolled, please [5]enroll in CFLC.

   Enrolled CFLC users [6][View Login and Password information]

   Login ID - This is the ID for your CFLC user account. Your Login ID is
   the first three and last five numbers of your FFL number.
   Password - If you have already enrolled as a CFLC user, you have
   created a password to access your account. Passwords must be 8
   characters and must contain at least one uppercase alpha, at least one
   lowercase alpha and at least one numeric character. Special characters
   are optional but recommended.
     * *Login ID (first 3 and last 5 digits of FFL number)
       _  -  __  - XXX  -  XX  -  XX  -  _____
        1   -   23    - XXX  -  XX  -  XX  -   12345

     * *User ID
       __________

     * *Password
       _________   Forgot Password? [7][View instructions]

   Enter Login ID, then [8]Request Password
   Additional instructions will be sent to the email address associated
   with your CFLC user account.
   NOTE: If your CFLC account does not have an email address associated
   with it, contact the Bureau of Firearms (view Contact Us link above).
   Please click buttons only once. Multiple clicks will delay processing.
   [BUTTON] [BUTTON]

References

   1. file://localhost/tmp/tmpFmFMsQ.html#skipToContentAnchor
   2. javascript:void(openAgLink());
   3. javascript:open_contactus();
   4. javascript:call_help()
   5. javascript:goToURL('addEnrolee.do?dispatch=enrollmentGuidelines');
   6. javascript:showDetails('Logon_ID_Details','view_hide');
   7. javascript:void(showDetails('Forgot_Password_Details','view_hide_2'));
   8. javascript:void(validateIdEntered('forgotpassword'));
   spacer

   [1]skip to content
   CFLC logo
     * [2]AG Home Page

     * Version  1.5.0.73
     * [3]CONTACT US
     * [4]HELP

   * Indicates Required Field

   If you can read this, then your browser is not css compliant, or the
   linked style sheet was not found.

   This page requires Javascript to function properly.
     * Your session has timed out.

Log In to CFLC

   Not yet enrolled in CFLC?

   If you have not already enrolled, please [5]enroll in CFLC.

   Enrolled CFLC users [6][View Login and Password information]

   Login ID - This is the ID for your CFLC user account. Your Login ID is
   the first three and last five numbers of your FFL number.
   Password - If you have already enrolled as a CFLC user, you have
   created a password to access your account. Passwords must be 8
   characters and must contain at least one uppercase alpha, at least one
   lowercase alpha and at least one numeric character. Special characters
   are optional but recommended.
     * *Login ID (first 3 and last 5 digits of FFL number)
       _  -  __  - XXX  -  XX  -  XX  -  _____
        1   -   23    - XXX  -  XX  -  XX  -   12345

     * *User ID
       __________

     * *Password
       _________   Forgot Password? [7][View instructions]

   Enter Login ID, then [8]Request Password
   Additional instructions will be sent to the email address associated
   with your CFLC user account.
   NOTE: If your CFLC account does not have an email address associated
   with it, contact the Bureau of Firearms (view Contact Us link above).
   Please click buttons only once. Multiple clicks will delay processing.
   [BUTTON] [BUTTON]

References

   1. file://localhost/tmp/tmpXhTZXP.html#skipToContentAnchor
   2. javascript:void(openAgLink());
   3. javascript:open_contactus();
   4. javascript:call_help()
   5. javascript:goToURL('addEnrolee.do?dispatch=enrollmentGuidelines');
   6. javascript:showDetails('Logon_ID_Details','view_hide');
   7. javascript:void(showDetails('Forgot_Password_Details','view_hide_2'));
   8. javascript:void(validateIdEntered('forgotpassword'));
HTTPAPI Ver 1.23 released 2008-04-24
OS/400 Ver V5R4M0

http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 2
DNS resolver retry  : 2
DNS resolver options: x'00000136'
DNS default domain: ARGDOMAIN.COM
DNS server found: 192.168.130.46
DNS server found: 192.168.130.25
-------------------------------------------------------------------------------------
Dump of server-side certificate information:
-------------------------------------------------------------------------------------
Cert Validation Code = 6000
-----BEGIN CERTIFICATE-----
MIIExTCCBC6gAwIBAgIQVxx/wNMcBriv5W/Iis5OuzANBgkqhkiG9w0BAQUFADCB
ujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVy
aVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2Vy
dmVyIENBIC0gQ2xhc3MgMzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMg
SW5jb3JwLmJ5IFJlZi4gTElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjAeFw0w
ODA1MzAwMDAwMDBaFw0xMTA1MzAyMzU5NTlaMIHVMQswCQYDVQQGEwJVUzETMBEG
A1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxQKU2FjcmFtZW50bzEpMCcGA1UEChQg
Q2FsaWZvcm5pYSBEZXBhcnRtZW50IG9mIEp1c3RpY2UxHzAdBgNVBAsUFk5ldHdv
cmsgU2VydmljZXMgR3JvdXAxMzAxBgNVBAsUKlRlcm1zIG9mIHVzZSBhdCB3d3cu
dmVyaXNpZ24uY29tL3JwYSAoYykwNTEbMBkGA1UEAxQSd2ViYXBwcy5kb2ouY2Eu
Z292MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDiVBV6GbDwl1nqv9WZC0+2
qNWjH5D3fkE2+0JJWmgMxaY5TzV0FlUXMxZWOT5PO2K+nTEl2T9fsc/P61RFOeIK
NEGfsvEXQyg4iaJfiD4PpgF9JYgMZs1Dst1QGuOXiOfDW20SRL2W7l5Yn1KE0HAI
r1nYXsJCCBS9VA/4Jh1PvQIDAQABo4IBrTCCAakwCQYDVR0TBAIwADALBgNVHQ8E
BAMCBaAwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXAzAqMCgGCCsGAQUFBwIBFhxo
dHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMDwGA1UdHwQ1MDMwMaAvoC2GK2h0
dHA6Ly9TVlJJbnRsLWNybC52ZXJpc2lnbi5jb20vU1ZSSW50bC5jcmwwKAYDVR0l
BCEwHwYIKwYBBQUHAwEGCCsGAQUFBwMCBglghkgBhvhCBAEwcQYIKwYBBQUHAQEE
ZTBjMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC52ZXJpc2lnbi5jb20wOwYIKwYB
BQUHMAKGL2h0dHA6Ly9TVlJJbnRsLWFpYS52ZXJpc2lnbi5jb20vU1ZSSW50bC1h
aWEuY2VyMG4GCCsGAQUFBwEMBGIwYKFeoFwwWjBYMFYWCWltYWdlL2dpZjAhMB8w
BwYFKw4DAhoEFEtruSiWBgy70FI4mymsSweLIQUYMCYWJGh0dHA6Ly9sb2dvLnZl
cmlzaWduLmNvbS92c2xvZ28xLmdpZjANBgkqhkiG9w0BAQUFAAOBgQBphQ4yqOtd
kUsOnyOO1uFCeBfLaS5eziZBdKd6HvOsobxBWdIRmVQH5ZYAUaqJE1mgVbK2cLcW
Rpjm2hJ5wPLayIhmWJR+bEeXYVYH5MH48a23aBeueW13qhk/6HwkNl6OBF3Q5LD4
7SnzHTgDTGbYKrmxx/wkGkajYBX47jHXpA==
-----END CERTIFICATE-----
Serial Number: 57:1C:7F:C0:D3:1C:06:B8:AF:E5:6F:C8:8A:CE:4E:BB
Common Name: webapps.doj.ca.gov
Country: US
State/Province: California
Locality: Sacramento
Org Unit: California Department of Justice
Org: Terms of use at www.verisign.com/rpa (c)05, OU=Network Services Group
Issuer Org: VeriSign Trust Network
Issuer Org Unit: www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign, OU=VeriSign International Server CA - Class 3, OU=VeriSign, Inc.
Version: 03
not before: 20080529200000
not after: 20110530195959
pub key alg: 1.2.840.113549.1.1.5

Protocol Used: TLS Version 1
http_persist_get(): entered
http_long_ParseURL(): entered
do_get(): entered
GET /cflc/addEnrolee.do?dispatch=enrollmentGuidelines HTTP/1.1
Host: webapps.doj.ca.gov
User-Agent: http-api/1.23
Cookie: $Version=0; jsessionid=ac1a0b0b30d685d9adf1dcaf434e98d1aaeb2a816801.e34Nah0Pbh4KaO0LchmOa3iKbNiRe0; $Path=/cflc;


recvresp(): entered
HTTP/1.1 200 OK
Date: Tue, 01 Jul 2008 20:51:46 GMT
Server: Oracle-Application-Server-10g/10.1.3.1.0 Oracle-HTTP-Server
Content-Location: http://webapps.doj.ca.gov:9010/cflc/WEB-INF/jsp/layout/mainAppLayout.jsp
Set-Cookie: JSESSIONID=ac1a0b0b30d6dabb04a9f8d64923a96a89f6ec233f89.e34Nah0Pbh4KaO0LchmOa3iKbNiRe0; path=/cflc
Pragma: no-cache
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1


SetError() #13: HTTP/1.1 200 OK
recvdoc parms: chunked 0
header_load_cookies() entered
cookie_parse() entered
cookie =  JSESSIONID=ac1a0b0b30d6dabb04a9f8d64923a96a89f6ec233f89.e34Nah0Pbh4KaO0LchmOa3iKbNiRe0; path=/cflc
cookie attr jsessionid=ac1a0b0b30d6dabb04a9f8d64923a96a89f6ec233f89.e34Nah0Pbh4KaO0LchmOa3iKbNiRe0
cookie attr path=/cflc
recvchunk(): entered
get_chunk_size(): entered
1205

chunk size = 4613
get_chunk_size returned 4613
calling comm_blockread





 
 








<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
        "http://www.w3.org/TR/html4/strict.dtd";>
<html>

 <!--
	Author: Andrea Schubert
-->
<head>
  <link rel='shortcut icon' href='images/favicon.ico'>
	<title>California Firearms Licensee Check - Log In</title>
	<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
	<meta http-equiv="Content-Script-Type" content="text/javascript">
	<meta http-equiv="Content-Style-Type" content="text/css">
  <meta name="keywords" content="California,Attorney,General,firearms,Firearms,Enforcement,shipment,shipper,cflc,CFLC,Do,Not,Ship,Order,Verification,licensing,enrollee,listee"> 
  <meta name="description" content="This is the California Firearms Licensing Check system"> 

  <link href="stylesheets/doj-main-design.css" rel="stylesheet" type="text/css" media="all">
  <link href="stylesheets/doj-main-print.css" rel="stylesheet" type="text/css" media="print">
	<style type="text/css">@import url("stylesheets/cflcAppPageStyle.css");
    
    
    
	</style>
	<script src="javascripts/RoboHelp_CSH.js" type="text/javascript"></script>
	<script src="javascripts/cflcJavascripts.js" type="text/javascript"></script>
	<script src="javascripts/cflcPageValidation.js" type="text/javascript"></script>
  <script src="javascripts/validDateMmDdYyNoSep.js" type="text/javascript"></script>
	<script src="javascripts/zipcode.js" type="text/javascript"></script>

  <script type="text/javascript">
    //Submit with Dispatch 
    function submitWithDispatch(param)
    {
      document.forms[0].dispatch.value=param;
      document.forms[0].submit();
      return true;
    }
  </script>

</head>

<body onLoad="onBodyLoad();">

<!-- Outer Container -->
<div id="outerContainer">
  <a name="top"></a>

  <!-- banner -->
  <div id="header">
    <img class="homeLink" src="images/spacer.gif" alt="spacer">
    <p class="skipToContent"><a href="#skipToContentAnchor">skip to content</a></p>
    <img src="images/cflcLogo.gif" alt="CFLC logo">
  </div>
  
  <!-- main Navigation -->
  <div id="mainNavigation">
    <ul>
      <li><a href="javascript:void(openAgLink());">AG Home Page</a></li>    
    </ul>    
    <ul class="cflcLinksList"> 
      <li>
        Version &nbsp;1.5.0.73
      </li> 
      <li style="text-align: right;">
        <a class="help" href="javascript:open_contactus();"
        title="Open CFLC Contact Us page (opens a pop-up window)">CONTACT US</a>
      </li>
      <li style="text-align: right;">        
        <a class='help' href='javascript:call_help()' title='Open CFLC online Help'>HELP</a>
      </li>
      
    </ul> 
  </div><!-- end main Navigation --> 

<!-- Start Main Content -->

  <div id="cflcBannerMsgs">
    <div id="cflcRequiredFieldMsg">* Indicates Required Field</div>
    <div id="cflcWelcome">
      
          <script type="text/javascript">
          <!-- Begin
          // Get today's current date.
          var now = new Date();
          
          // Array list of months.
          var months = new Array('January','February','March','April','May','June','July','August','September','October','November','December');
          
          // Calculate the number of the current day in the week.
          var date = ((now.getDate()<10) ? "0" : "")+ now.getDate();
          
          // Calculate four digit year.
          function fourdigits(number)	{
            return (number < 1000) ? number + 1900 : number;
          }
            
          // Join it all together
          today =  months[now.getMonth()] + " " +
                         date + ", " +
                          (fourdigits(now.getYear())) ;
          
          // Print out the data.
          document.write("" +today+ "");
          //  End -->
          </script>
			</div><!-- close cflcWelcome -->        
		</div><!-- close cflcBannerMsgs -->	

    <div id="mainContent" class="article">
    
  		<p class="invisible">If you can read this, then your browser is not css 
      compliant, or the linked style sheet was not found.</p>
    
      <noscript>
        <p class="noscriptMsg">This page requires Javascript to function properly.</p>
      </noscript>
    
      <div id="errors"> 
        
         
          <ul class="confirmationMsg">
             
              <li>Your session has timed out.</li>
             
          </ul>  
        
      </div><!-- close errors div -->
    
    <h1 class="mainHeaderCentered">Log In to CFLC</h1>
    
comm_blockread returned 4613


get_chunk_size(): entered
1ffa

chunk size = 8186
get_chunk_size returned 8186
calling comm_blockread






 
 





  <script type="text/javascript">
  /*
  DEVELOPER NOTE: set global variable to carry the user type of doj or public 
  (or whatever values are being used, but if not 'doj' or 'public' then alter js code below acordingly)
  this is used on this page to determine how to show the user id, whether it's ffl portions or one alpha fld
  */
      var USER_TYPE="public";
    
      function onBodyLoad()
      {
        fnToggleView(USER_TYPE);
        getFocus();
      }
  </script>

 <form name="LoginForm" method="post" action="/cflc/login.do;jsessionid=ac1a0b0b30d6dabb04a9f8d64923a96a89f6ec233f89.e34Nah0Pbh4KaO0LchmOa3iKbNiRe0">
 <p><input type="hidden" name="dispatch" value=""></p>
  
  <p><a name="skipToContentAnchor"></a></p>
    

    <div id="enrollContainer">
        <p class="subhead">Not yet enrolled in CFLC?</p>
				<p class="formText">If you have not already enrolled, please 
          <a href="javascript:goToURL('addEnrolee.do?dispatch=enrollmentGuidelines');">enroll in CFLC</a>.
				</p>
    </div><!-- close enrollContainer -->    
    
		<div id="logonContainer" class="formContainer">
      <p class="subhead">Enrolled CFLC users
        <a href="javascript:showDetails('Logon_ID_Details','view_hide');" 
          class="detailsLink">[<span id="view_hide">View</span> 
          Login and Password information]</a>
      </p>				

      <p id="Logon_ID_Details" style="display:none;">
        <span class="bold">Login ID</span> - This is the ID for your CFLC 
        user account. Your Login ID is the first three and last five numbers 
        of your FFL number.		
        <br><br>
        <span class="bold">Password</span> - If you have already enrolled as
        a CFLC user, you have created a password to access your account.
        Passwords must be 8 characters and must contain at least one 
        uppercase alpha, at least one lowercase alpha and at least one 
        numeric character. Special characters are optional but recommended.		
      </p>
  
      <ul id="publicUser" style="display: none;" class="formLayout">
        <li>
          <label for="fflAtfRegion" title="enter the first digit of your Federal Firearms License (FFL) Number" 
          class="fieldLabel"><span class="red">*</span>Login ID</label>&nbsp;<span class="infoMsg">(first 3 and last 5 digits of FFL number)</span>
          <br>     
          <input type="text" name="ffl1char" maxlength="1" size="1" value="" onkeyup="autoTab(this.name);" style="width:15px;" class="formText" id="fflAtfRegion">
          <!--input type="text" class="formText" name="fflAtfRegion" id="fflAtfRegion" 
          size="1" maxlength="1" /-->&nbsp;-&nbsp;<label class="cflcNoMargins" for="fflState" 
          title="enter the second and third digits of your Federal Firearms License (FFL) Number"></label>
          <input type="text" name="ffl23char" maxlength="2" size="2" value="" onkeyup="autoTab(this.name);" style="width:26px;" class="formText" id="fflState">
          <!--input type="text" class="formText" name="fflState" id="fflState" size="2" maxlength="2" /-->
          &nbsp;-&nbsp;XXX&nbsp;&nbsp;-&nbsp;&nbsp;XX&nbsp;&nbsp;-&nbsp;&nbsp;XX&nbsp;&nbsp;-&nbsp;
          <label class="cflcNoMargins" for="fflLicenseeNumber" 
          title="enter the last five digits of your Federal Firearms License (FFL) Number"></label>
          <input type="text" name="ffllast5char" maxlength="5" size="5" value="" style="width:50px;" class="formText" id="fflLicenseeNumber">
          <!--input type="text" class="formText" name="fflLicenseeNumber" id="fflLicenseeNumber" 
          size="6" maxlength="5" /-->
          <br>
          <span title="sample format"><span 
          style="background-color: #ffcc33;">&nbsp;1&nbsp;&nbsp;&nbsp;-&nbsp;&nbsp;&nbsp;23&nbsp;&nbsp;</span>
          &nbsp;-&nbsp;XXX&nbsp;&nbsp;-&nbsp;&nbsp;XX&nbsp;&nbsp;-&nbsp;&nbsp;XX&nbsp;&nbsp;-&nbsp;&nbsp;<span style="background-color: #ffcc33;">&nbsp;12345&nbsp;</span></span>
          <!--<img name="sampleFormat" src="images/sampleFfl2.gif" 
          alt="sample of FFL number format 1-23-999-99-9A-45678" 
          title="sample of FFL number format 1-23-999-99-9A-45678" 
          style="display:block;" />-->
        </li>
      </ul>
				
      <ul id="dojUser" style="display: none;" class="formLayout">
        <li>
          <label for="userId" title="CFLC User ID" class="fieldLabel">
          <span class="red">*</span>User ID</label>
          <br>
          <input type="text" class="formText" name="userId" id="userId" size="10" maxlength="8">
        </li>
      </ul>
				
      <ul class="formLayout">
        <li>
          <label for="password" class="fieldLabel" 
          title="enter your CFLC password"><span class="red">*</span>Password</label>
          <br>
          <input type="password" name="password" maxlength="8" size="9" value="" class="formText" id="password">
          <!--input type="text" class="formText" name="password" id="password" size="9" maxlength="8" /-->
          &nbsp;&nbsp;<span class="infoMsg">Forgot Password?</span>
          <a href="javascript:void(showDetails('Forgot_Password_Details','view_hide_2'));" 
             class="detailsLink">[<span id="view_hide_2">View</span> instructions]</a>
        </li>
      </ul>
        
      <p id="Forgot_Password_Details" style="display:none;">
        Enter Login ID, then <a href="javascript:void(validateIdEntered('forgotpassword'));"
             style="text-decoration:underline;">Request Password</a>
          <br>
          Additional instructions will be sent to the email address 
          associated with your CFLC user account.
          <br> 
          <span class="red">NOTE: If your CFLC account does not have 
          an email address associated with it, contact the Bureau&nbsp;of&nbsp;Firearms 
          (view Contact Us link above).</span>
      </p>		
    </div><!-- close logonContainer -->
    
		<div id="genformbuttons">
			<span class="infoMsg">Please click buttons only once. Multiple clicks will delay processing.</span>
			<br>		
			<input type="button" class="btn80"
						 name="save" id="save"
						 value="Submit"
             title="Submit user ID and password to log on to CFLC"
						 onFocus="javascript:focusOn(this.id);"
						 onBlur="javascript:focusOff(this.id);"
						 onClick="javascript:focusOn(this.id); validateIdEntered('login');">
							
			<input type="button" class="btn80" 
						 name="clear" id="clear"
						 value="Clear Form"
             title="Clear form of all unsaved changes"
						 onFocus="javascript:focusOn(this.id);"
						 onBlur="javascript:focusOff(this.id);"
						 onClick="javascript:focusOn(this.id); fnClear();">
		
    </div><!-- close genformbuttons -->
    
  </form>

 
<script type="text/javascript">

	var msg = "";	//incremental message being built as errors are encountered
	var focusField;	//capture first field where error encountered, used to clear and set focus to that field after alerting error(s)
	var msgHeader;	//header at top of alert box for error display

	function validateIdEntered(flag)
	{
    
    //if user is public, the next three numeric fields are the login id
		var fflAtfRegion = (document.getElementById('fflAtfRegion')) ? document.getElementById('fflAtfRegion') : null;
		var fflState = (document.getElementById('fflState')) ? document.getElementById('fflState') : null;
		var fflLicenseeNumber = (document.getElementById('fflLicenseeNumber')) ? document.getElementById('fflLicenseeNumber') : null;
		//but if user is doj user the next alpha field is the user id
		var dojUserId = (document.getElementById('dojUserId')) ? document.getElementById('dojUserId') : null;
		var pwd=(document.getElementById('password')) ? document.getElementById('password') : null;
		
		removeLeadingAndTrailingSpaces();
		
		msgHeader =  "***************************************************************************************\n";
		msgHeader += "Your form could not be submitted due to one or more errors.\n";

comm_blockread returned 8186


get_chunk_size(): entered
195f

chunk size = 6495
get_chunk_size returned 6495
calling comm_blockread

		msgHeader += "Please correct the following error(s) and re-submit.\n";
		msgHeader += "***************************************************************************************\n\n";

//if user is public, the login id is the next three fields	
		//if all three are present, check for values
		if(fflAtfRegion && fflState && fflLicenseeNumber)
		{
			//if all three blank, simplify message
			if(!isRequired(fflAtfRegion.value) && !isRequired(fflState.value) && 
			   !isRequired(fflLicenseeNumber.value))
			{
				msg+= "\"Login ID\"" + msgRequired + ".\n\n";
				focusField = (focusField == null ) ? fflAtfRegion : focusField;	
			}
			//otherwise, if first part blank but second or third have value
			if( (!isRequired(fflAtfRegion.value) && 
					(isRequired(fflState.value) || isRequired(fflLicenseeNumber.value))) )
			{
				msg+= "The first segment of \"Login ID\"" + msgRequired + ".\n\n";
				focusField = (focusField == null ) ? fflAtfRegion : focusField;	
			}
			//if first part has value, must be numeric
			if(isRequired(fflAtfRegion.value) && !isInteger(fflAtfRegion.value))			
			{
				msg+= "The first segment of \"Login ID\"" + msgInteger + ".\n\n";
				focusField = (focusField == null ) ? fflAtfRegion : focusField;	
			}
			//otherwise, if second part blank but first or third have value
			if( (!isRequired(fflState.value) && 
					(isRequired(fflAtfRegion.value) || isRequired(fflLicenseeNumber.value))) )
			{
				msg+= "The second segment of \"Login ID\"" + msgRequired + ".\n\n";
				focusField = (focusField == null ) ? fflState : focusField;	
			}
			//if second part has value, must be 2 numeric chars
			if(isRequired(fflState.value))			
			{
				var testNum=isNumberLength(fflState.value,2,'The second segment of \"Login ID\"');
				if(testNum!="") 
        {
          msg+= testNum + "\n";
          focusField = (focusField == null ) ? fflState : focusField;	
        }
			}
			//otherwise, if third part blank but first or second have value
			if( (!isRequired(fflLicenseeNumber.value) && 
					(isRequired(fflAtfRegion.value) || isRequired(fflState.value))) )
			{
				msg+= "The last segment of \"Login ID\"" + msgRequired + ".\n\n";
				focusField = (focusField == null ) ? fflLicenseeNumber : focusField;	
			}
			//if third part has value, must be 5 numeric chars
			if(isRequired(fflLicenseeNumber.value))			
			{
				/*Modified by manoj on 8th April
        * Since this page is used for login by both doj users and external users
        * do not validate the data type of fflLicenseeNumber. Verify if the length
        * of fflLicenseeNumber entered is 5.
        */
        if(fflLicenseeNumber.value.length!=0 && fflLicenseeNumber.value.length<5) //if field is not blank, is it the right length?
        {
          msg+= 'The last segment of \"Login ID\"' + " is the wrong length. Length expected is 5. \n";
          focusField = (focusField == null ) ? fflLicenseeNumber : focusField;
        }
			}
		}
    
/*only used for public user that clicks the link for request password - 
if no err so far, then all parts of ffl for login id are entered correctly, and
if flag is forgotpassword, the link was clicked and we can proceed */
    if(flag=='forgotpassword' && msg=="")
		{
			submitForgotPassword(flag);	
		}
		
//if user is doj user, the login id is this field only
		if(flag=='login' && dojUserId && !isRequired(dojUserId.value))
		{
			msg+= "\"Login ID\"" + msgRequired + ".\n\n";
			focusField = (focusField == null ) ? dojUserId : focusField;	
		}

//both user types utilize password, but password not required if clicking the Forgot Password button
		if(flag=='login' && pwd && !isRequired(pwd.value))
		{
			msg+= "\"Password\"" + msgRequired + ".\n\n";
			focusField = (focusField == null ) ? pwd : focusField;	
		}

		/* ****************************************** SUBMIT THE FORM ******************************* */
    if (focusField!=null)
		{
			msg = msgHeader + msg;	//append the banner before the error message
			alert(msg);				      //show the user the error message alert box
			focusField.focus();	    //focus in first field where error occurred

			msg = "";               //reset to default
			focusField=null;	      //reset to default
			msgHeader="";	          //reset to default
      return false;
		}
		//else, submit the form
		submitWithDispatch(flag);
		//goToURL('cflcMainMenu.htm');
		return true;
	}
  
function submitForgotPassword(flag)
{
		submitWithDispatch(flag);
}

function fnToggleView(flag)
{	
	var publicUser = document.getElementById('publicUser');
	var dojUser = document.getElementById('dojUser');
	var forgotPwdBtn = document.getElementById('forgotPassword');
	if (flag=="public")
	{
    publicUser.style.display="block";
    dojUser.style.display="none";
	}
	else
	{
    dojUser.style.display="block";
    publicUser.style.display="none";
    forgotPwdBtn.style.display="none";
	}
}

function showDetails(id_1,id_2)
{
	var element_1 = (document.getElementById(id_1)) ? document.getElementById(id_1) : null;
	var element_2 = (document.getElementById(id_2)) ? document.getElementById(id_2) : null;
	if(element_1)
	{
		if(element_1.style.display=="none") 
		{
      element_1.style.display="block";
      element_1.style.background="#ffffff";
      if(element_2)
      {
        if(element_2.innerHTML=="View") element_2.innerHTML="Hide";
        else element_2.innerHTML="View";
      }
		}
		else
		{
			element_1.style.display="none";
			if(element_2)
			{
				element_2.innerHTML="View";
			}
		}
	}
}

</script>


    </div><!-- close mainContent -->	
 
</div><!-- close outerContainer div -->
 
<script type="text/javascript">
function open_contactus()
{
  showPopupWindow('/cflc/contact-us.jsp', 'contact_us', 500, 500, 'no','no');
}
function open_releaseNotes()
{
  showPopupWindow('/cflc/releaseNotes.jsp', 'release_notes', 500, 500, 'no', 'no');
}

function openAgLink()
{
  if(confirm("This link takes you out of the CFLC application.\n" +
  "You will lose any unsaved changes you may have made in the CFLC application.\n" +
  "To continue, press 'OK', to remain in CFLC, press 'Cancel'."))
  {
    goToURL('https://ag.ca.gov/');
  }
}

function open_aboutCaptcha(url)
{
  showPopupWindow('/cflc/aboutCaptcha.jsp#'+url, 'about_captcha', 500, 500, 'no', 'no');   
}

</script>

</body>
</html>
comm_blockread returned 6495


get_chunk_size(): entered
0

chunk size = 0
get_chunk_size returned 0
http_close(): entered
     H DFTACTGRP(*NO) BNDDIR('HTTPAPI')
     H ACTGRP('HTTPAPI')

      /copy qrpglesrc,httpapi_h

     D APP_ID          C                   CONST('CADOJ_CFLC_RQSSHPVERIFY')

     D rc              s             10I 0
     D msg             s             52A

     D http_debug_sts  S               N

     D data            S           1024A
     D retdata         S          32766A
     D retlen          S             10I 0
     D nextpos         S             10I 0 inz(1)

     D url_start       S             10I 0
     D next_url        s            256A   varying


     D incoming        PR            10I 0
     D   descriptor                  10I 0 value
     D   data                      8192A   options(*varsize)
     D   datalen                     10I 0 value


      ****************************************************************
      *   P R O G R A M   P R O T O T Y P E   (*ENTRY PARAMETERS)
      ****************************************************************
     D MAIN            PR                  EXTPGM('CFLC_PROT3')
     D  DEBUG_FLAG                    1A
      *
     D MAIN            PI
     D  DEBUG_FLAG                    1A

      /FREE

       *inlr = *on;

       // Set up debug - if a parameter is present, debug is on...

       if %parms() >= 1;
         http_debug_sts = *ON;
         http_debug(http_debug_sts);
       endif;

       // Before you can use the https (http over SSL) stuff, you
       //  must call https_init() to initialize the SSL APIs.
       //
       // You can pass an application ID as the first parameter
       // if you want full control over the SSL configuration of
       // that application.  This application ID will match an
       // application definition in the digital certificate
       // manager.

       rc = https_init( APP_ID );

       if rc < 0;
         msg = http_error(rc);
         dsply '' ' ' msg;
         return;
       endif;

       //*  The only diff between using HTTPS and using HTTP is
       //*  the URL that we pass.  It starts with 'https://'

       rc = http_url_get_raw(
           'https://webapps.doj.ca.gov/cflc/index.jsp'
           :1
           :%paddr('INCOMING') );

       if rc <> 1;
         msg = http_error;
         dsply '' ' ' msg;
         rc = https_cleanup;
         return;
       endif;


       // Convert the data we just received to EBCDIC and then
       // Pretend the user clicked the "Enroll in CFLC link...

       if retlen > 1;
         http_xlate(retlen: retdata: TO_EBCDIC);
         url_start = %scan('addEnrolee.do' :retdata);
         if url_start > *zero;
           next_url = 'https://webapps.doj.ca.gov/cflc/' +
             %subst(retdata :url_start :43);
         endif;
       endif;


       //*  Do another HTTP get to get that page, hopefully...

       retlen = 0;
       reset nextpos;

       rc = http_url_get_raw(
              'https://webapps.doj.ca.gov/cflc/addEnrolee.do'
                      + '?dispatch=enrollmentGuidelines'
           :1
           :%paddr('INCOMING') );

       if rc <> 1;
         msg = http_error;
         dsply '' ' ' msg;
         rc = https_cleanup;
         return;
       endif;

       // convert the data we just received to EBCDIC
       if retlen > 1;
         http_xlate(retlen: retdata: TO_EBCDIC);
       endif;

       // When done, make sure you call this function to free up
       // the memory that the HTTPS functions used, and close the
       // persistent connection to the server.

       rc = https_cleanup;

       if http_debug_sts;
         http_debug(*OFF);
       endif;

       return;

      /END-FREE


      //++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
      //  this procedure will receive the raw data from the server
      //++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     P incoming        B
     D incoming        PI            10I 0
     D   descriptor                  10I 0 value
     D   data                      8192A   options(*varsize)
     D   datalen                     10I 0 value
      /FREE

       // Make sure we don't overflow the string:
       retlen = (nextpos + datalen) - 1;
       if retlen > %size(retdata);
         datalen=datalen-(retlen-%size(retdata));
       endif;

       // If there is nothing to write, return THAT...
       if datalen < 1;
         return 0;
       endif;

       // Here we add any data sent to the end of our 'retdata' string:
       %subst(retdata: nextpos) =
           %subst(data:1:datalen);
       nextpos = nextpos + datalen;

       // We always return the amount of data that we wrote.   Note
       //  that if http-api sees that we didn't write as much data as
       //  it sent us, it'll abort the process with an error message.
       return datalen;
      /END-FREE
     P                 E
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------