From 30120827437775b868a4391d5c8d1dc226fa117e Mon Sep 17 00:00:00 2001
From: Michael Billington <michael.billington@gmail.com>
Date: Sat, 23 May 2015 23:45:12 +1000
Subject: [PATCH] add option to disable debugging features for production
 installs, enhance receipt printing

---
 README.md                              |  44 +---------
 lib/Auth.php                           |  10 ++-
 lib/misc/ReceiptPrinter.php            | 108 ++++++++++++++-----------
 lib/util/Cleanup_util/Cleanup_util.php |  26 ++++--
 lib/util/Cleanup_util/layout/main.inc  |   3 +-
 lib/vendor/escpos-php                  |   2 +-
 maintenance/bin/authqueue.php          |  11 ++-
 maintenance/schema/data/defaults.sql   |   1 -
 site.example/config.php                |  10 ++-
 site.example/logo.png                  | Bin 0 -> 3292 bytes
 10 files changed, 110 insertions(+), 105 deletions(-)
 create mode 100644 site.example/logo.png

diff --git a/README.md b/README.md
index 95a3165..e1f57dc 100644
--- a/README.md
+++ b/README.md
@@ -73,49 +73,9 @@ Now import the schema into phpmyadmin, from maintenance/schema/auth.sql, and the
 
 Now cd /usr/share/auth.
 
-Under site/, create a file called bg.jpg, with some company artwork, and config.php. Remembering database and LDAP settings, this is a basic config example.
+Copy site.example/ to site/, and replace bg.jpg and logo.png with some company artwork, and config.php. Remembering database and LDAP settings, enter these in config.php.
 
-        <?php
-        /* Timezone for the ActionQueue */
-        date_default_timezone_set('UTC');
-
-        /* All other options */
-        $config = array(
-            'Database' =>
-                array(
-                    'name' => 'auth_main',
-                        'host' => 'localhost',
-                        'user' => 'auth',
-                        'password' => '...password here...'
-                ),
-                'Util' =>
-                    array(
-                        'Cleanup'     => 'Directory Cleanup Tools'
-                    ),
-                'pidfile' => '/var/run/lock/meta-auth.pid',
-                'logfile' => '/var/log/meta-auth.log',
-                'login' =>
-                    array(
-                        'url' => 'ldap://localhost',
-                            'domain' => "dc=example,dc=com",
-                            'service_id' => 'ldap1',
-                            'admin' => array('admin'),
-                            'assistant' => array(),
-                            'assist' =>
-                                array(
-                                    'domain_id' => 'default',
-                                    'service_id' => 'ldap1'	
-                                )
-		        )
-		'ReceiptPrinter' => array( // Receipt printer, or 0.0.0.0 for no printer
-				'ip' => '0.0.0.0',
-				'port' => '9100',
-				'header' => 'Example',
-				'footer' => 'Terms and conditions'
-			)
-        );
-
-Note: Debian 6 Uses /var/lock, not /var/run/lock.
+(Note for lock files: Debian 6 Uses /var/lock, not /var/run/lock)
 
 Open the database up and look at the 'service' table. If you are administering LDAP on localhost (this is the default set-up), then correct the domain name and password to make it work. 
 
diff --git a/lib/Auth.php b/lib/Auth.php
index 1cb4e75..20c9894 100644
--- a/lib/Auth.php
+++ b/lib/Auth.php
@@ -83,5 +83,13 @@ static public function alphanumeric($inp) {
 	static public function normaliseName($inp) {
 		return strtolower(preg_replace("#[^-a-zA-Z0-9.'_]+#", "", trim($inp)));
 	}
-
+	
+	/**
+	 * Return true if debugging is enabled, false if not. Some functions log less
+	 * data and remove dangerous features when debugging is off (a good idea for production installs)
+	 */
+	static public function isDebug() {
+		$conf = Auth::getConfig("login");
+		return isset($conf['debug']) && $conf['debug'] == true;
+	}
 }
\ No newline at end of file
diff --git a/lib/misc/ReceiptPrinter.php b/lib/misc/ReceiptPrinter.php
index c5c67b0..85433d6 100644
--- a/lib/misc/ReceiptPrinter.php
+++ b/lib/misc/ReceiptPrinter.php
@@ -4,7 +4,7 @@ class ReceiptPrinter {
 	private static $conf; /* Config */
 	
 	public static function init() {
-		require_once(dirname(__FILE__) . "/../vendor/escpos-php/escpos.php");
+		require_once(dirname(__FILE__) . "/../vendor/escpos-php/Escpos.php");
 		self::$conf = Auth::getConfig(__CLASS__);
 	}
 
@@ -12,55 +12,69 @@ public static function pwresetReceipt(AccountOwner_model $owner, $password) {
 		if(!isset(self::$conf['ip']) || self::$conf['ip'] == "0.0.0.0") {
 			return false;
 		}
-		
-		if(!$fp = fsockopen(self::$conf['ip'], self::$conf['port'], $errno, $errstr, 2)) {
-			throw new Exception("Couldn't connect to receipt printer: $errno $errstr");
-		}
-		
-		/* Header */
-		$printer = new escpos($fp);
-		$printer -> set_justification(escpos::JUSTIFY_CENTER);
-		$printer -> set_emphasis(true);
-		$printer -> text(self::$conf['header'] . "\n");
-		$printer -> set_emphasis(false);
-		$printer -> feed();
-		$printer -> text("User Account Information\n");
-		$printer -> feed(2);
-		$printer -> set_justification(escpos::JUSTIFY_LEFT);
-		
-		/* User info */
-		$barcode = "";
-		$seen = array();
-		$printer -> text("User Account:\n  " . $owner -> owner_firstname . " " . $owner -> owner_surname . "\n\n");
-		$printer -> text("Login name(s):\n");
-		foreach($owner -> list_Account as $acct) {
-			if(!isset($seen[$acct -> account_login])) {
-				$printer -> text("  " . $acct -> account_login . "\n");
-				$seen[$acct -> account_login] = true;
-				if(is_numeric($acct -> account_login) && ($barcode == "" || strlen($acct -> account_login) < strlen($barcode))) {
-					$barcode = $acct -> account_login;
+		try {
+			$connector = new NetworkPrintConnector(self::$conf['ip'], self::$conf['port']);
+			$profile = SimpleCapabilityProfile::getInstance();
+			$printer = new Escpos($connector, $profile);
+
+			/* Header */
+			$printer -> setJustification(Escpos::JUSTIFY_CENTER);
+			if(isset(self::$conf['logo']) && file_exists(self::$conf['logo'])) {
+				/* Include top image if set & available */
+				$logofile = self::$conf['logo'];
+				$ser = $logofile . ".ser";
+				if(file_exists($ser)) {
+					$img = unserialize(file_get_contents($ser));
+				} else {
+					$img = new EscposImage($logofile);
+					@file_put_contents($ser, serialize($img)); // Attempt to cache
 				}
+				$printer -> bitImage($img);
 			}
-		}
-		$printer -> feed();
-		$printer -> text("Password:\n  $password\n");
-		$printer -> feed(2);
-		
-		/* Footer */
-		$printer -> text(self::$conf['footer']  . "\n");
-		$printer -> feed();
-		
-		/* Barcode */
-		if($barcode != "") {
-			$printer -> set_justification(escpos::JUSTIFY_CENTER);
-			$printer -> barcode($barcode, escpos::BARCODE_CODE39);
+			$printer -> setEmphasis(true);
+			$printer -> text(self::$conf['header'] . "\n");
+			$printer -> setEmphasis(false);
+			$printer -> feed();
+			$printer -> text("User Account Information\n");
+			$printer -> feed(2);
+			$printer -> setJustification(Escpos::JUSTIFY_LEFT);
+
+			/* User info */
+			$barcode = "";
+			$seen = array();
+			$printer -> text("User Account:\n  " . $owner -> owner_firstname . " " . $owner -> owner_surname . "\n\n");
+			$printer -> text("Login name(s):\n");
+			foreach($owner -> list_Account as $acct) {
+				if(!isset($seen[$acct -> account_login])) {
+					$printer -> text("  " . $acct -> account_login . "\n");
+					$seen[$acct -> account_login] = true;
+					if(is_numeric($acct -> account_login) && ($barcode == "" || strlen($acct -> account_login) < strlen($barcode))) {
+						$barcode = $acct -> account_login;
+					}
+				}
+			}
+			$printer -> feed();
+			$printer -> text("Password:\n  $password\n");
+			$printer -> feed(2);
+
+			/* Footer */
+			$printer -> text(self::$conf['footer']  . "\n");
 			$printer -> feed();
-			$printer -> text($barcode);
-			$printer -> feed(1);
-			$printer -> set_justification(escpos::JUSTIFY_LEFT);
+
+			/* Barcode */
+			if($barcode != "") {
+				$printer -> setJustification(Escpos::JUSTIFY_CENTER);
+				$printer -> barcode($barcode, Escpos::BARCODE_CODE39);
+				$printer -> feed();
+				$printer -> text($barcode);
+				$printer -> feed(1);
+				$printer -> setJustification(Escpos::JUSTIFY_LEFT);
+			}
+			$printer -> cut();
+			$printer -> close();
+		} catch(Exception $e) {
+			trigger_error($e -> getMessage()); // Should be logged some-place for troubleshooting.
+			return false;
 		}
-		$printer -> cut();
-		
-		fclose($fp);
 	}
 }
diff --git a/lib/util/Cleanup_util/Cleanup_util.php b/lib/util/Cleanup_util/Cleanup_util.php
index 5b4dc44..4b064bc 100644
--- a/lib/util/Cleanup_util/Cleanup_util.php
+++ b/lib/util/Cleanup_util/Cleanup_util.php
@@ -6,7 +6,9 @@
  *
  */
 class Cleanup_util extends util {
-	private static $config;
+	private static $config;
+
+	private static $debug;
 
 	/**
 	 * Initialise utility
@@ -16,7 +18,8 @@ public static function init() {
 		self::verifyEnabled();
 		
 		Auth::loadClass("Ou_api");
-		Auth::loadClass("ActionQueue_api");
+		Auth::loadClass("ActionQueue_api");
+		self::$debug = Auth::isDebug();
 	}
 
 	/**
@@ -69,12 +72,20 @@ public static function admin() {
 						$data['message'] = "The queue has been emptied.";
 						break;
 					case 'eraseLocal':
-						self::eraseLocal();
-						$data['message'] = "All local entries have been erased.";
+						if(self::$debug) {
+							self::eraseLocal();
+							$data['message'] = "All local entries have been erased.";
+						} else {
+							$data['message'] = "This feature is disabled.";
+						}
 						break;
 					case 'dummyData':
-						self::dummyData();
-						$data['message'] = "Dummy data has been introduced.";
+						if(self::$debug) {
+							self::dummyData();
+							$data['message'] = "Dummy data has been introduced.";
+						} else {
+							$data['message'] = "This feature is disabled.";
+						}
 						break;
 					default:
 						throw new Exception("Unknown action: $action");
@@ -85,7 +96,8 @@ public static function admin() {
 		}		
 		
 		$data['service-enabled'] = Service_model::list_by_service_enabled('1');
-		$data['service-disabled'] = Service_model::list_by_service_enabled('0');		
+		$data['service-disabled'] = Service_model::list_by_service_enabled('0');
+		$data['debug'] = self::$debug;
 		return $data;
 	}
 
diff --git a/lib/util/Cleanup_util/layout/main.inc b/lib/util/Cleanup_util/layout/main.inc
index 476b094..f02115c 100644
--- a/lib/util/Cleanup_util/layout/main.inc
+++ b/lib/util/Cleanup_util/layout/main.inc
@@ -158,7 +158,7 @@
 					queue, you can clear the queue with this button:</p>
 				<a class="btn" href="#" onClick="emptyAq();">Empty the ActionQueue</a>
 			</div>
-
+<?php if($data['debug']) { ?>
 			<div class="alert alert-danger">
 				<h3>Danger zone</h3>
 				<h4>Erase local database</h4>
@@ -172,6 +172,7 @@
 				<a class="btn btn-danger" href="#" onClick="dummyData();">Add dummy
 					data</a>
 			</div>
+<?php } ?>
 		</div>
 	</div>
 </div>
diff --git a/lib/vendor/escpos-php b/lib/vendor/escpos-php
index 4257a17..5bbc8c9 160000
--- a/lib/vendor/escpos-php
+++ b/lib/vendor/escpos-php
@@ -1 +1 @@
-Subproject commit 4257a17fb39810a627548f0668001ed9d6672123
+Subproject commit 5bbc8c966632d826c33a8f64fb8e0233c125e556
diff --git a/maintenance/bin/authqueue.php b/maintenance/bin/authqueue.php
index e63d858..efcfb50 100755
--- a/maintenance/bin/authqueue.php
+++ b/maintenance/bin/authqueue.php
@@ -6,6 +6,7 @@
 try{
 	$pidfile = Auth::getConfig('pidfile');
 	$logfile = Auth::getConfig('logfile');
+	$isDebug = Auth::isDebug();
 	if(!$pf = fopen($pidfile, "w")) {
 		throw new Exception("Couldn't open PID file $pidfile. Check that it is write-able.");
 	}
@@ -46,9 +47,13 @@
 
 		try {
 			if(process($next)) {
-				try {
-					$next -> aq_complete = 1;
-					$next -> update();
+				try {
+					if($isDebug) {
+						$next -> aq_complete = 1;
+						$next -> update();
+					} else {
+						$next -> delete();
+					}
 				} catch(Exception $e) {
 					outp("\tProblem marking item as done; Was it cancelled while it was running?");
 				}
diff --git a/maintenance/schema/data/defaults.sql b/maintenance/schema/data/defaults.sql
index cbca4d6..0266200 100644
--- a/maintenance/schema/data/defaults.sql
+++ b/maintenance/schema/data/defaults.sql
@@ -59,4 +59,3 @@ INSERT INTO `Service` (`service_id`, `service_name`, `service_enabled`, `service
 INSERT INTO `ListServiceDomain` (`service_id`, `domain_id`, `sd_root`, `sd_secondary`) VALUES
 ('ldap1', 'default', '', 0);
 
-INSERT INTO `auth_main`.`ListServiceDomain` (`service_id`, `domain_id`, `sd_root`, `sd_secondary`) VALUES ('ldap1', 'default', '', '0');
diff --git a/site.example/config.php b/site.example/config.php
index f302e42..b131a92 100644
--- a/site.example/config.php
+++ b/site.example/config.php
@@ -28,12 +28,18 @@
 				array(
 					'domain_id' => 'default',
 					'service_id' => 'ldap1'	
-				)
+				),
+			// Leaves data in the database, enables the directory cleanup
+			// "Delete all local data" button. These are useful for initial
+			// setup, but should be disabled afterward.
+			'debug' => 'true'
 		),
 	'ReceiptPrinter' => array( // Receipt printer, or 0.0.0.0 for no printer
 			'ip' => '0.0.0.0',
 			'port' => '9100',
 			'header' => 'Example',
-			'footer' => 'Terms and conditions'
+			'footer' => 'Terms and conditions',
+			// Optional - printed at top of receipts if set
+			'logo' => dirname(__FILE__) . "/logo.png"
 		)
 );
diff --git a/site.example/logo.png b/site.example/logo.png
new file mode 100644
index 0000000000000000000000000000000000000000..47bbc99cd7f76d6e67ed6855453a0266e136a67d
GIT binary patch
literal 3292
zcmbVP_dDB*7yh6&v70KYw3phewMVVmo1&`rtb|&jQ9?_qHEWC2)~u*4c4CxkRn-=n
zxK^!1ORZdd-GAZxoaemfJn#A8eSbO6b55eAxdAKFbtV7+Sd9$ztO0=P{$+2-KzE7A
zCdrV?Lg#K`pa)$17bRU48J7%WkfGz{gqiEVqyq8_u3eJ!p+;u<^aNTkE4M)4KckbE
z6mO`$L#S>b1mXn^1$2YG+(NxPZ^HaSeQz2VnOWM$g1`X4qGzP1Z5y$$TL`bSvlAH9
z%6TjNi_?-ZnftqEl&4?!7`Xf&yq;8^yp_kE)r_U8zp+{VyGI$Rre;m0dUAt%9Qm;y
z+~0U)$cXFFYDeAjM+Cjsnjw$!A38rRZaz|>s7n*ZM~jjgZ@_E*IAObH0?(qi<Jff=
zgkJq0@F8p-XyuGxb)ZGp>@f)G<t$Gzl+E&RyTV+xh~h*en_~%tQfx(R2f_wnk+n9@
zFvs}wmYko|DK!Roi@3*2+bLl|J&`8}`&Cb-E4b3hIp2L`YLo&z!NfRGvt(5^fw-6~
zpIalGGj?NBJATf^T#rCMkiQ5?G+xOjInL`Wi3mqh&Cw}Ot(JG~VBR{lI;#OkG`jw_
zKQ?ZQ*Yr)$LS8geKgRk_*ArMAEIslrs{7xEJwzM<YBUr8b)|b%D^YUWoi)~1sGZ8j
z`eC#J0*`RSxtAczmUynQ?$k<8<#h7cQ_;i*0@(VR@emw6&X_1g6eH3R8C?6sxBY3N
z8AfR}`wPWW%mM_Fz$|s`f?6l*B7IVWQ9kksE)S>MO7qzw=m8}MQH9%7?y#>$1DM9>
zDE3@>Nt)~xkfb-27VTlvdCJ-`4vwWsO8Ps7o%HSF0uK=!yB~l)f7;;SkH6JYcN{#>
zvX(Wii%>(vAA&Bfd<N(+ulZYEQLFPuT-|s?<m!gUx+SXjnH_8Gt)6_#oUxZ+AvqAA
zmE7tJU*}QaDrMdKquAOV9LSPMVW_J&YhttBDu!+Xr&LOLLE)tbM{eo(b{^a`u0-S^
zq63(ePnr#|G0pPD82!w^)+lrmKHJ^Fao|Q-AShaXcE@nFpsFGACkC!*Svc9UeGS)o
zHLb6m@wYZEK2c`vAHDAQqNo=ESvFNRB#Tv)K)R3L8(!j$_^zrC{cxd!e%`pj;TPQ&
z&Q3|;-8@gsW_P-q`?LvFc%$9KR>2E6&(~*a{ZC?}ZiRGiAL#L7Yz+yM;ewHC>$4nc
z8I!Lu6U9Ijciwq{NKRk-9h?m(_5yc)R^E?wArEyxJbgxuR-HKWYF$d4VRlu3J*wvJ
z5QKaCf$ekiD<WWrb8#Y3#0mky1wQ>&?#F1OtCAD(ef;l}?h4W2lZWvFeO&i^@hk=V
zVfh-G<pmN7GadZLCR`(K&fG*SCw5%MX~_(L(o5I%n15f|VUlynM@!UfitVam>0X9Z
zS1jtvL#y^R*?>XIoy0TbVXS`>b!SNe<kYJq#j&W#Be*-TV>h83AehzTTTl?pLkQ}f
zJ9tsL@00X)i20?A5K~Zbf1~;@xWRzxX?{s3cO@C3N)aXftil|qLru<ah=oC29~}7M
z$YZ|I?`pQ_R(kUl`wL%@1&@cN7&5!M81;SckKfZJ=VsnL$}MaZ-7CCboOuQQcoiJo
zE;iOPqlBUvq-OJx)tGXkivGc})@}4mBB<cc<ba~LE(Cvf0+b#_u18fA<!EfSNJl`E
zYh0gdj(Aq3Hbb076lDG){LDPP)C9{2YZBkn<a+MABZd|zURW(ZV~pck9XqW<CYCTD
zR=7u3hb&X;6+y@>kt@$jXAH17Mdhc2tXfY>#a#6Qm*R(9P4mY1Xa%pZZ{FTXUa|jn
zC|OdOGn$rM6J0B!qD&Dq{9bTKbuks#zt~0m<+x!?G~j7z)Y!STMUj<sU&>weUq9UT
z<};IL0MkXf;rgdcgXgT7*lnI<P<ws80tHE8W^;*6Yv_GtqUxgG0cWFzWFKv}1$}h-
z$HK_0hf*VtnE83;*@TqR5?QSgT^iN@w(*KYFcO9+X>n{2aXD4X4LRQ7Ydm*6Y+2V2
z2|?z|%~QO|X?@u?h%%X;c;2nkx$JL_o1iGd!yNslMqX~>7%!zCR`=WVB{y-Ib|LGl
zZyoi4K<}B5feHpb+}1VR_QGh`&FV)m-(N_nDqsZrE^ATe>T*<HLxT!Q{G+fgC10D$
zJ8VUH*k%BAX~~DX5~xj%AP5U2Z#>_k7^eh-_A>W%csxQQv{gS^1v?meB#0K3o_X4_
zZd-JOkYYl^(^BlB_x<mt=Q~q@M(31Jw5DvymIyFUB|tWxYM#pQz8||k?9)d=O+t$#
zeH;sSo6IDTOH9{0+lnd*PP{HO*f%OwCIbRc-jzOV#NSL0NJhMBn6d1Y?GaW1$M^+U
z9JW-O+}(t0popGd2wUVsI*7-{Am-zDf@AH=_g1VAf5#-Dj~JYmzeJ5~c(Kp)F$f-6
zG)v)R7me^hfkglNS4)rbU(iPQ4*WX&GoBQ;TFxnYwUxRcuX6i_MZUx%SLRNaWDHJ!
zGwH$5<;J;gK2^#8I>9mYI{BJZwD@vb1(=aAz{jN+;&YQ+M9W~Ra0h4bTFDpVbn3~w
z!dD6)BZrSew1cCW&ik6Bs_%r{th2*qD`ze6#~p*1NxnL?b9YqGC~CC+dDA4}UMm+K
z`l?XM-fA9BfOSPC;c*E~pZP}H(mld%M7s>uTrUL}qxRk~Bwt5d$fx*(%u(af<Mvr%
zrKKuc+p(Ies=6A3bi>N;8F^ekuGV>RyQ(cC_EHhIxHeNQ=7n9d-7gLb#Vee5C-E&<
zW+w-#@Z7z4X_}uj|1x1?*1}ldp*UB54Hl<-txRiaVp}@SoIW3?CTj@7Y)n}ACRFI6
zrKI&53ZAsum=(W|QQx#O)d;dO)pUHK(@6vC;&EMClO@ZYo42xK%&JH_w$vwhPKoM?
zR@tU+&H6dnH7q6pu7$ymZjQfHj;S0{PCenQom4@StRCN4R8VYF?1^7UuG@{c$UHQY
z)h@F0hR<^-f1^_va%}yX0JBc&BlM|!=yvFN9R-pOUOzF^-H+N%tq8yq1i@Do>5h{`
z&)kV7t!f+@Eb?k&SC0c16SGj$t!cd!1WW^abeE63UPM?2Vj6zICx0{|lL<Eq;8Q=m
zo$$gFIR=jkjmi#$_vY_kjLGFa?>%h@4PImh$6;hh!f8TOs2Q3f2<&eyl2^eB*)+p3
zAPFS923GA?;{`9|c~*|q_ISO0DH#H9YmUsX$&?VoJs)x#Q+eY~gUTojfq53~bDg*c
z(i^p_Em~TlW&oGQL_4uv>_~T<-&%6g@u$yU1g=@F9HMc83QqZ^BmR#G@K=5K2i6p3
zk#f4Ng`OW}*<oD?TF=Xz=uT208G##(qR(P5D(jK42eMtyhuwr09qN8Np&ZV>h~rDa
z5$Lq=I%vS2?3)fA4|!6in#k@RgIgZIm~Dp5cl6&ADHsSnyZdA9GbP2cuZ{kXXYYxH
z?Lw=QA1!${*c&@*(9m6|S1bs935`sqKvVgd>KIhehBvfuv|+X_)j@8)a<|W#o+OXj
zzuA^@i7w8ZyE^;Eexyah4=qPq)I1hB5CB$K9SoKsJzN>I{w^tLc;ovi>AC_b=JCtt
z=dmFT=9DvL?*~;0IYCfyi_%g@C{lIS)@pp(+v9QiN0<G%qu+X-+(O9sZ+x(i#`k{J
zJGS89D^M8d?8SUpYjse<^PNnEU+}#gkh!<hiDr1?TGS{-6Ul7N2C)O@EqBO}!jp_b
zyIDKbL&-atwO+`ww!E;wg}rG?Ld_i9Ue+J8VlJRNdx3r1(HucwX<1_|-?O(DW3H|#
zU`$usc02qWxmCy-g^GYBDK;*RjXI1|^Q|Pyf9>KpCjZ5vk(yuA#;IZ2BmJqjv-!KJ
zl811Xr^aesoo?En`0&Q!WO=nASB0P0z?T|)8?eK>HOtSiiaK<s%jel-fMO`w!qdBT
zm9IkzvI818DS>(mmUt;fo76x;M(55$=X-2!B%tC{*<l9DBFb7=i{VwT6aln4^o<C)
zV2O7lO{*8=X^d&;^g8TELag?ZRxOz<J-O6{X82Tg%In#6(6xqCOhPkG?bXcf>hud-
zr+lB3<}bpD0g|xqCx<tLZX-XeDd$C1MB*#A`%iBo7pP$n&``RM?r-Og+j=8I@3~!P
z*R{gFit3pRy$?V*qY_)MO>!u^)Zev#`R?VP+t-QCGPjZMbpMaDTrX$+LLqmx_aE_<
Rl*^|BFw!^I`>f*{_dj%~I+y?e

literal 0
HcmV?d00001