From 5929d13147a3022c24f9671d57c3b2555a992feb Mon Sep 17 00:00:00 2001 From: Skylar Ittner Date: Sat, 29 Apr 2017 02:35:49 -0600 Subject: [PATCH] Add API, auth logging, AD support TODO: Test changing AD passwords --- action.php | 35 ++- api.php | 119 ++++++++++ composer.json | 4 +- composer.lock | 487 +++++++++++++++++++++++++++++++++++++++- database.mwb | Bin 8190 -> 14332 bytes home.php | 7 +- index.php | 72 +++--- lang/en_us.php | 5 + lang/messages.php | 8 + lib/login.php | 307 ++++++++++++++++++++++++- nbproject/project.xml | 2 +- required.php | 105 +-------- settings.template.php | 39 +++- static/img/logo.svg | 78 +++++++ static/img/logo_512.png | Bin 0 -> 19801 bytes 15 files changed, 1112 insertions(+), 156 deletions(-) create mode 100644 api.php create mode 100644 static/img/logo.svg create mode 100644 static/img/logo_512.png diff --git a/action.php b/action.php index a6a50ab..13bd694 100644 --- a/action.php +++ b/action.php @@ -3,10 +3,14 @@ /** * Make things happen when buttons are pressed and forms submitted. */ +use LdapTools\LdapManager; +use LdapTools\Object\LdapObjectType; + require_once __DIR__ . "/required.php"; dieifnotloggedin(); +require_once __DIR__ . "/lib/login.php"; require_once __DIR__ . "/lib/worst_passwords.php"; function returnToSender($msg, $arg = "") { @@ -21,12 +25,12 @@ function returnToSender($msg, $arg = "") { switch ($VARS['action']) { case "signout": + insertAuthLog(11, $_SESSION['uid']); session_destroy(); header('Location: index.php'); die("Logged out."); case "chpasswd": - $oldmatch = comparePassword($VARS['oldpass'], $database->select('accounts', 'password', ['uid' => $_SESSION['uid']])[0]); - if ($oldmatch) { + if ($_SESSION['password'] == $VARS['oldpass']) { if ($VARS['newpass'] == $VARS['conpass']) { $passrank = checkWorst500List($VARS['newpass']); if ($passrank !== FALSE) { @@ -35,8 +39,29 @@ switch ($VARS['action']) { if (strlen($VARS['newpass']) < MIN_PASSWORD_LENGTH) { returnToSender("weak_password"); } - $database->update('accounts', ['password' => encryptPassword($VARS['newpass'])], ['uid' => $_SESSION['uid']]); - returnToSender("password_updated"); + + $acctloc = account_location($_SESSION['username'], $_SESSION['password']); + + if ($acctloc == "LOCAL") { + $database->update('accounts', ['password' => encryptPassword($VARS['newpass'])], ['uid' => $_SESSION['uid']]); + $_SESSION['password'] = $VARS['newpass']; + insertAuthLog(3, $_SESSION['uid']); + returnToSender("password_updated"); + } else if ($acctloc == "LDAP") { + $ldapManager = new LdapManager($ldap_config); + $repository = $ldapManager->getRepository(LdapObjectType::USER); + $user = $repository->findOneByUsername($_SESSION['username']); + $user->setPassword($VARS['newpass']); + try { + $ldapManager->persist($user); + insertAuthLog(3, $_SESSION['uid']); + returnToSender("password_updated"); + } catch (\Exception $e) { + returnToSender("ldap_error", $e->getMessage()); + } + } else { + returnToSender("account_state_error"); + } } else { returnToSender("new_password_mismatch"); } @@ -49,9 +74,11 @@ switch ($VARS['action']) { returnToSender("invalid_parameters"); } $database->update('accounts', ['authsecret' => $VARS['secret']], ['uid' => $_SESSION['uid']]); + insertAuthLog(9, $_SESSION['uid']); returnToSender("2fa_enabled"); case "rm2fa": $database->update('accounts', ['authsecret' => ""], ['uid' => $_SESSION['uid']]); + insertAuthLog(10, $_SESSION['uid']); returnToSender("2fa_removed"); break; } \ No newline at end of file diff --git a/api.php b/api.php new file mode 100644 index 0000000..6bdf63d --- /dev/null +++ b/api.php @@ -0,0 +1,119 @@ +has('apikeys', ['key' => $key]) !== TRUE) { + header("HTTP/1.1 403 Unauthorized"); + die("\"403 Unauthorized\""); +} + +switch ($VARS['action']) { + case "ping": + exit(json_encode(["status" => "OK"])); + break; + case "auth": + if (authenticate_user($VARS['username'], $VARS['password'])) { + insertAuthLog(12); + exit(json_encode(["status" => "OK", "msg" => lang("login successful", false)])); + } else { + insertAuthLog(13); + exit(json_encode(["status" => "ERROR", "msg" => lang("login incorrect", false)])); + } + break; + case "userinfo": + if (user_exists($VARS['username'])) { + $data = $database->select("accounts", ["uid", "realname (name)", "email", "phone" => ["phone1 (1)", "phone2 (2)"]], ["username" => $VARS['username']])[0]; + exit(json_encode(["status" => "OK", "data" => $data])); + } else { + exit(json_encode(["status" => "ERROR", "msg" => lang("login incorrect", false)])); + } + break; + case "userexists": + if (user_exists($VARS['username'])) { + exit(json_encode(["status" => "OK", "exists" => true])); + } else { + exit(json_encode(["status" => "OK", "exists" => false])); + } + break; + case "hastotp": + if (userHasTOTP($VARS['username'])) { + exit(json_encode(["status" => "OK", "otp" => true])); + } else { + exit(json_encode(["status" => "OK", "otp" => false])); + } + break; + case "verifytotp": + if (verifyTOTP($VARS['username'], $VARS['code'])) { + exit(json_encode(["status" => "OK", "valid" => true])); + } else { + insertAuthLog(7); + exit(json_encode(["status" => "ERROR", "msg" => lang("2fa incorrect", false), "valid" => false])); + } + break; + case "acctstatus": + exit(json_encode(["status" => "OK", "account" => get_account_status($VARS['username'])])); + case "login": + // simulate a login, checking account status and alerts + if (authenticate_user($VARS['username'], $VARS['password'])) { + switch (get_account_status($VARS['username'])) { + case "LOCKED_OR_DISABLED": + insertAuthLog(5); + exit(json_encode(["status" => "ERROR", "msg" => lang("account locked", false)])); + case "TERMINATED": + insertAuthLog(5); + exit(json_encode(["status" => "ERROR", "msg" => lang("account terminated", false)])); + case "CHANGE_PASSWORD": + insertAuthLog(5); + exit(json_encode(["status" => "ERROR", "msg" => lang("password expired", false)])); + case "NORMAL": + insertAuthLog(4); + exit(json_encode(["status" => "OK"])); + case "ALERT_ON_ACCESS": + sendLoginAlertEmail($VARS['username']); + insertAuthLog(4); + exit(json_encode(["status" => "OK", "alert" => true])); + default: + insertAuthLog(5); + exit(json_encode(["status" => "ERROR", "msg" => lang("account state error", false)])); + } + } else { + insertAuthLog(5); + exit(json_encode(["status" => "ERROR", "msg" => lang("login incorrect", false)])); + } + break; + case "ismanagerof": + if (user_exists($VARS['manager'])) { + if (user_exists($VARS['employee'])) { + $managerid = $database->select('accounts', 'uid', ['username' => $VARS['manager']]); + $employeeid = $database->select('accounts', 'uid', ['username' => $VARS['employee']]); + if ($database->has('managers', ['AND' => ['managerid' => $managerid, 'employeeid' => $employeeid]])) { + exit(json_encode(["status" => "OK", "managerof" => true])); + } else { + exit(json_encode(["status" => "OK", "managerof" => false])); + } + } else { + exit(json_encode(["status" => "ERROR", "msg" => lang("user does not exist", false), "user" => $VARS['employee']])); + } + } else { + exit(json_encode(["status" => "ERROR", "msg" => lang("user does not exist", false), "user" => $VARS['manager']])); + } + break; + default: + header("HTTP/1.1 400 Bad Request"); + die("\"400 Bad Request\""); +} + /* } catch (Exception $e) { + header("HTTP/1.1 500 Internal Server Error"); + die("\"500 Internal Server Error\""); + } */ \ No newline at end of file diff --git a/composer.json b/composer.json index cf35bd3..23298f4 100644 --- a/composer.json +++ b/composer.json @@ -5,7 +5,9 @@ "require": { "catfan/medoo": "^1.2", "spomky-labs/otphp": "^8.3", - "endroid/qrcode": "^1.9" + "endroid/qrcode": "^1.9", + "ldaptools/ldaptools": "^0.24.0", + "guzzlehttp/guzzle": "^6.2" }, "authors": [ { diff --git a/composer.lock b/composer.lock index 7a21db0..76e01a1 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "content-hash": "3d5a548f8a7cbbd0c911987b1fab33a5", + "content-hash": "4965262916e04d361db07e7f14ed06d6", "packages": [ { "name": "beberlei/assert", @@ -230,6 +230,244 @@ ], "time": "2017-04-08T09:13:59+00:00" }, + { + "name": "guzzlehttp/guzzle", + "version": "6.2.3", + "source": { + "type": "git", + "url": "https://github.com/guzzle/guzzle.git", + "reference": "8d6c6cc55186db87b7dc5009827429ba4e9dc006" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/guzzle/guzzle/zipball/8d6c6cc55186db87b7dc5009827429ba4e9dc006", + "reference": "8d6c6cc55186db87b7dc5009827429ba4e9dc006", + "shasum": "" + }, + "require": { + "guzzlehttp/promises": "^1.0", + "guzzlehttp/psr7": "^1.4", + "php": ">=5.5" + }, + "require-dev": { + "ext-curl": "*", + "phpunit/phpunit": "^4.0", + "psr/log": "^1.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "6.2-dev" + } + }, + "autoload": { + "files": [ + "src/functions_include.php" + ], + "psr-4": { + "GuzzleHttp\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Michael Dowling", + "email": "mtdowling@gmail.com", + "homepage": "https://github.com/mtdowling" + } + ], + "description": "Guzzle is a PHP HTTP client library", + "homepage": "http://guzzlephp.org/", + "keywords": [ + "client", + "curl", + "framework", + "http", + "http client", + "rest", + "web service" + ], + "time": "2017-02-28T22:50:30+00:00" + }, + { + "name": "guzzlehttp/promises", + "version": "v1.3.1", + "source": { + "type": "git", + "url": "https://github.com/guzzle/promises.git", + "reference": "a59da6cf61d80060647ff4d3eb2c03a2bc694646" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/guzzle/promises/zipball/a59da6cf61d80060647ff4d3eb2c03a2bc694646", + "reference": "a59da6cf61d80060647ff4d3eb2c03a2bc694646", + "shasum": "" + }, + "require": { + "php": ">=5.5.0" + }, + "require-dev": { + "phpunit/phpunit": "^4.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.4-dev" + } + }, + "autoload": { + "psr-4": { + "GuzzleHttp\\Promise\\": "src/" + }, + "files": [ + "src/functions_include.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Michael Dowling", + "email": "mtdowling@gmail.com", + "homepage": "https://github.com/mtdowling" + } + ], + "description": "Guzzle promises library", + "keywords": [ + "promise" + ], + "time": "2016-12-20T10:07:11+00:00" + }, + { + "name": "guzzlehttp/psr7", + "version": "1.4.2", + "source": { + "type": "git", + "url": "https://github.com/guzzle/psr7.git", + "reference": "f5b8a8512e2b58b0071a7280e39f14f72e05d87c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/guzzle/psr7/zipball/f5b8a8512e2b58b0071a7280e39f14f72e05d87c", + "reference": "f5b8a8512e2b58b0071a7280e39f14f72e05d87c", + "shasum": "" + }, + "require": { + "php": ">=5.4.0", + "psr/http-message": "~1.0" + }, + "provide": { + "psr/http-message-implementation": "1.0" + }, + "require-dev": { + "phpunit/phpunit": "~4.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.4-dev" + } + }, + "autoload": { + "psr-4": { + "GuzzleHttp\\Psr7\\": "src/" + }, + "files": [ + "src/functions_include.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Michael Dowling", + "email": "mtdowling@gmail.com", + "homepage": "https://github.com/mtdowling" + }, + { + "name": "Tobias Schultze", + "homepage": "https://github.com/Tobion" + } + ], + "description": "PSR-7 message implementation that also provides common utility methods", + "keywords": [ + "http", + "message", + "request", + "response", + "stream", + "uri", + "url" + ], + "time": "2017-03-20T17:10:46+00:00" + }, + { + "name": "ldaptools/ldaptools", + "version": "v0.24.0", + "source": { + "type": "git", + "url": "https://github.com/ldaptools/ldaptools.git", + "reference": "31e05ae6082fc7e61afc666e2c773ee8cb0e47b5" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/ldaptools/ldaptools/zipball/31e05ae6082fc7e61afc666e2c773ee8cb0e47b5", + "reference": "31e05ae6082fc7e61afc666e2c773ee8cb0e47b5", + "shasum": "" + }, + "require": { + "ext-ldap": "*", + "php": ">=5.6", + "ramsey/uuid": ">=3.0", + "symfony/event-dispatcher": ">=2.0", + "symfony/yaml": ">=2.0" + }, + "require-dev": { + "doctrine/cache": "~1.0", + "friendsofphp/php-cs-fixer": "~1.0", + "phpspec/phpspec": "~3.0", + "tedivm/stash": ">=0.14.1" + }, + "suggest": { + "doctrine/cache": "Provides the cache_type 'doctrine' to help increase performance.", + "ext-intl": "Better UTF-8 handling.", + "ext-mbstring": "Better UTF-8 handling.", + "tedivm/stash": "Provides the cache_type 'stash' to help increase performance." + }, + "type": "library", + "autoload": { + "psr-4": { + "LdapTools\\": "src/LdapTools" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Chad Sikorra", + "email": "Chad.Sikorra@gmail.com", + "homepage": "http://www.chadsikorra.com" + } + ], + "description": "LdapTools is a feature-rich LDAP library for PHP 5.6+.", + "homepage": "http://www.phpldaptools.com", + "keywords": [ + "Microsoft Exchange", + "active directory", + "ldap", + "openldap" + ], + "time": "2017-04-09T23:39:51+00:00" + }, { "name": "paragonie/random_compat", "version": "v2.0.10", @@ -278,6 +516,138 @@ ], "time": "2017-03-13T16:27:32+00:00" }, + { + "name": "psr/http-message", + "version": "1.0.1", + "source": { + "type": "git", + "url": "https://github.com/php-fig/http-message.git", + "reference": "f6561bf28d520154e4b0ec72be95418abe6d9363" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/php-fig/http-message/zipball/f6561bf28d520154e4b0ec72be95418abe6d9363", + "reference": "f6561bf28d520154e4b0ec72be95418abe6d9363", + "shasum": "" + }, + "require": { + "php": ">=5.3.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "psr-4": { + "Psr\\Http\\Message\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "http://www.php-fig.org/" + } + ], + "description": "Common interface for HTTP messages", + "homepage": "https://github.com/php-fig/http-message", + "keywords": [ + "http", + "http-message", + "psr", + "psr-7", + "request", + "response" + ], + "time": "2016-08-06T14:39:51+00:00" + }, + { + "name": "ramsey/uuid", + "version": "3.6.1", + "source": { + "type": "git", + "url": "https://github.com/ramsey/uuid.git", + "reference": "4ae32dd9ab8860a4bbd750ad269cba7f06f7934e" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/ramsey/uuid/zipball/4ae32dd9ab8860a4bbd750ad269cba7f06f7934e", + "reference": "4ae32dd9ab8860a4bbd750ad269cba7f06f7934e", + "shasum": "" + }, + "require": { + "paragonie/random_compat": "^1.0|^2.0", + "php": "^5.4 || ^7.0" + }, + "replace": { + "rhumsaa/uuid": "self.version" + }, + "require-dev": { + "apigen/apigen": "^4.1", + "codeception/aspect-mock": "^1.0 | ^2.0", + "doctrine/annotations": "~1.2.0", + "goaop/framework": "1.0.0-alpha.2 | ^1.0 | ^2.1", + "ircmaxell/random-lib": "^1.1", + "jakub-onderka/php-parallel-lint": "^0.9.0", + "mockery/mockery": "^0.9.4", + "moontoast/math": "^1.1", + "php-mock/php-mock-phpunit": "^0.3|^1.1", + "phpunit/phpunit": "^4.7|>=5.0 <5.4", + "satooshi/php-coveralls": "^0.6.1", + "squizlabs/php_codesniffer": "^2.3" + }, + "suggest": { + "ext-libsodium": "Provides the PECL libsodium extension for use with the SodiumRandomGenerator", + "ext-uuid": "Provides the PECL UUID extension for use with the PeclUuidTimeGenerator and PeclUuidRandomGenerator", + "ircmaxell/random-lib": "Provides RandomLib for use with the RandomLibAdapter", + "moontoast/math": "Provides support for converting UUID to 128-bit integer (in string form).", + "ramsey/uuid-console": "A console application for generating UUIDs with ramsey/uuid", + "ramsey/uuid-doctrine": "Allows the use of Ramsey\\Uuid\\Uuid as Doctrine field type." + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "3.x-dev" + } + }, + "autoload": { + "psr-4": { + "Ramsey\\Uuid\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Marijn Huizendveld", + "email": "marijn.huizendveld@gmail.com" + }, + { + "name": "Thibaud Fabre", + "email": "thibaud@aztech.io" + }, + { + "name": "Ben Ramsey", + "email": "ben@benramsey.com", + "homepage": "https://benramsey.com" + } + ], + "description": "Formerly rhumsaa/uuid. A PHP 5.4+ library for generating RFC 4122 version 1, 3, 4, and 5 universally unique identifiers (UUID).", + "homepage": "https://github.com/ramsey/uuid", + "keywords": [ + "guid", + "identifier", + "uuid" + ], + "time": "2017-03-26T20:37:53+00:00" + }, { "name": "spomky-labs/otphp", "version": "v8.3.0", @@ -342,6 +712,66 @@ ], "time": "2016-12-08T10:46:02+00:00" }, + { + "name": "symfony/event-dispatcher", + "version": "v3.2.7", + "source": { + "type": "git", + "url": "https://github.com/symfony/event-dispatcher.git", + "reference": "154bb1ef7b0e42ccc792bd53edbce18ed73440ca" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/154bb1ef7b0e42ccc792bd53edbce18ed73440ca", + "reference": "154bb1ef7b0e42ccc792bd53edbce18ed73440ca", + "shasum": "" + }, + "require": { + "php": ">=5.5.9" + }, + "require-dev": { + "psr/log": "~1.0", + "symfony/config": "~2.8|~3.0", + "symfony/dependency-injection": "~2.8|~3.0", + "symfony/expression-language": "~2.8|~3.0", + "symfony/stopwatch": "~2.8|~3.0" + }, + "suggest": { + "symfony/dependency-injection": "", + "symfony/http-kernel": "" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "3.2-dev" + } + }, + "autoload": { + "psr-4": { + "Symfony\\Component\\EventDispatcher\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony EventDispatcher Component", + "homepage": "https://symfony.com", + "time": "2017-04-04T07:26:27+00:00" + }, { "name": "symfony/options-resolver", "version": "v3.2.7", @@ -562,6 +992,61 @@ "shim" ], "time": "2016-11-14T01:06:16+00:00" + }, + { + "name": "symfony/yaml", + "version": "v3.2.7", + "source": { + "type": "git", + "url": "https://github.com/symfony/yaml.git", + "reference": "62b4cdb99d52cb1ff253c465eb1532a80cebb621" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/yaml/zipball/62b4cdb99d52cb1ff253c465eb1532a80cebb621", + "reference": "62b4cdb99d52cb1ff253c465eb1532a80cebb621", + "shasum": "" + }, + "require": { + "php": ">=5.5.9" + }, + "require-dev": { + "symfony/console": "~2.8|~3.0" + }, + "suggest": { + "symfony/console": "For validating YAML files using the lint command" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "3.2-dev" + } + }, + "autoload": { + "psr-4": { + "Symfony\\Component\\Yaml\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony Yaml Component", + "homepage": "https://symfony.com", + "time": "2017-03-20T09:45:15+00:00" } ], "packages-dev": [], diff --git a/database.mwb b/database.mwb index 07f7edc7a30863384393508272ff2e06c1261791..6c209b02a86640742212bb192b6966f2fa48679a 100644 GIT binary patch literal 14332 zcmZ|01$f*{5G81cnVDl|W@ct)hA}gZ8DhqmVayoE%*@P=nVDk7m}9T=@7=d|dwZHs zRXtMIXw>R{devQ}A`kfm6YSp>1)n2Fx#Lm@{aOCEfBD?)oy_gnSh+d5z*PRPdaz(q z7&&t3swo~!OkiNIDqp}*KkHdInR_?@9Nn25fM!fy4)z!R`fmF?^+&I7@DY!@**S(C zBG*Q<7Y$77iz7e$e>NMk3o65-egVW&s*0-}-oCv+Nsg!48;U@nGmpn-z(q4riITAQ zpom!RrGLEe5)!_dxS&fF8KX3ryFVFI2R;u`)AIfvv0;wfBb5yl9DGB836P)`=aTb1 znaKF-13-zVvEBXk6LH~7P0r_8<`3#Q(v~prJac;kKo0X<)ZPok4 z*&h~cZ+}q#HgX#7e{Y|EOt0MBw_OSm^@W5C}%?nxR@w$sn= zY3@a704nB{BvZtN9~%fR2|JuDt_x5496x~ul^K|f__N82-*Y))}Tqz}msvl}^Y+RD~4&YIHg2 zDi~8Ymu3eYZ}$wkTSHH5e%iXZrhH!Bd5YDCZRu{|dIA}5`SN5uwVUd)@6(5NH(CEA z#a*ZplB+Rx#`@C}4*8%@s5tDjb@pc|TeQkH+=yu(16|bDnApkSZ$PzX0phtorzu#B@ z)rsXSoTEcYC_|c7p78(>9!+$<8?;AWxhiE@_KI*!TP7nK>fC&--krT9`GqyT-gUEiavneUC4J~m~+ zg1S^3#_HD8WZwMi(nRE?ko;z8j-@SXt}|G#$%zP4=)P?4ZbQc=L*Gsl4K5FrC2@p% z>aI0+J7VA_sB7fyWD4;LMcJBzVFPgPJ5b!3`*WAoY4I(kCR-NKZChIxc(-~%aZfKF z3H=^dmJr=wiB@L39A=lLiFUygbIqB~{e!AeJjl~_Hl9_aqq)G)q#5R-)&^q3rS(;G zZ_>yvqBC@8H5Fn5BV~c~xWXBp|bK@o9hne9^nBX%Od-uS)*m?u%ps8*WH zQPcet-#O+1cft?_3m^g)o`JZwBY5%_ntTI$qYE~k92J?GRMt>S@BL0XnE}V%6CadU z)JJ6ub^ZE1Ydz*{exl+7cyoO6r==ohzhV9CqYMj;sIt!;6}1kXtezAO=GK{pqEuYx zw@=2GG$@R|YLfya{UC=dSibnxuPgJY5G!`b=PtmP43a{R56hGu!tzMxyaT&gOet9&2^aNWE_pRQA zyad1092TsEeZ2mme~&7x(u~p4yz06TqAH#KXE$eXdHxC&U=LRkdV_dW?tIR#sV8;%-;7MA1t5>bPq5;0)GI1(Cq6z|8ASW z{OZeA<+(B(3Y_idyn;64*o!;h^Um8A`bklG4Pgc7e6+Ob4{$4S!cR!wUY*$9X8~Z9 z->Ew&2-+kdHX&0QWBt1k29#Qm_xSeP zXW>dTl%Ia6UGE?&B3}>D(^UPA#z=%pLE6^DXXhk}S~|ysaZ@_zbVe;@W(!Rq_$t4; zNkMRvwH`9x5HYb%02S%Md%HS=m#ti5MdTzyzwp|Pn}jCaP80A`0jD)IecTRyzPzlZ zC^+&(L<6_ueNk7V}iy`QU8Zg zpZa&VQfoH3-bdU+hcNNk@v6Ksw=Q@dfL*OHgCcbkW? zx6h5$>Iir63bzZBl;JZ-q_(9)(tp7-v(GUdu%T*3e7VGfBD+Kl+HWJ}If7{0h? zAck}NGs*fu5S3iH43xiFn1T2~o_sao-_g-2)b%Re^bk7M!b6D8i=ML{sliWGbZv~z zsy$T3^5IE_B_?V<`~%W2z?gPHdVS#zE(m~0)jeMdMrsLJ|@)mM&B(GqPql3B<@1 zIkJbpN4MXvaOMOMY0JF6z6fS6O|E1tS#pK@L$2uXuVl22I|e7WQHf7_THEntUN$Bs zV{M*8Qilw&nkrG5W%Z5)B{u~p1GIa`-C=ZeV{|gh<{X35qXuueqSNtw2)uP?r>L&$ zH*eUU--1BinSR-V*Y#aTfOPI-oWLcei8Sf-N3oCNuUBUHd@PM=ERE4G9Z>aB*+HuG z%A6efqDwjiWB3K4CSPDb9~+5X>KJHLl_!qM?(_d!AdTt`jIG_TByKh8zD`c#);6To zva5z|4(FDN92ph;&NyjyRc61k{Nc_GNmQXQa?lWbwl$wJT@J+u?Oy3(XXVXwl3SCL z$@FPho#Vid<0Gq&odcjm6TiJ<@=+=mn%WcUAasGr9G7_#T08i$3=1obPRwE^JU`zV zU@Hk{E|zzDYIjIK9w(a}jwh7^u+``;&aS52>D;!Ara z)a})0`9uT%oU99gYZBIr=^#g70Vu}YFl&x^_dL9hCeUNuLZ?olWvPJGjsXf{ALlM? zNiIY+Z0K;{=;El-GsZ<;GUe^L_6_7?u^;iOZ24?z-E};>(5+ENRptGls8(v-k_D&Y zJgj07tWbqc_)Cjbm?^j<_BC%=x^qvX+|aFJ-L{-q`J9Nl*vJ@FVM2hr4@dNLk48Fs zlmA%rh8r&W>Gz>%ItlOqfkD%rnJE2P&|5mJ(&P-?<$RR3?8S2t^Tu^J7IDB%C`&Z= zwAB*(_|G6;{5bm5RIEI&NJT!DxpVTtzJ8ux*)vkIN~Uaj00=Un=L}91eHfjO*o|8v zDjqa6ng;>OE4HUD$FJgq(Wp{SqrVb!MO*&yLjN4lPqJH>bN%`thRN;u%rmnlpVo}qpgR+ibt}9CiTam z(71DSUV(>=BS)QE%I<=_E&z3W$Cr5<<0LA7ThbWANK{H>VuG)KA%m8vJUKkGe3ek? zo-XJe(d!=>r@6rP${hBaFkP(jpSA#W%Ah)T?T= zb1~sWSH`LY<_nt>L1yqlCZ7dK69eQJyZ>ls*yQ@$xs`xcq9;8?>E2Qr?8X(}u@*aF zF>kdh&YtLWmDylcg(ynoGWwvoeMDpg$#FA3Zwp~{JpyGbHCdVbs1?TMts=zeGSWd& zGu-Gh+d+{h*eJ}XHrn$-3J4W*LEs>S55x9M0TqS2Wctg^2KGYcsP;tM?K+M}*z9X$ zGi$8Sm1UJXw>Yl3~_H8ukL4vm!GzGXt9E9XXFbixuX{Y z0GMn)=;Vl^H1n0o$q933zN3;nK=ABIM0Id<1H_K!Vh|%YlF2NS;H6_ah;-HFU8M0v za>8Ry+dBG6oNEHV#4pII>HotFsP+2Pnb)y?3nmpy(@Z_&C7%!}<_2n}RN2y+K$Wk> zNot;(puk|t=Yg>}je~*-zLifiscNzth%6TF)8^Zft7x*jxT$D9Dq8ZE4zj8Ql~bxV zwXWdT!;huw`RHWpG+=9x&>*hb%kO2Cs#b(WIZ1NsCpf;XZ8<1X)#n8Qx7B%56+=68wZ$#MN>t|&2%j!;jGjaWgCbKY z%`hWzQS0O+&To(2_GZ>5Y%7h=&cfbj1TC$3Sb_?gLJDM0ZyrYVf8pPjzFOLi5r~Uy znK-mEcq0ULf_tA4dQXVuKV-L_q(HdXvAbZ*nU-Zid(2}lDIzq2otAoZID$4VX%`ej z+HF+0kxomi22n6hOGP&up>j;zbR#;-vPze=xi4VgU@|Z6^S|jG!rPkpm$jzhn@&m_ zHDgWiGgC``WzPu{x)5XJoPurCT2Q+~jA31GkVAphNVBm3;LV4PvjJ@RI11`xW%V?4 zhs9KMOL?gw@8q8Ws^FwpkKGbG0n1GbG{_3+I?yCW+^94CUr=iRkya~Iq+hud zgF25ywrJ#Z$xwX6%s?={DjJG5s+>Z~z-B{@i)3f@Z`j2JI0(>(+Rmr&oQ-8m{VD^6 zS(|g4hy~%P;z*K9{rE(-G-g?-wy*`^3AO7_WnvR<4}#??X_74zra1jDq<*#Ml|u`t zp(vjGek$=3qE95DC}RIabw7%Q=#z=n08E`rP}5Aix+`VlT5OTulgX?=%dok&_&dTL zbj1*o<8Of>@Q~7ij=`1{G%AHF*WUb#*D6?Cj;H~H@NpE_P-PA_zkU}5*gR|9r_lW` z&X|T1h1B?;N;sZMF5VamQ^N&E{>v?ph{M|FYh8jA*q`=bpK43+(@H(p{Wak)Yivsr{E22$xAzbVrbbf308mPLE=e6MQ@rE*x8B7~xGmB^K@BcvP z+~jaYG!alIHG&+yLN$mic1|*g%q8Uci_+IvPA^Ro_*RRuP7OW;n#CuR%H~>%VQOFf z_byP#i2THLR8|r*`lyx1tO?<6;{_v@_7#fLF%B!Kkw&h0Rx|Z{^NW0QN_S7+%1K)! z`a6Z5uF6Sht!8m8s@lLUXe~={dPuD$AFVV)2(WWp1{jj!XPZ84P z=JmE_SKqt@JA}68{{;OFqmC~bd4cR};VBO|UK|{a#BBf2d+~JSz z%ru(=B@n%cU9WT^uy38rg&d!pNcIg)FGg!@&9U zf%2jGQe21;CU~#D)!ufTa=ji)N8`DYYjRy)nQLc9Rwmm&RnNhWA?nMXN4_NdpFwQH zIl$1p(~ds+Yo@+06?wd!>WO_X6dXDVeQfuxAh%OWbiQ?)5(r-L#vj&7w3UQ0gN_*;rca1>N3sMVmWLHLzJ3N>x8TS9}5`)x5ZN z5{8ia>pw_i(h!3r(~65U+{!k7)Ab#TQ>^gs`t{M)Lx@B^0TaK398Xm>wodNsX$PBa zS^I#_0|QG~iIPs~%!SHB;=D=jEXlKwJI_7E65QPc>W(^PUC<0^w}n3|S6vQnx81C+ zplV5m_gKuY#{cgG{QwT$e}x!6*7UfQi*{SW-hubXXF-};t*%~>H8ovz<55TT8P1(# z&p_%DOS23;UDZii^|}ws;ZN{|Y#ZMxyh=M2w^D_s28;psLTED?14TtbRIwn46W5Xpm%7Ur|WAmf$4pYoc__>CF8M_SWyd;iioRWi*9k zXsR2Rg@AjoEG+i*uDBE+OSPPtj52nJ5+VL~I3IaAd;0shdxJ7|{&hIQc*-gIuH_)IvDYs-m0OkZRF~cOFJr z?9H1-457Cv;w`#Jrj zo(JI(%&$!j!w&Zjuk{UkDh?11T>BL!Fa2UcX>t+#WcDc5E66q(yD>=nXdCqSdB@ics)P3(UVkA0dSgrek$q^l5DsvbqE2K{YgA$191Uog5*FOlp zkmKysXkJSjCKnR*6GJ?mLBA<#R60!~i=V*BoS~ktmMRL;^Q))(;F{DNHVA1qI6%}c z)2+C*<=|Ze3zng*6u$)RdJ!-46tLy@j|cI2!g(|s;;H;cd-bb_OODUpc&YO@_QzYl zheb94c}t!*F(#Vu9vBQXKhoncOLUlCi|q05Myh$xR;gF64FPC#+=|5%I7v5HGf0ZDC|lbw&{lidA<21S*`1Z{f4Cx z(S^LK7-~>bvd)C8Cg*=&Tt3 zlOtD>LTUUs+440KTr{C@rv2wH)fqOhB>LYU)v^$oTV^m?m`ZY|Z)<(Q*2)YU8#!8- z>_0F!2nxI4MCj<`?RjeOL~mwjF2Z>ce)RN+C0PzxtV=_!Un5ICk^#v?N+rwSPfgQV z6U)-KuRW!+FRGig3fl@BuGeX97t{WVSPf}B6kQ2 zpV=WHHUU)G;tLmUkq2h;JA`CB5wO#w-`pa#!lr%sK2L1AMQ%VA`wt(UqLNIlFY-!s zdOxwVo$^P}{J3<6Pn-(^ANqkBrQvM-K`Q}$mr&KThe?*m0Ho1c$_>F|NEfSPtK0Zp zno`CU8CD?CH2MZ<>+V=0@h7c3bxg}{P0m4Siqk%i2Mm})BYW{B7|MB>s&(J|C=1ut ztr_tWUoFcGn}2A^p4b#6+MSMJ&W1(1q00g1MA`^Sxc=BrT^+&+;a*APjyT6jVrWi%f*)>fF0=gGr#*ZF zgkNkY(hmJk4AZ?`;}zSv3mS^k7hwcTdH4fQ@Xe;y)!K&{QXp?RJrir{P9I*w^!75C z)OJ$evFncur-Yvl(E~L|=PZ(-r(aOe;yK17{@m&ei+&HMY#+HVX+PeB@ol0=Gjuuy z)#u9DqJ7R}5e!3rZzScmEXntf335ulb1~Yn>sH?yk$q}8?N;oqsX8sAh6s2$bdx70G>}cn<=P7VWIvVJsWdY?WV*w=^G{mBpjf9R+@_< zCMm`jYxzt1G~FTg*k$3edarrFv*|kpdVR*kXdz|;AP7v|Zqte}PHlm*W5ltOaAT?@|}8nRAam&5H*Px3%?iNltxKM_n0@8L*aiI8Zi zaeb>|TFyyg=%KuL+v3}wnvuY&w8Rz?hVAVR;n%CrB_lRT2E0;ew3$moe#DA3UsoTG z6225Ga~11F6BV>|gC-=>Izqjxa#npAE6k0NB;?fft=kKC22=2s+u?=VEG&`f+EFdh zcpoE066v3_WC`qOCy1kh*#T|sG!ZUB4=r&nk2u;mRwx(W+K`r3MKg-NUZPGa0#o9> zrJvB!A-%MPw=%KU>9$-%Id^lE&$)IDYnQ!7sCSz7H=~c4oGzI!=>#5~fzRtsIKT^t z6{O4j5U{fj%VRLEY^rmx&LxzZw73@dn#oz)Z`wx**nJgo*!A$y==DM?s{+azZ@g?=LFw% ztY4v|b5nu~UROClz6|BzSZ%LEdl4Wuh6Lec7)5|F$5Ywxn2nrM7bT~FAN?E@==;S; z)#BJ*iu!bJ`Nuwf*>%@I-bgDuK~+?bjUptN&&A-be@rDuz$2-%wnj;ZB{GsuH-KYT zLpzm4N?fQgy10r?-dJ=2MD~~ptuD0S*=-|t2!ICF=at`!7nE)AVZjqh6m^d)9||5L zktwI9m0_elW{U;u&d_3xFzetWXPUWmi4=$cuX4pzlIyy*cROEM1IVbzHN5lP_SKV!c@B3w&PaO4U zLw~e>;=S@kptgbTv#YN!WnFfmD`m-xs~^C_%;F1v6I5I~PuHq)34DLvq*Jb3mG1LO zuw0IDwxLm;(cd58@66@pn#Rl@ojlv>Ipa(7u}8Fv;~w2aWedv{>+=!iqnxyL00{B%yMg9>Fp2A8&ZC972|5h z9*u?SiuJ5*$HQC8KWN>r1s1E-f$Ey}n%7Iy8t1!vGcdAP{I6H@f)8f-y6dx* ze;3M3f4@RgS>g@R`sru^tC+|`;azc&cESak-bz?0Z1G!#TyzDxy zCU&l>E;Up-6Z1E^YqcuEvStXY_Y;Tx;*@$wyE;|u4-RC<^I1hDw8^?~W714}V~@7_ z4l2n-ly*|q1LVf81|^1S+BtiM-dG&=4Q1VT<5nEbTxuN46A{!haRcY6abO@*d~P|5 zfKvnLU5C1r8XheuHO9;8MXI@J&KM;Wz*LU-++>pIIZf9iqUi2|{JvrG^Ou49r}HK( zVo=kLX zU8^X<*|Fi?Z{?gt=xzWG0}cV#j1MCx*5JS|B(KR;(zr`?q6V>p0~70TN==^2#X zjN`9&T(E4+{*&)0Vwz!ZMV$#r)TlMKU=_qjg#DepItNH4Z#!mxSwKqoSu{x&i-lcRUpO8;Gn&41sVh96aL%ry*CyZk zbMR-kWy4@2}V4;4#CUA=c8ku^uzkxKdXN=y^O%Qw^=?+(E< z&+_G3I44ZI=V8m}n82#Rs_`MUxq3B=c5Gpi34$ty`%?k!D|d#jgTCT3Fuk7({ob6K z_|-2i9Ns88&w@epL7zR4t_5*K-wF>*n?Hhn{+HpNzUb!_!Ycap+x7i;dl&gy>phNI zg+AV-da)*Jz-sYfbo!RSC-}IY(yfDZ7&A=3%@(`9{`Q9MTXO$~b&gpVZXxl)0G$Dm zVT-Qt-&}{tGF~Wp2H)Iw)*TIb=V5RWuy;gRi%8 zqw=WO5NK}I1{VdVOj3Lz`pp%K`Yd?lm;&O*MrY_UtpSX$Q=HSXv=_wviNtDDgm;(R+k6INq16iI_AjfD%05Of}^?J#^dhM^hal?Ij&pviYB!9@qA)j$~ zZeH32pO)wSG3s6-$~*bv>C;Lb4~vQJae$9RVGm324i#oiG}&;;D+-n|Mv z{i0e_B9HFp?}S(?3uoeYeu7qb{~Rgv_mw)@t>0}CdE&zU*+P!xxIeIiXYF5VL)zwH zw3*ZrzZiHURd?dzA{acwXjc=pOec1X>|szI#uI9~9W1$&jBRESFF(wDuc-lV(Ntzq ztA!NsM#}v(pfF_3kI5xGtGYW}s#7PYulYTRBx~h}`+77vvah$%D#Hlpyzfz2br5FE z(t5*$>bk$;kcR=J$Z72c($fpe@QhBjXs7d2$3BlvG#h%sq(t3A0lN)>Mu@QujwZc1 zEfL8rGg;=VVXppH*gC_cADS`5IJ7H}0iDpoMu>>X)i@9VooE3Yj{9rT=kdqgjMWE# zveWB*vQ&%S@5?(QG40A<-n_WewAb3Dn0AMefZI=ANzRXhZ$|#_1{A48Z{A4npSPj* zb68~gFYlb*@$3{Ixei@8*(pH9I#YW2AueO49CuM{3QBFNFLhaT>Modct_d#)#NC^? zZ(iZQu#t@|nzDQJ@)ep~iJp34cU&@QsyB6cXFMj@g$@AjxtXf(c$VGfS=lm^sXqdu zU~GAq$~+E(wlzJ3XyW{=**AU{+_y8{(L4T!O{k7H-oVv=XoFizh~BES`Mp;S;}_8Z z==X*20Ehj+lHvhRnkgRWsI}C=w)&?X&w9_&kR6s+eG|M;hL-D-Y-6|BRw51#5N4KjH^i35+%F-AJ)y&u68>|YpEkWt14(1qg%@qCkBMCQW_GjuJGUTORMfvO zratA$1Zswk`W}i}izUGn<2R`{U|!@0}e~D*&738FZ|C znO@rRraq9Om^Kf#p1;?;s?E`cn;p;69Pq>AJz^D>Yl+s~9VQx=fDVit^>k5{8trn~ zkg{$q>w9?z(S6X8w8I{67Z+#L=6S{E6E8Ls@tEd|b^+Ck>zc}48a}7nsvHbQ6%$|I zoX_^-QrD8)Kv^`Dyd6H2-}C&i6UImkDbEy*Ba2=GJp7*-m9FM#EQOo~V{PJ|4!_}` z>Hfuih&Z{)xk5_Dlgu&7`(^DV;3xae$&pR+KX`K2y$tZ4wI=H*A0Nz;S$8I1`dg1`QF?!HIcl41r z$%d>{XQx%5&oEolkN@IEDJZj2a^;pKJE?Bw=@apk0_{0CPvNRDQ=skeHr?R{_V(+p zPlt%FdR72TO z4CDPC?#Ml8C{G09hog#PCsg~*PMq40H`yuZ*6svNlhEIl_RzF<%8}Zly5HY9qm5rn z3Q^yQTyBL8Zn}qdQQ~9#wG5ZG#U9=qL}+|tp#v-*7r$&G4{#8dO`_68wFbhE7zgH^ zIv!qSj(e@|u8{!x2pHiD)x}R;>K9_DPP~#H*dXc`%;7jIjcHVBPzmKSepfIE=T4K9 zScIw@rlck*L>S42B#r!Tdt|V(s_CanWemXl6Ht4+rL)CB=7`^b{IVR1*iSOKQ=U{A zdIqdn>Aw(kSh{XF3|P#lno`DXz@}8e4p= zZ_u?BQED=q2SOX>8LW%wQLv>y7o!WU-2S+gAzlY zz#Xut*WKUpDW%U4QKmX~@J!KOpy;y@u!Pb)vz@q}2#40Nn$HFQi^!4Cc`*k96gv*m6n=#Uqb#}7Eg zBEegFm|cep@=j1|@<|ZjNrl$TqH7S6%sIMpT(nyExE`u2*)VfVz^!Avsm_i8|Ls*G z>%%{%KJx8j57VXAZG(8OYt?) z?@;gH-Ozzhfwnk0Iy!IPSvd>1lJ{-dbJepp%GP3=rAwG5gSPokNBaBsGJ6*%f5)n8 z5OWPV%3q$3BjGh|ICYFoKa_U7{zdYbaB5a;bAS8TR29a?#tsQ0%ouBo2$b6X80oEr ze1`~t2|x;fxD37u*6xilS!o|L6LGe&U&+kykCHBIqT~XoHXiV=^IvtypPD?R)K3|j zo~E^}COzsE7jRvIR$A!|+4w>DA>`zjEPJbo3%`l+R3p%)km&ahp~~a*f!yM4A?b6Q zi9U`rlwK%sWidgei>NtION6p;onO$3!r zQj@-Z80vO~g$?zJd=E^}b!C%Z&9nS4`FpdyyAwD0`~KYi=-pX9l;C#i@W{1GOJD;K z^T)M7)srAhy8`f7`-^Di@Xm36^N%5SYU^yghVg10LHE^?=i$=Yi=%wy#-dvzu2@=q zOhk%~gH!9Tj`(X22lqr^$Sna4?u;SPOdIXP(jf}y9GH zv90CSXHifroia_9eesV@^R``%NmMg8_o3FA@Itde4FmS6Q(Mb~QyU8Y#_T~+Vc5-v zm=HgkVa62CnSNa-FrzQJqw35Uj)KqW3h?A|q85Njzuv8MRWym8Z+6 z&BI`Zr-+YzLhyOB%4s1wcHn$j&b{|~a(1E-L=vtn`5`)(QJC@Los61eDwKW0A76n& z@CUeS_Moc8xfZTesPo-?I0acO%B-@VT3B5U83PIt~G zIFLhWg-g-G3Q|hnD55kkNI4GaxATLZqNDNV-$*~&hfIjeGThIf-FJX6M}p9Nk0gdP4h zhOeLQbR?3#oKzTg08AA(^A=BDgF4j3HzQO>&elK}rB23gyY+oVda?+U;4Wk(M!;qx zmtqgD_=_ObcB^3Yg=FNc0J7<41b$LIM*q&=uEcvWL2K%AQc_kW^bKZS*4_=}Xku*dN3SRuS27 zp%qPg7p^~bE4bxTv55FmQXC3HfTlV()w5zv22LDy@>61UI!3ygxN0TLK5?%8b@j#l z@pDl5HpN~QweAfY227QeovIb-N>&;th?VA1ZUR@M$ec}cN<0y5Xj&A``&bZ6q(2f%Hp0= zbM0ndc&0=ZkEp`V{fdwPc@lafk`2cZ#XuCiNgxq5^#IG+-_u1&1cKiJ#=_x_67J0Rgp~k%$Sz6uKb6hrSNt(_0?V2R63no4$??;?~phbKt}Nn_=YCLJvW@2={1xMM$HvnAQd*ixBElKc~_DvU5<7)m0`UIoV=1*?&;6jsDP z2f=1JBwV`!z;k~&NZBiMx*2U7x8ILA9s;HPaEJYmpB)~??#Fz5AWx#_27(D{ZR^!R zFx;^La72-!%W5NrC9Y`2-K_u7CiKspfO_{eB)qukxD|)VH?oEohj%Aa)6d?AfWZIG z$iM(?^A@5?edc#!Aq4E!AU5`*;&1EWp3USM$-d*Uw3#N#OYi|X=Uz>J{ru?~($~;0 z6j4nytTI{Vq2i?8mBx1d_kMkSZ>!aS+LZn4+A!+RzK;{n7{Zxw&lKViLpC3k#FaNN za$w#Nh2@d>Hox`p@1l-xkk^@z@6hj+o}WNH1Mm9sciTp-YNK-zcfJN&dDr%5ZT37f zm~xSA)k?s}@;@W!r}wMM(?2~Gs}0I!b0}|P92cG2(=A;R@Tq(C0`U?HN<+Aojr3UT zy9NRejY}ePuZ?Nykx8%*I3CxO=BT9RLWuc6b)VyqYsXx)U{Lis!_RUY#TqqCC_S2Z zPx=Pu;W76to94!w#O3#XKo0k=0UwvK3CT$gbAst8E>0;mnaBo$Szqi^`TlV`9}}fS zBJ&I5SFT+J;aRpLH|}P(exsS4;WDOea}1SSj-1By8s&#`2Y8x(c)Kt|P3yLee>(w$#J^h+f3~Btb9&=n;5(9vJU9d<(I|UyZ;9VQjv%H zmz@U&`T6r=mYa34h2`du|yu-gE TjBe)E00&byJ`y)KC;0yXxjCk6 literal 8190 zcmZ{JWl$W<(k{Mu7I$}o2X}WTIEybX!QI_u7xy3u?(PI9KnU(0g1bZb@}BcmoqKPc z+f!ZL)z$rHYNn^>dDNBQ5pZGtkvnLjV(9P38l=DeKZ@{I9h@!fIl1}y_+ZrkHxC(x zCM!{qUK^|B8xagljwdV(@Nb@_vxSEv*vXyE(aW68+tJ|^r0=!ck{UQ&dvPheCX`j5 z4RfD6=(X0;QR~z-`Oha)06!6qSWny+oU7UG zA@_%g$9`vt2U9GHO$s9f-b>85L1@0K_se>Je^Sz@(x}7&OWhw@eo^7*9ghCXl%(OC z?b&$6bC#g7?GXDn_h|G9POK2QSe7w47~tusq@Ji`Y}FDy?2oy40VaR73n^%PkRUYQ zgA#saPI=QL37(y>ozSPdOY8$LP$yx7M+O5iZwb$B_qwNrs~qn=k? zD%N(Eo~SjSM8nu+Yvd!d+=NJ`2xu1afgnMWdn&80(RpV3iy|ge0MIhAk=8P#fD73D zP(eOlo$@pHjT54J4j1u`_PdFYYH!sxp+1-t0Lir5JuX|O_({;yd2DW50Ls)P_3Tj#mBxGl+8FNK?2iZi-T$cT-_A1dB8#-zc+K zx)xtF`U`dHVI5%|(94B~8LcT5d(}6!{5`5&vQj1@5tXo^M;2&M7Oj3@k7=FtUeYGeXzdaJ0d%LBys{}5Z&CGHL3KYt}4C*78hZe8YFoM9YueF z=)*OI)1j1cdbm9J2=K=p=~Ck^Ap;ic&knx+hB7+mGif(hl0ka*tVJX$hK&T^8x691 z1W`qxWwyE~7cHP17ozMDQN&zP#t1CLR;}29x#90X$)Ac5i#<0Pf`6~j_D5KLT%TV! zeSyz7KD=7O9F;I;wohsJPkhFW(nsbH-{^ELFg*1t^9;Ing$N}+7djlQasQNJ%x79m zBvDL-Y$DPy)OwwFtUmeSwC0Zr`+YifT-4lMQk?aba;@130x4#s;WpAooQ=|`o5jHG z%y21elXS$o;~Ui(4EZJ5Ntx>6M9G*MqtS}|Yb~}Jogv0dqAV6K2a^y*xTj{6 zC)~_b9eDEahf~fEOl&#bl2ZwxuN7o#8f|{kRE>-8qPn8PParUByCqFhTVD**F+ZYs zZMDL00ayX1b0M2LAqD8ljqtsgFWDiR2r@HTKvelBZ>Ce=15u=ukEA9buoET_L7dWK zt5y3t_s7D=r4SQ9U_u`|?I;f9@ltbz?t%uJR{E5yH!t&!+finO>|q|z8)RgB%dU!a z@V5B&y0`PxwJFry@h}1?3rnv)`YJVuiA6$1O+>S3|1QeN(i0g?1&vy6wnO?8pOpk_ z=e}$u8sWk)JE-;QK%@ z;;T9s&G3EI*(f|b%6)fx0g4%Sjz5{V0=94{O)-+=rr5Ugo!;wFt<(N?I(dcGt zw%p^0TY9!FZW~*yg@t~4cZPK)u;fmwjYM{KIvCEN^WEt{34RSC>ROb9nY}@Fd7St# zpMNsQpU5brKx^6n$yxXnLUG>zN)Wd73{|K|`gU^ZLc`S#;IH28Sk&6}%zpox8dW9+ zIdm=}fn?94L^D(Ai+hB!OUSRKsI_Mb)I7q&YNN)^p}8o(Mi_!5Bg60x>k>ZrfQV>l zF;Vo}v4#A6mEFmhkZn|MdmW}rERKDJnht6y>m_kVgkkrx1LsxFRM6lyvcWIns>S>h zw`<-j^u#5Ra^|j(I;`F{SIDafxsu2kGD3D+n|o9OI$3AeP@z}qj|7tfb{exGiB zl&8~MpmY6kZrQ8aiIl&@r*E2#WXfuW`1QPzU@NNVna>t-!$GWTd%KTcKaVrCWREMW zd~{B-6Eh7rn=)pFRqKpIz`z&8y*rXnBjpvpf;f|v(6mEyx!!B=J@uei@}#n4KK30Z ziVDCcaMKiwKvP+V*ELzv-*8kMJ^A`rY~auh9#E7UWGQOgJizR2I%!a zZcY3~3(Iq4^jw3%*Jy+8;K*H;2?N_6H{3!)ysNv+7d@t&CNIr*;W=mtga=U@5<>RP zTRJnVa!7X*$GjaHqIaoc zjh}GktOOa|1-j@zlO<4)W;AaSEe(PF$TBe4rk{F)y!CW?D9)yu3+_GeAOo4j6`=4I zGAskB*MKln3?j^a15bX*^%qkWUR;&U0aFaK5e-t51$;MxDjv)Q?^pt7_qt(=98lc? zqCE+DRcVCzxn|29ub@`6xdO<&g=~hXb|6;NtLp@tB!#f}AZLroZY4XMhU=o7Bz{%> z;aBbTFdl+YuMEKdinPE|Tbfuilkz2*OsXcR$v1Rh2`ukEPW_y1UCGIjLPgooozLka zOS-5g)@|v0IT34)rM)v|d-JGRRRzJtyB(t@NhZeBS7m|kj^u8LtFFj#qqt|w_sp^6 zA5Sc975-3{{R(WqI}F%qbs=*j)e)K0Ra%%TkVHNj2>lpMRBoIMm;+w8b#ye5IPja3;7hfEQwZ6ODYx$Dj6LI2#gJHm{ZMQ z>3RvgNx~Pq!|FdFK|0*Et^L2Gd=xjJQ&InZzrXpC$t2Na>wGVhB+>JjlI$)to=I_x z<&V;`DC;n*m&*|@P9A3cf{am8ALQjd(n#?H?B?kPxj7$gmiG8hVb zA{w1fDwS{h>Z}TSIcx6e&49;JIt)~90ZNa zWKZ6`0pX|be+6EMN|LXh++le>BX=r#{ zt_{z&W@UC(FoGy`c5hgt96dwy2%;T*wV}&`Gd+tHAHGuPc6d7o?bHh@J|nphQMQx< zlb-@D&?-JtMr{4-I;}Pjtqp-ED?fj#Dspx=`se%`EewHIu`=rMz6T_Icb^=#Bgk@; zvs@r+IK^DTJ3wwZa?Kzr*2o%`y%)<#m2CD{Py#erF#dspE~ zhxZ8DS9K>EF;C;v71`(t5Ap+U%%l27!a)}UffIV_;kY_xoYv6c+z3kUfWH3Fy(Zy> zmWv^}FQ>*e!)c7SvG5Y{iqbpz`-yX0D%EOZ^h-b~6g6~hY^kF_>gX>~eLRw!C4{6; z;*_k6kvcch?wnBdaF8x~`JNgd_MC_r^ehH1m4UO#obP8LC71yv5P7KFk2-R0G?WWi z^0_!U8K9wxB(7m>WhsKpZLJN(O3Wfcy$aGtr3}YTEab@j!7cHmT9(eyGt3R59gvUc zCw$xq#zUR^2r6WP3u)pGX+pT2aSgy#MQkU*mab=IS>ggSq6huSji+(Jw02+`h=x@m zEa&oZp_dV_{IJXT>!c<4!>Uml%7q9~F?js3F|siX3>SV%Kjs9N^gUy)OV_%*-IK$L zyFp2hWh6we@<`{fOoqq;q)q4D=1DH^6&)etLA2SK9{{;~#+lARGjz%Bc@%V~042qb zn)mZPlaujQDLjN8`IB0j&rtwyR^>HMv$aw5c`(pqXmg0itA0J7`)%^Q&#jYYF+3*8 z|I-=dqG=r!u8Nm(p=(i28maw4UXWW5x3SRZnPhXVq_?p8s{%0wf3}E1$o_j*gprp@ zMrsgQ9xT#2;Q}opO*kXw*Qb-Y(Yb zWO9LbJFjum`+$)m(d+#R23yo?4$`TUGm=T~opTGC>0(=09=u+KPe;2O%yC(im!S8n zxA(mJL)ir?_ifk~o{eSPmUc#bK%}ne@iUCs8IXqqO+H*klwNr{I-9>^Rfg# zfO$iJ|4X>hmx**fm?;k_UoHNq*h`5|nA&wRpPb}BS#Q1kI$Ay5YM?KaLhI%!ybn4r z2wdguGqflaLiSeo^hCZG`1_M8xEcM>ub?dW9Vf=8>p=fRM_%2F$$$T1`Z?HVhN-jDbx7cwj9xa2&7k`2m`$<4I;f^Hj54vDQa)omjBCQ@ppsAdKP zo&8ee5tOSoHr(n_{>p}%6TzjYWsv}{BG28+)2*wd{{2(2{vf_w{YQTfj}3D{nLTC2 z>%)iPBkAN#+c^@Ok8gXfVrktOU>q9W@_Jz;=9==pMSGKCU*h1qS86%OKP*h_lC)WZl;ko z*)kQgSU)Om7^bcCslV((nev!nSa0N)4MkS^IQ(x#lfBeSr^9NMa|-7qbME+n42Rw5 zc^25eGM_4wQcl`<>rV-;1H^KO#i~~*uAE@!4z4SwF`AEGj;@aTYZ>?o02zNr(39rW zdhItA?RxE;)(w>*r{~_ymXGzbK?NuE1jpRRj@4}=={5;gwq7eH6)I}^w)Ou^h zhfJJmj)oy0-S;jc&s;=?4#k%Kgh)RTl$Y!OBt zbzXTJ2Nv2JcOZ|Rg=Sc7Yqv!YfnLHwor%Yojo4w<60mKFjz_C*ZEY&_+j2Q>XVsz|6Vn2oJ8&47}Y)f{p{$_=y6`V z4esa5sxzrOM<29TUv^y?zFS{;Ibh1uB9}Okx%^x7^t2g!baeOdT^tVz&`yJdrJ7n@ z1e#Vi@qTQFB$I=#F#E@k=D#pT8j6+}mkJ{VQEJ#nrS!ir28Rk77Ftf-0#7NS3fFrV z@-yJ@iPQb>#DlwaY8lT_`>c&~-NbKQ?ny66v^;cIaskvl=hVhSFqfxVSY-M?Y*z`c zNTYtc^XlCaF>yODm%`Cask%t-n1m*`(Y#r67lr9!2>RKokR0FJd1y0%fjZTTBCnt9p)h>iCf>67RBTCXX&F}y!IB&;nC&CP0AsGZ;y>32 zkGyeUanOV@|1ezI%AfvQM*;{h?pNetM)x;*YbWl@AMRl45j5DtI$US}d=deN(+2_v zt$FeU8+^Ua19oaO_QI*HUgh2Ej7CVuXBrQ=-eBOp`^9;=Zj=ayx@oXu-m^gVl(l%* zjoZ-i&=9ExNnq<=;Y0>5x72Gk8GSxJ2XXnkq7U?(=gz z+LidHQ83P0OOD({BS}Qn^-i{jywpDBt%_ZSH=c&>aqlb zS2BcM;o%H#&yG30^C=F~`UMfds#<0GnbKmH;rE3=j9oM3M!g&^PAU3=KqKSdzeWjX z)2>NcChd?84-c+H^lDp>p|=(57$e_scdhA@1NB?IYX^RsvSvR$2%?kT577~p;^yi| z)myf566a}3ks=l;9kD$U*swZv{%E2%BTkR0AYX`siZNhSt`U;0(UN2JfW8D4PB<1T zg)!N)zHr27oZ~0pTj)=J9^b-bFq1do_FF=}AHSryvLR$du4UY^wj( zLUbA*1z+qRuuJe~C`nN}Y&zahRCq5&2!#;;{AVIxBp=uly>PI)pF{>Ftn-sFS|KOM zqf@MnWfW+wJFXQ#ht0K3G1BOqo0J(lhojb!+z4ndX=BdyU^I{F+XzYaQQb3eJPk8{ z=cbdD5m~+`US@4{ESEm~fo8_o@h<-?e`R?&SMTT2&g<4$itxJ1N{+0!iUoaPFZN!0 z;>1=3R(15zJ*elzudbNk#pw{CW;?AQEtV!hkTbW@;>(=Jq0GnTFUS6d#ED@WE>rLI$41DJOX%$WyVXX zS)2x>w?}Wq04}*I$&9f&xmPLZ+3J-r#6J*#;wX~(njiJeHfgmMmaEjjMt4Wr2ZzFy z3&q^AZ`?97MMYyknAs9Bg$`+oF+mk?0_Rk_?nC+>tn6UysC0T(%TwMb<+^G`I1VevRokywP=_2C&~~VE z&HwhW%iu|P`Ox_W_z&TO_m}V?W+~bj{f80ahJiu*Ys4+h*)7f7&Dbo>PYu+ZNn~(0 zZlOgUg-qdWqWG-A2i{x#5sGGRNDt7RT>-)@d;eQ^u?8k00IHMWFpLrj7A7n*E^|d z4X&uPC^cae+?N{a>JKKSGSlpKc$Ys)Uo-EY{G%EPdr*ouj0x_Gx>Lb)Wl9rsx#f+KmlqyD6z6px6 zcl$Xlx$}8F`2LefH%4_vLwTPtRv{;>0gy@X?Fm}}(fqUhPX5%xd^{z7jm0Hz-o<`r zl{WkF=b-vv>@d~L@x_WmSg}e;aS1c*ls&N@$Jxfy{%MaIkGq@O7y0=njJP+`uACU2 z53edgjmuw2H@VWRs@H1zJs-PoiG|O?-5N`=9mI}q%|`{C%PJV(BMOe7f>_H%WD! zd1te@iM9KdC1A6zA0-vfNtN_6cZS<|&o3Hg=C{taneb-bH2G^qw*3)iqedi{ok5su z-%QuVsYP#GnH7rGv9OHs*nf$Vem3G~yDH{cmXt`*w~di((&nf8c5^yc$vZF?r`&0Y z{f&ic@KjTrh)DyISu}!m=b$SKAu}9sB!W1$HJmzsgFUU6Yx2?})JP;nySz?Ny zbkdO0ImdzskbYna;2e94zf+$jk3HFZs=eM`rp#gcc97ssWE0Jb>s#JCN~8su*&EJ~ z7~Y%XA|y|g94=Y6Lx=~e1ug^SXiL6B=XZlm<9@pPD@i(M;m0V)f=8^4Z93xH4uou_ z3&L%GtLq2Ya84leXUxlKFv`9|*YCc-aE)dyS@OW?*7}@pUx2j`#phc5s3wW~d35)H zXu_s!1YT`;@8ee1(k?!#Q8|Ia4Q4B6?ANAzgYPb6hEp09e{|I|Po7NndqW5Ieg(<; z)r54lv6$RAXGx62kFY zK@j#=ig9KAzg1_?9HUW=Qs8(fd>?SK#z{7hI$(zi)F)#@W64x_^H9XGxzI} z!FwjMiqIU28PFKYx}lCw_kzQ7LWfDsN4x3;f1MlS539|;h7CYavibLvDJkQC{ikQ1 zpvE=3b$jm04ELGN=%a*RvOcfB--50cUTX_E%Dn|M$*bSmchw=(&t2cb;(w)GKAHU8 z;@4>!je3&r>7oyrn4Hv7XInZi@ajsiaJcaQe=huQ*ZY^Wg#2UvVaESc@!whTf9J!% zw1hDJb^l+E{Qs=}Z!Pve)kMVqSHo3TLi~rHhk^gQ%Kuta3K$q37!@Ba4P{DQXIFc3 su#<%irHZp9*n!f_)xyTs6HLj;#)0biPlVOY!UpVU<|at#=H`t0KOEd~DF6Tf diff --git a/home.php b/home.php index e3ec221..92dd18f 100644 --- a/home.php +++ b/home.php @@ -34,7 +34,7 @@ if (!is_empty($_GET['page'])) {
- +