From 3b8e94ce66f029fc7933250ff59665ee1fa50c32 Mon Sep 17 00:00:00 2001
From: Brian Lycett <wheelybird@users.noreply.github.com>
Date: Thu, 24 Dec 2020 18:24:41 +0000
Subject: [PATCH] Christmas jingles (#55)

* Add account requests, email user on password update, RFC2307BIS autodetection and various bug fixes.

* Remove test.php
---
 Dockerfile                                   |  19 +-
 README.md                                    | 137 ++++++++-------
 entrypoint                                   |   2 +-
 www/account_manager/index.php                |   9 +-
 www/account_manager/module_functions.inc.php |   2 +-
 www/account_manager/new_user.php             |  34 +++-
 www/account_manager/show_group.php           |  30 ++--
 www/account_manager/show_user.php            | 148 +++++++++++-----
 www/account_manager/test.php                 |  26 +++
 www/includes/config.inc.php                  |  35 ++--
 www/includes/ldap_functions.inc.php          | 114 +++++++++++-
 www/includes/mail_functions.inc.php          |   2 +-
 www/includes/modules.inc.php                 |   6 +-
 www/includes/web_functions.inc.php           |  83 ++++++---
 www/index.php                                |  17 --
 www/log_in/index.php                         |  54 ++++--
 www/request_account/fonts/font_01.ttf        | Bin 0 -> 76804 bytes
 www/request_account/fonts/font_02.ttf        | Bin 0 -> 11024 bytes
 www/request_account/fonts/font_03.ttf        | Bin 0 -> 26592 bytes
 www/request_account/fonts/font_04.ttf        | Bin 0 -> 40376 bytes
 www/request_account/human.php                |  76 ++++++++
 www/request_account/index.php                | 176 +++++++++++++++++++
 www/setup/run_checks.php                     |  56 +++++-
 23 files changed, 800 insertions(+), 226 deletions(-)
 create mode 100644 www/account_manager/test.php
 create mode 100644 www/request_account/fonts/font_01.ttf
 create mode 100644 www/request_account/fonts/font_02.ttf
 create mode 100644 www/request_account/fonts/font_03.ttf
 create mode 100644 www/request_account/fonts/font_04.ttf
 create mode 100644 www/request_account/human.php
 create mode 100644 www/request_account/index.php

diff --git a/Dockerfile b/Dockerfile
index 0326936..69f6bbc 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,8 +1,21 @@
 FROM php:7.0-apache
 
-RUN apt-get update && apt-get install -y --no-install-recommends libldb-dev libldap2-dev && rm -rf /var/lib/apt/lists/* && ln -s /usr/lib/x86_64-linux-gnu/libldap.so /usr/lib/libldap.so \
-&& ln -s /usr/lib/x86_64-linux-gnu/liblber.so /usr/lib/liblber.so
-RUN docker-php-source extract && docker-php-ext-install -j$(nproc) ldap && docker-php-source delete
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+        libldb-dev libldap2-dev \
+        libfreetype6-dev \
+        libjpeg-dev \
+        libpng-dev && \
+    rm -rf /var/lib/apt/lists/* && \
+    ln -s /usr/lib/x86_64-linux-gnu/libldap.so /usr/lib/libldap.so && \
+    ln -s /usr/lib/x86_64-linux-gnu/liblber.so /usr/lib/liblber.so
+
+RUN docker-php-ext-configure gd \
+         --enable-gd-native-ttf \
+         --with-freetype-dir=/usr/include/freetype2 \
+         --with-png-dir=/usr/include \
+         --with-jpeg-dir=/usr/include && \
+    docker-php-ext-install -j$(nproc) ldap gd
 
 ADD https://github.com/PHPMailer/PHPMailer/archive/v6.2.0.tar.gz /tmp
 
diff --git a/README.md b/README.md
index fe03e4b..13b8b29 100644
--- a/README.md
+++ b/README.md
@@ -4,18 +4,17 @@ LDAP User Manager
 This is a PHP LDAP account manager; a web-based GUI interface which allows you to quickly populate a new LDAP directory and easily manage user accounts and groups.  It also has a self-service password change module.   
 It's designed to work with OpenLDAP and to be run as a container.  It complements OpenLDAP containers such as [*osixia/openldap*](https://hub.docker.com/r/osixia/openldap/).
 
-
-
 Features
 ---
 
  * Setup wizard: this will create the necessary structure to allow you to add users and groups and will set up an initial admin user that can log into the user manager.
  * Group creation and management.
  * User account creation and management.
- * Optionally send an email to the new user with their account credentials.
+ * Optionally send an email to the user with their new or updated account credentials.
  * Secure password auto-generator: click the button to generate a secure password.
  * Password strength indicator.
  * Self-service password change: non-admin users can log in to change their password.
+ * An optional form for people to request accounts (request emails are sent to an administrator).
 
 Screenshots
 ---
@@ -36,26 +35,6 @@ Screenshots
 ![self_service_password_change](https://user-images.githubusercontent.com/17613683/59344258-9ffcab80-8d05-11e9-9dc2-27dfd373fcc8.png)
 
 
-A note on your LDAP schema - please read this!
----
-
-By default this application will expect the LDAP server to be using the **RFC2307BIS** schema.  OpenLDAP (including the **osixia/openldap** image) uses the older NIS schema as its default schema.   
-
-> :warning: If you haven't explicitly set up the **RFC2307BIS** schema on your LDAP server then you need to set `LDAP_USES_NIS_SCHEMA` to `TRUE` as shown in the Quick start example below.
-
-**Why should I use RFC2307BIS?**   
-
-The user manager will work with either NIS or BIS, but BIS is recommended as it allows you to use **memberOf** searches.  You can enable BIS in **osixia/openldap** by setting `LDAP_RFC2307BIS_SCHEMA` to `true` during the initial setup.
-
-**Why not make NIS the default?**   
-
-The original versions of this application were set to expect BIS by default.  This was before we used specific release versions, so we're expecting the BIS schemas as the default to keep backwards-compatibility for anyone using the `latest` tag.
-
-**I'm unable to use the BIS schema!**   
-
-If you can't or prefer not to use RFC2307BIS then set `LDAP_USES_NIS_SCHEMA` to `TRUE`.  This will create groups solely as the **posixGroup** objectclass, and the default for `LDAP_GROUP_MEMBERSHIP_USES_UID` will `TRUE`.
-
-
 Quick start
 ---
 
@@ -72,11 +51,11 @@ docker run \
            -e "LDAP_ADMINS_GROUP=admins" \
            -e "LDAP_ADMIN_BIND_DN=cn=admin,dc=example,dc=com" \
            -e "LDAP_ADMIN_BIND_PWD=secret"\
-           -e "LDAP_USES_NIS_SCHEMA=true" \
-           -e "EMAIL_DOMAIN=ldapusermanager.org"\
-           wheelybird/ldap-user-manager:v1.4
+           -e "LDAP_IGNORE_CERT_ERRORS=true" \
+           -e "EMAIL_DOMAIN=ldapusermanager.org" \
+           wheelybird/ldap-user-manager:v1.5
 ```
-Change the variable values to suit your environment.  You might need to change `LDAP_USES_NIS_SCHEMA` if you're using the BIS schema. Now go to https://lum.example.com/setup.
+Change the variable values to suit your environment.  Now go to https://lum.example.com/setup.
 
 
 Configuration
@@ -84,8 +63,8 @@ Configuration
 
 Configuration is via environmental variables.  Please bear the following in mind:
 
- * This tool needs to bind to LDAP as a user with permissions to modify everything under the base DN.
- * This interface is designed to work with a fresh LDAP server and should be against populated LDAP directories with caution and at your own risk.
+ * This tool needs to bind to LDAP as a user that has the permissions to modify everything under the base DN.
+ * This interface is designed to work with a fresh LDAP server and should only be against existing, populated LDAP directories with caution and at your own risk.
 
 Mandatory:
 ----
@@ -116,17 +95,24 @@ Optional:
 
 * `LDAP_USER_OU` (default: *people*):  The name of the OU used to store user accounts (without the base DN appended).
    
-* `LDAP_USES_NIS_SCHEMA` (default: *FALSE*):  If you use the NIS schema instead of the (preferable) RFC2307BIS schema, set this to `TRUE`.  See [A note on your LDAP schema](#a-note-on-your-ldap-schema) for more information.
-   
 * `LDAP_GROUP_OU` (default: *groups*):  The name of the OU used to store groups (without the base DN appended).
-* `LDAP_GROUP_MEMBERSHIP_ATTRIBUTE` (default: *memberUID* or *uniqueMember*):  The attribute used when adding a user to a group.  If `LDAP_USES_NIS_SCHEMA` is `TRUE` the default is `memberUID`, otherwise it's `uniqueMember`.  Explicitly setting this variable will override the default.
-* `LDAP_GROUP_MEMBERSHIP_USES_UID` (default: *TRUE* or *FALSE*): If *TRUE* then the entry for a member of a group will be just the username.  Otherwise it's the member's full DN.  If `LDAP_USES_NIS_SCHEMA` is `TRUE` the default is `TRUE`, otherwise it's `FALSE`.  Explicitly setting this variable will override the default.
    
 * `LDAP_REQUIRE_STARTTLS` (default: *TRUE*):  If *TRUE* then a TLS connection is required for this interface to work.  If set to *FALSE* then the interface will work without STARTTLS, but a warning will be displayed on the page.
    
 * `LDAP_IGNORE_CERT_ERRORS` (default: *FALSE*): If *TRUE* then problems with the certificate presented by the LDAP server will be ignored (for example FQDN mismatches).  Use this if your LDAP server is using a self-signed certificate and you don't have a CA certificate for it or you're connecting to a pool of different servers via round-robin DNS.
    
-* `LDAP_TLS_CACERT` (no default): If you need to use a specific CA certificate for TLS connections to the LDAP server (when `LDAP_REQUIRE_STARTTLS` is set) then assign the contents of the CA certificate to this variable.  e.g. `-e LDAP_TLS_CACERT=$(</path/to/ca.crt)`
+* `LDAP_TLS_CACERT` (no default): If you need to use a specific CA certificate for TLS connections to the LDAP server (when `LDAP_REQUIRE_STARTTLS` is set) then assign the contents of the CA certificate to this variable.  e.g. `-e LDAP_TLS_CACERT="$(</path/to/ca.crt)"` (ensure you're using quotes or you'll get an "invalid reference format: repository name must be lowercase" error.
+
+**Advanced LDAP settings**
+
+These settings should only be changed if you're trying to make the user manager work with an LDAP directory that's already populated and the defaults don't work.
+   
+* `LDAP_GROUP_MEMBERSHIP_ATTRIBUTE` (default: *memberUID* or *uniqueMember*):  The attribute used when adding a user's account to a group.  When the `groupOfMembers` objectClass is detected or force-enabled it defaults to `uniqueMember`, otherwise it'll default to `memberUID`. Explicitly setting this variable will override any default.
+   
+* `LDAP_GROUP_MEMBERSHIP_USES_UID` (default: *TRUE* or *FALSE*): If *TRUE* then the entry for a member of a group will be just the username, otherwise it's the member's full DN.  When the `groupOfMembers` objectClass is detected or force-enabled it defaults to `FALSE`, otherwise it'll default to `TRUE`. Explicitly setting this variable will override the default.
+   
+* `FORCE_RFC2307BIS` (default: *FALSE*): Set to *TRUE* if the auto-detection is failing to spot that the RFC2307BIS schema is available.  When *FALSE* the user manager will use auto-detection.  See [Using the RFC2307BIS schema](#using-the-rfc2307bis-schema) for more information.
+   
 
 **User account settings**   
 
@@ -145,8 +131,10 @@ Optional:
 * `ACCEPT_WEAK_PASSWORDS` (default: *FALSE*):  Set this to *TRUE* to prevent a password being rejected for being too weak.  The password strength indicators will still gauge the strength of the password.  Don't enable this in a production environment.
    
 
-**Email settings**
+**Email sending**
 
+To send emails you'll need to use an existing SMTP server.  Email sending will be disabled if `SMTP_HOSTNAME` isn't set.
+   
 * `SMTP_HOSTNAME` (no default): The hostname of an SMTP server - used to send emails when creating new accounts.
    
 * `SMTP_HOST_PORT` (default: *25*): The SMTP port on the SMTP server.
@@ -161,13 +149,18 @@ Optional:
    
 * `EMAIL_FROM_NAME` (default: *{SITE_NAME}*): The FROM name used when sending out emails.  The default name is taken from `SITE_NAME` under **Organisation settings**.
 
+**Account requests**
+
+* `ACCOUNT_REQUESTS_ENABLED` (default: *FALSE*): Set to TRUE in order to enable a form that people can fill in to request an account.  This will send an email to {ACCOUNT_REQUESTS_EMAIL} with their details and a link to the account creation page where the details will be filled in automatically.  You'll need to set up email sending (see **Email sending**, above) for this to work.  If this is enabled but email sending isn't then requests will be disabled and an error message sent to the logs.
+   
+* `ACCOUNT_REQUESTS_EMAIL` (default: *{EMAIL_FROM_ADDRESS}*): This is the email address that any requests for a new account are sent to.
 **Site security settings**   
 
 * `NO_HTTPS` (default: *FALSE*): If you set this to *TRUE* then the server will run in HTTP mode, without any encryption.  This is insecure and should only be used for testing.
    
-* `LOGIN_TIMEOUT_MINS` (default: *10 minutes*):  How long before an idle session will be timed out.
+* `SESSION_TIMEOUT` (default: *10 minutes*):  How long before an idle session will be timed out.
 
-**Debug settings**
+**Debugging settings**
 
 * `LDAP_DEBUG` (default: *FALSE*): Set to TRUE to increase the logging level for LDAP requests.  This will output passwords to the error log - don't enable this in a production environment.  This is for information on problems updating LDAP records and such.  To debug problems connecting to the LDAP server in the first place use `LDAP_VERBOSE_CONNECTION_LOGS`.
    
@@ -177,29 +170,24 @@ Optional:
    
 * `SMTP_LOG_LEVEL` (default: *0*): Set to between 1-4 to get SMTP logging information (0 disables SMTP debugging logs though it will still display errors). See https://github.com/PHPMailer/PHPMailer/wiki/SMTP-Debugging for details of the levels.
    
-Webserver SSL setup
+SSL setup
 ---
 
-When `NO_HTTPS` is set to **false** (the default), the webserver (Apache HTTPD) expects to find `/opt/ssl/server.key` and `/opt/ssl/server.crt`, and these certificates should match `SERVER_HOSTNAME`.  If these files aren't found then the startup script will create self-signed certificates based on `SERVER_HOSTNAME`.  To use your own key and certificate then you need to bind-mount a directory containing them to `/opt/ssl`.  The script will also look for `/opt/ssl/chain.pem` if you need to add a certificate chain file (the Apache `SSLCertificateChainFile` option).
+When `NO_HTTPS` is set to **FALSE** (the default), the webserver (Apache HTTPD) expects to find `/opt/ssl/server.key` and `/opt/ssl/server.crt`, and these certificates should match `SERVER_HOSTNAME`.  If these files aren't found then the startup script will create self-signed certificates based on `SERVER_HOSTNAME`.  To use your own key and certificate then you need to bind-mount a directory containing them to `/opt/ssl`.  You can also add a certificate chain file (the Apache `SSLCertificateChainFile` option) if needed - name it `chain.pem` and place it in the same directory as `server.key` and `server.crt` .
    
-e.g.:
+For example, if your key and certificate files are in `/home/myaccount/ssl` you can bind-mount that folder by adding this line to the docker run example above, just after the last line starting with `-e`:
 ```
-docker run \
-           --detach \
-           --name=lum \
-           -p 80:80 \
-           -p 443:443 \
-           -e SERVER_HOSTNAME=lum.ldapusermanager.org \
-           -v /your/ssl/cert/dir:/opt/ssl \
-           ...
-           ...
+-v /home/myaccount/ssl:/opt/ssl \
 
 ```
 
 Initial setup
 ---
 
-Ideally you'll be using this against an empty LDAP directory.  You can use the setup utility to create the LDAP structures that this tool needs in order to create accounts and groups.   Go to `https://_website-hostname_/setup` to get started.   You need to log in with the password for the admin user as set by `LDAP_ADMIN_BIND_DN`.   
+Ideally you'll be using this against an empty LDAP directory.  You can use the setup utility to create the LDAP structures that this user manager needs in order to create accounts and groups.   Go to `https://{SERVER_HOSTNAME}/setup` to get started (replace `{SERVER_HOSTNAME}` with whatever you set `SERVER_HOSTNAME` to in the Docker run command).   
+
+The log in password is the admin user's password (what `LDAP_ADMIN_BIND_DN` was set to).
+
 The setup utility will create the user and account trees, records that store the last UID and GID used when creating a user account or group, a group for admins and the initial admin account.
 
 ![initial_setup](https://user-images.githubusercontent.com/17613683/59344213-865b6400-8d05-11e9-9d86-381d59671530.png)
@@ -210,7 +198,7 @@ Sending emails
 
 When you create an account you'll have an option to send an email to the person you created the account for.  The email will give them their new username, password and a link to the self-service password change utility.   
 
-Emails are sent via SMTP, so you'll need to be able to connect to an SMTP server and pass in the settings for that server via environmental variables - see **Email settings** above.   
+Emails are sent via SMTP, so you'll need to be able to connect to an SMTP server and pass in the settings for that server via environmental variables - see **Email sending** above.   
 If you haven't passed in those settings or if the account you've created has no (valid) email address then the option to send an email will be disabled.
 
 When the account is created you'll be told if the email was sent or not but be aware that just because your SMTP server accepted the email it doesn't mean that it was able to deliver it.  If you get a message saying the email wasn't sent then check the logs for the error.  You can increase the log level (`SMTP_LOG_LEVEL`) to above 0 in order to see SMTP debug logs.
@@ -232,37 +220,52 @@ Anything else in the `USERNAME_FORMAT` string is left as defined, but the userna
 If `EMAIL_DOMAIN` is set then the email address field will be automatically updated in the form of `username@email_domain`.  Entering anything manually in that field will stop the automatic update of the email field.
 
 
+Using the RFC2307BIS schema
+---
+
+The user manager will attempt detect if your LDAP server has the RFC2307BIS schema available and, if it does, use it when creating groups.  This will allow you to use `memberOf` in LDAP searches which gives you an easy way to check if a user is a member of a group. For example: `(&(objectClass=posixAccount)(memberof=cn=somegroup,ou=groups,dc=ldapusermanager,dc=org))`.   See (this guide)[https://unofficialaciguide.com/2019/07/31/ldap-schemas-for-aci-administrators-rfc2307-vs-rfc2307bis/] for more information.   
+
+With OpenLDAP this schema isn't normally available by default; you need to configure your server to use the **RFC2307BIS** schema when setting up your directory.   
+   
+If for some reason you do have the schema available but it isn't being detected then you can force it's use by setting `FORCE_ENABLE_GROUP_OF_MEMBERS` to `TRUE`.   
+**Note**: if you force-enable using RFC2307BIS but your LDAP server doesn't have that schema available then creating and adding users to groups won't work and the user manager will throw errors.
+   
+If you plan on using [osixia/openldap](https://github.com/osixia/docker-openldap) as your LDAP server you can enable the RFC2307BIS schema by setting `LDAP_RFC2307BIS_SCHEMA` to `true` during the initial setup.
+
+
+
 Testing with an LDAP container
 --
 
-This will set up an OpenLDAP container you can use to test the user manager against.  It uses the BIS schema.  This won't be using HTTPS or TLS, so don't use this in production.
+This will set up an OpenLDAP container you can use to test the user manager against.  It uses the RFC2307BIS schema.
 ```
 docker run \
              --detach \
              --restart unless-stopped \
              --name openldap \
-             -e LDAP_ORGANISATION=wheelybird \
-             -e LDAP_DOMAIN=wheelybird.com \
-             -e LDAP_ADMIN_PASSWORD=change_me \
-             -e LDAP_RFC2307BIS_SCHEMA=true \
-             -e LDAP_REMOVE_CONFIG_AFTER_SETUP=true \
-             -e LDAP_TLS=false \
+             -e "LDAP_ORGANISATION=ldapusermanager" \
+             -e "LDAP_DOMAIN=ldapusermanager.org" \
+             -e "LDAP_ADMIN_PASSWORD=change_me" \
+             -e "LDAP_RFC2307BIS_SCHEMA=true" \
+             -e "LDAP_REMOVE_CONFIG_AFTER_SETUP=true" \
+             -e "LDAP_TLS_VERIFY_CLIENT=never" \
              -p 389:389
              --volume /opt/docker/openldap/var_lib_ldap:/var/lib/ldap \
              --volume /opt/docker/openldap/etc_ldap_slapd.d:/etc/ldap/slapd.d \
              osixia/openldap:latest
-             
+   
 docker run \
              --detach \
              --name=lum \
              -p 80:80 \
-             -e SERVER_HOSTNAME=localhost \
-             -e LDAP_URI=ldap://172.17.0.1 \
-             -e LDAP_BASE_DN=dc=wheelybird,dc=com \
-             -e LDAP_ADMINS_GROUP=admins \
-             -e LDAP_ADMIN_BIND_DN="cn=admin,dc=wheelybird,dc=com" \
-             -e LDAP_ADMIN_BIND_PWD=change_me \
-             -e NO_HTTPS=TRUE \
+             -p 443:443 \
+             -e "SERVER_HOSTNAME=localhost" \
+             -e "LDAP_URI=ldap://172.17.0.1" \
+             -e "LDAP_BASE_DN=dc=ldapusermanager,dc=org" \
+             -e "LDAP_ADMINS_GROUP=admins" \
+             -e "LDAP_ADMIN_BIND_DN=cn=admin,dc=ldapusermanager,dc=org" \
+             -e "LDAP_ADMIN_BIND_PWD=change_me" \
+             -e "LDAP_IGNORE_CERT_ERRORS=true" \
              wheelybird/ldap-user-manager:latest
 ```
-Now go to http://localhost/setup - the password is `change_me` (unless you changed it).
+Now go to https://localhost/setup - the password is `change_me` (unless you changed it).  As this will use self-signed certificates you might need to tell your browser to ignore certificate warnings.
diff --git a/entrypoint b/entrypoint
index c2ebde1..6ad7bf7 100644
--- a/entrypoint
+++ b/entrypoint
@@ -103,7 +103,7 @@ EoCertConf
   ########################
   #Create Apache config
 
-  if [ -f "/opt/tls/chain.pem" ]; then ssl_chain="SSLCertificateChainFile /opt/tls/chain.pem"; fi
+  if [ -f "${ssl_dir}/chain.pem" ]; then ssl_chain="SSLCertificateChainFile ${ssl_dir}/chain.pem"; fi
 
   cat <<EoHTTPSC >/etc/apache2/sites-enabled/lum.conf
 
diff --git a/www/account_manager/index.php b/www/account_manager/index.php
index e989755..097ee7c 100644
--- a/www/account_manager/index.php
+++ b/www/account_manager/index.php
@@ -48,9 +48,8 @@
  }
 
 }
-
+#'
 $people = ldap_get_user_list($ldap_connection);
-ldap_close($ldap_connection);
 
 ?>
 <div class="container">
@@ -64,15 +63,20 @@
      <th>First name</th>
      <th>Last name</th>
      <th>Email</th>
+     <th>Member of</th>
    </tr>
   </thead>
  <tbody>
 <?php
 foreach ($people as $username => $attribs){
+
+ $group_membership = ldap_user_group_membership($ldap_connection,$username);
+
  print " <tr>\n   <td><a href='/$THIS_MODULE_PATH/show_user.php?username=" . urlencode($username) . "'>$username</a></td>\n";
  print "   <td>" . $people[$username]['givenname'] . "</td>\n";
  print "   <td>" . $people[$username]['sn'] . "</td>\n";
  print "   <td>" . $people[$username]['mail'] . "</td>\n";
+ print "   <td>" . implode(", ", $group_membership) . "</td>\n";
  print " </tr>\n";
 }
 ?>
@@ -81,5 +85,6 @@
 </div>
 <?php
 
+ldap_close($ldap_connection);
 render_footer();
 ?>
diff --git a/www/account_manager/module_functions.inc.php b/www/account_manager/module_functions.inc.php
index b5f0726..8bda566 100644
--- a/www/account_manager/module_functions.inc.php
+++ b/www/account_manager/module_functions.inc.php
@@ -25,7 +25,7 @@ function render_submenu() {
         print '<li>';
        }
        print "<a href='/${THIS_MODULE_PATH}/{$path}'>" . ucwords($submodule) . "</a></li>\n";
-       
+
       }
      ?>
      </ul>
diff --git a/www/account_manager/new_user.php b/www/account_manager/new_user.php
index 8b40a07..7603094 100644
--- a/www/account_manager/new_user.php
+++ b/www/account_manager/new_user.php
@@ -33,9 +33,26 @@
 $invalid_username = FALSE;
 $weak_password = FALSE;
 $invalid_email = FALSE;
+$disabled_email_tickbox = TRUE;
 
-if ($SMTP['host'] != "") { $can_send_email = TRUE; } else { $can_send_email = FALSE; }
+if (isset($_GET['account_request'])) {
 
+  $first_name=filter_var($_GET['first_name'], FILTER_SANITIZE_STRING);
+  $last_name=filter_var($_GET['last_name'], FILTER_SANITIZE_STRING);
+  $email=filter_var($_GET['email'], FILTER_SANITIZE_EMAIL);
+  $username = generate_username($first_name,$last_name);
+
+  if ($email == "") {
+    if (isset($EMAIL_DOMAIN)) {
+      $email = $username . "@" . $EMAIL_DOMAIN;
+      $disabled_email_tickbox = FALSE;
+    }
+  }
+  else {
+    $disabled_email_tickbox = FALSE;
+  }
+
+}
 
 if (isset($_POST['create_account'])) {
 
@@ -53,7 +70,7 @@
  if (preg_match("/\"|'/",$password)) { $invalid_password = TRUE; }
  if ($_POST['password'] != $_POST['password_match']) { $mismatched_passwords = TRUE; }
  if (!preg_match("/$USERNAME_REGEX/",$username)) { $invalid_username = TRUE; }
- if (isset($_POST['send_email']) and isset($email) and $can_send_email == TRUE) { $send_user_email = TRUE; }
+ if (isset($_POST['send_email']) and isset($email) and $EMAIL_SENDING_ENABLED == TRUE) { $send_user_email = TRUE; }
 
 
  if (     isset($first_name)
@@ -84,8 +101,7 @@
 Username: $username
 Password: $password
 
-You should change your password as soon as possible.  Log into the account manager at ${SITE_PROTOCOL}${SERVER_HOSTNAME}/log_in using your credentials.
-Once logged in you can change your password at ${SITE_PROTOCOL}${SERVER_HOSTNAME}/change_password/
+You should change your password as soon as possible.  Go to ${SITE_PROTOCOL}${SERVER_HOSTNAME}/change_password and log in using your new credentials.  This will take you to a page where you can change your password.
 EoT;
 
       include_once "mail_functions.inc.php";
@@ -216,15 +232,15 @@ function back_to_hidden(passwordField,confirmField) {
 
  function check_email_validity(email) {
 
-  var check_regex = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
+  var check_regex = <?php print $JS_EMAIL_REGEX; ?>
 
   if (! check_regex.test(email) ) {
    document.getElementById("email_div").classList.add("has-error");
-   <?php if ($can_send_email == TRUE) { ?>document.getElementById("send_email_checkbox").disabled = true;<?php } ?>
+   <?php if ($EMAIL_SENDING_ENABLED == TRUE) { ?>document.getElementById("send_email_checkbox").disabled = true;<?php } ?>
   }
   else {
    document.getElementById("email_div").classList.remove("has-error");
-   <?php if ($can_send_email == TRUE) { ?>document.getElementById("send_email_checkbox").disabled = false;<?php } ?>
+   <?php if ($EMAIL_SENDING_ENABLED == TRUE) { ?>document.getElementById("send_email_checkbox").disabled = false;<?php } ?>
   }
 
  }
@@ -289,11 +305,11 @@ function check_email_validity(email) {
       </div>
      </div>
 
-<?php  if ($can_send_email == TRUE and $admin_setup != TRUE) { ?>
+<?php  if ($EMAIL_SENDING_ENABLED == TRUE and $admin_setup != TRUE) { ?>
       <div class="form-group" id="send_email_div">
        <label for="send_email" class="col-sm-3 control-label"> </label>
        <div class="col-sm-6">
-        <input tabindex="8" type="checkbox" class="form-check-input" id="send_email_checkbox" name="send_email" disabled>  Email these credentials to the user? 
+        <input tabindex="8" type="checkbox" class="form-check-input" id="send_email_checkbox" name="send_email" <?php if ($disabled_email_tickbox == TRUE) { print "disabled"; } ?>>  Email these credentials to the user?
        </div>
       </div>
 <?php } ?>
diff --git a/www/account_manager/show_group.php b/www/account_manager/show_group.php
index fd800e1..ad89cf8 100644
--- a/www/account_manager/show_group.php
+++ b/www/account_manager/show_group.php
@@ -79,7 +79,7 @@
 
  $non_members = array_diff($all_people,$updated_membership);
  $group_members = $updated_membership;
- 
+
  ?>
   <script>
     window.setTimeout(function() {
@@ -90,9 +90,9 @@
    <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="TRUE">&times;</span></button>
    <strong>Success!</strong> The group has been updated.
   </div>
- 
+
  <?php
- 
+
 }
 else {
  $group_members = $current_members;
@@ -108,16 +108,16 @@ function show_delete_group_button() {
 
   var group_del_submit = document.getElementById('delete_group');
   group_del_submit.classList.replace('invisible','visible');
-  
-  
+
+
  }
 
- 
+
  function update_form_with_users() {
-  
+
   var members_form = document.getElementById('group_members');
   var member_list_ul = document.getElementById('membership_list');
-  
+
   var member_list = member_list_ul.getElementsByTagName("li");
 
   for (var i = 0; i < member_list.length; ++i) {
@@ -126,11 +126,11 @@ function update_form_with_users() {
         hidden.name = i;
         hidden.value = member_list[i]['textContent'];
         members_form.appendChild(hidden);
-  
+
   }
-  
+
   members_form.submit();
- 
+
  }
 
  $(function () {
@@ -194,9 +194,9 @@ function update_form_with_users() {
   .list-arrows button {
           margin-bottom: 20px;
   }
-  
-  .right_button { 
-    width: 200px; 
+
+  .right_button {
+    width: 200px;
     float: right;
   }
 </style>
@@ -217,7 +217,7 @@ function update_form_with_users() {
   <div class="panel-body">
 
    <div class="row">
- 
+
         <div class="dual-list list-left col-md-5">
          <strong>Members</strong>
          <div class="well">
diff --git a/www/account_manager/show_user.php b/www/account_manager/show_user.php
index 85a0d11..d5450af 100644
--- a/www/account_manager/show_user.php
+++ b/www/account_manager/show_user.php
@@ -15,6 +15,8 @@
 $invalid_username = FALSE;
 $weak_password = FALSE;
 
+if ($SMTP['host'] != "") { $can_send_email = TRUE; } else { $can_send_email = FALSE; }
+
 $attribute_map = array( "givenname"      => "First name",
                         "sn"             => "Last name",
                         "uidnumber"      => "UID",
@@ -38,7 +40,7 @@
 exit(0);
 }
 else {
- $username =  (isset($_POST['username']) ? $_POST['username'] : $_GET['username']);
+ $username = (isset($_POST['username']) ? $_POST['username'] : $_GET['username']);
  $username = urldecode($username);
 }
 
@@ -55,33 +57,33 @@
 $ldap_search_query="(${LDAP['account_attribute']}=". ldap_escape($username, "", LDAP_ESCAPE_FILTER) . ")";
 $ldap_search = ldap_search( $ldap_connection, $LDAP['base_dn'], $ldap_search_query);
 
- 
+
 if ($ldap_search) {
- 
+
  $user = ldap_get_entries($ldap_connection, $ldap_search);
 
 
  ################################################
- 
+
  ### Check for updates
 
  if (isset($_POST['update_account'])) {
 
   $to_update = array();
-  
+
   foreach ($attribute_map as $key => $value) {
 
    if ($user[0][$key][0] != $_POST[$key]) {
     $to_update[$key] = $_POST[$key];
     $user[0][$key][0] = $_POST[$key];
    }
-  
+
   }
 
   if (isset($_POST['password']) and $_POST['password'] != "") {
-    
+
     $password = $_POST['password'];
-    
+
     if ((!is_numeric($_POST['pass_score']) or $_POST['pass_score'] < 3) and $ACCEPT_WEAK_PASSWORDS != TRUE) { $weak_password = TRUE; }
     if (preg_match("/\"|'/",$password)) { $invalid_password = TRUE; }
     if ($_POST['password'] != $_POST['password_match']) { $mismatched_passwords = TRUE; }
@@ -95,9 +97,38 @@
    }
   }
 
+  if (isset($_POST['send_email']) and isset($user[0]['mail'][0]) and $can_send_email == TRUE) {
+    $user_email = $user[0]['mail'][0];
+    $first_name = $user[0]['givenname'][0];
+    $last_name  = $user[0]['sn'][0];
+  }
 
   $updated_account = ldap_mod_replace($ldap_connection, $user[0]['dn'] , $to_update);
 
+  $sent_email_message="";
+  if ($updated_account and isset($user_email)) {
+
+      $mail_subject = "Your $ORGANISATION_NAME password has been reset.";
+
+$mail_body = <<<EoT
+Your password for $ORGANISATION_NAME has been reset.  Your new credentials are:
+
+Username: $username
+Password: $password
+
+You should change your password as soon as possible.  Go to ${SITE_PROTOCOL}${SERVER_HOSTNAME}/change_password and log in using your new credentials.  This will take you to a page where you can change your password.
+EoT;
+
+      include_once "mail_functions.inc.php";
+      $sent_email = send_email($user_email,"$first_name $last_name",$mail_subject,$mail_body);
+      if ($sent_email) {
+        $sent_email_message .= "  An email sent to $user_email.";
+      }
+      else {
+        $sent_email_message .= "  Unfortunately the email wasn't sent; check the logs for more information.";
+      }
+    }
+
   if ($updated_account) {
    ?>
    <script>
@@ -107,7 +138,7 @@
    </script>
    <div class="alert alert-success" role="alert">
     <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="TRUE">&times;</span></button>
-    <strong>Success!</strong> The group has been updated.
+    <strong>Success!</strong> The account has been updated.<?php print $sent_email_message; ?>
    </div>
   <?php
   }
@@ -118,9 +149,9 @@
                                    $(".alert").fadeTo(500, 0).slideUp(500, function(){ $(this).remove(); });
                                   }, 4000);
    </script>
-   <div class="alert alert-success" role="alert">
+   <div class="alert alert-danger" role="alert">
     <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="TRUE">&times;</span></button>
-    <strong>Success!</strong> The group has been updated.
+    <strong>Error!</strong> There was a problem updating the account.  Check the logs for more information.
    </div>
   <?php
   }
@@ -150,15 +181,9 @@
 
 
  $all_groups = ldap_get_group_list($ldap_connection);
- 
- $currently_member_of = array();
- 
- foreach ($all_groups as $this_group) {
-  if (ldap_is_group_member($ldap_connection,$this_group,$username)) {
-   array_push($currently_member_of,$this_group);
-  }
- }
- 
+
+ $currently_member_of = ldap_user_group_membership($ldap_connection,$username);
+
  $not_member_of = array_diff($all_groups,$currently_member_of);
 
 
@@ -177,7 +202,6 @@
   $groups_to_add = array_diff($updated_group_membership,$currently_member_of);
   $groups_to_del = array_diff($currently_member_of,$updated_group_membership);
 
-
   foreach ($groups_to_del as $this_group) {
    ldap_delete_member_from_group($ldap_connection,$this_group,$username);
   }
@@ -196,11 +220,11 @@
    </script>
    <div class="alert alert-success" role="alert">
     <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="TRUE">&times;</span></button>
-    <strong>Success!</strong> The group has been updated.
+    <strong>Success!</strong> The group membership has been updated.
    </div>
 
   <?php
- 
+
  }
  else {
   $member_of = $currently_member_of;
@@ -216,22 +240,22 @@
 <script src="//cdnjs.cloudflare.com/ajax/libs/zxcvbn/1.0/zxcvbn.min.js"></script>
 <script type="text/javascript" src="/js/zxcvbn-bootstrap-strength-meter.js"></script>
 <script type="text/javascript">
- $(document).ready(function(){	
+ $(document).ready(function(){
    $("#StrengthProgressBar").zxcvbnProgressBar({ passwordInput: "#password" });
  });
 </script>
 <script type="text/javascript" src="/js/generate_passphrase.js"></script>
 <script type="text/javascript" src="/js/wordlist.js"></script>
 <script>
- 
+
  function show_delete_user_button() {
 
   group_del_submit = document.getElementById('delete_user');
   group_del_submit.classList.replace('invisible','visible');
-  
-  
+
+
  }
- 
+
  function check_passwords_match() {
 
    if (document.getElementById('password').value != document.getElementById('confirm').value ) {
@@ -245,23 +269,23 @@ function check_passwords_match() {
   }
 
  function random_password() {
-  
+
   generatePassword(4,'-','password','confirm');
   $("#StrengthProgressBar").zxcvbnProgressBar({ passwordInput: "#password" });
  }
- 
+
  function back_to_hidden(passwordField,confirmField) {
 
   var passwordField = document.getElementById(passwordField).type = 'password';
   var confirmField = document.getElementById(confirmField).type = 'password';
 
  }
- 
+
  function update_form_with_groups() {
-  
+
   var group_form = document.getElementById('update_with_groups');
   var group_list_ul = document.getElementById('member_of_list');
-  
+
   var group_list = group_list_ul.getElementsByTagName("li");
 
   for (var i = 0; i < group_list.length; ++i) {
@@ -270,11 +294,11 @@ function update_form_with_groups() {
         hidden.name = i;
         hidden.value = group_list[i]['textContent'];
         group_form.appendChild(hidden);
-  
+
   }
-  
+
   group_form.submit();
- 
+
  }
 
  $(function () {
@@ -323,6 +347,34 @@ function update_form_with_groups() {
 
 
 </script>
+
+<script>
+
+ function check_if_we_should_enable_sending_email() {
+
+  var check_regex = <?php print $JS_EMAIL_REGEX; ?>
+
+
+  <?php if ($can_send_email == TRUE) { ?>
+  if (check_regex.test(document.getElementById("mail").value) && document.getElementById("password").value.length > 0 ) {
+    document.getElementById("send_email_checkbox").disabled = false;
+  }
+  else {
+    document.getElementById("send_email_checkbox").disabled = true;
+  }
+
+  <?php } ?>
+  if (check_regex.test(document.getElementById('mail').value)) {
+   document.getElementById("mail_div").classList.remove("has-error");
+  }
+  else {
+   document.getElementById("mail_div").classList.add("has-error");
+  }
+
+ }
+
+</script>
+
 <div class="container">
  <div class="col-sm-7">
 
@@ -341,16 +393,18 @@ function update_form_with_groups() {
       <input type="hidden" name="update_account">
       <input type="hidden" id="pass_score" value="0" name="pass_score">
       <input type="hidden" name="username" value="<?php print $username; ?>">
-     
+
 
 <?php
 
   foreach ($attribute_map as $key => $value) {
   ?>
-      <div class="form-group">
+      <div class="form-group" id="<?php print $key; ?>_div">
        <label for="<?php print $key; ?>" class="col-sm-3 control-label"><?php print $value; ?></label>
        <div class="col-sm-6">
-        <input type="text" class="form-control" id="<?php print $key; ?>" name="<?php print $key; ?>" value="<?php print $user[0][$key][0]; ?>">
+        <input type="text" class="form-control" id="<?php print $key; ?>" name="<?php print $key; ?>" value="<?php print $user[0][$key][0]; ?>" <?php
+          if ($key == "mail") { print 'onkeyup="check_if_we_should_enable_sending_email();"'; }
+        ?>>
        </div>
       </div>
   <?php
@@ -360,10 +414,10 @@ function update_form_with_groups() {
      <div class="form-group" id="password_div">
       <label for="password" class="col-sm-3 control-label">Password</label>
       <div class="col-sm-6">
-       <input type="password" class="form-control" id="password" name="password" onkeyup="back_to_hidden('password','confirm');">
+       <input type="password" class="form-control" id="password" name="password" onkeyup="back_to_hidden('password','confirm'); check_if_we_should_enable_sending_email();">
       </div>
       <div class="col-sm-1">
-       <input type="button" class="btn btn-sm" id="password_generator" onclick="random_password();" value="Generate password">
+       <input type="button" class="btn btn-sm" id="password_generator" onclick="random_password(); check_if_we_should_enable_sending_email();" value="Generate password">
       </div>
      </div>
 
@@ -374,6 +428,16 @@ function update_form_with_groups() {
       </div>
      </div>
 
+<?php  if ($can_send_email == TRUE) { ?>
+      <div class="form-group" id="send_email_div">
+       <label for="send_email" class="col-sm-3 control-label"> </label>
+       <div class="col-sm-6">
+        <input type="checkbox" class="form-check-input" id="send_email_checkbox" name="send_email" disabled>  Email the updated credentials to the user?
+       </div>
+      </div>
+<?php } ?>
+
+
      <div class="form-group">
        <p align='center'><button type="submit" class="btn btn-default">Update account details</button></p>
      </div>
@@ -392,7 +456,7 @@ function update_form_with_groups() {
 
 <div class="container">
  <div class="col-sm-12">
- 
+
   <div class="panel panel-default">
    <div class="panel-heading clearfix">
     <h3 class="panel-title pull-left" style="padding-top: 7.5px;">Group membership</h3>
diff --git a/www/account_manager/test.php b/www/account_manager/test.php
new file mode 100644
index 0000000..b5e5646
--- /dev/null
+++ b/www/account_manager/test.php
@@ -0,0 +1,26 @@
+<?php
+
+set_include_path( ".:" . __DIR__ . "/../includes/");
+
+include_once "web_functions.inc.php";
+include_once "ldap_functions.inc.php";
+include_once "module_functions.inc.php";
+
+
+render_header("LDAP manager");
+render_submenu();
+
+$ldap_connection = open_ldap_connection();
+
+
+print "<pre>";
+print $schema_base_dn . "\n";
+print_r($gom_results);
+print "\n\n\n\n";
+print_r($gom_r_search);
+print "</pre>";
+
+
+
+render_footer();
+?>
diff --git a/www/includes/config.inc.php b/www/includes/config.inc.php
index d82ae0b..7c7df9f 100644
--- a/www/includes/config.inc.php
+++ b/www/includes/config.inc.php
@@ -1,5 +1,7 @@
 <?php
 
+ $log_prefix = "";
+
  #Mandatory
 
  $LDAP['uri'] = getenv('LDAP_URI');
@@ -14,23 +16,15 @@
  $LDAP['group_ou'] = (getenv('LDAP_GROUP_OU') ? getenv('LDAP_GROUP_OU') : 'groups');
  $LDAP['user_ou'] = (getenv('LDAP_USER_OU') ? getenv('LDAP_USER_OU') : 'people');
 
- $LDAP['nis_schema'] = ((strcasecmp(getenv('LDAP_USES_NIS_SCHEMA'),'TRUE') == 0) ? TRUE : FALSE);
+ $LDAP['forced_rfc2308bis'] = ((strcasecmp(getenv('FORCE_RFC2307BIS'),'TRUE') == 0) ? TRUE : FALSE);
 
- if ($LDAP['nis_schema'] == TRUE) {
-  $default_membership_attribute = 'memberuid';
-  $default_group_membership_uses_uid = TRUE;
- }
- else {
-  $default_membership_attribute = 'uniquemember';
-  $default_group_membership_uses_uid = FALSE;
- }
-
- $LDAP['group_membership_attribute'] = (getenv('LDAP_GROUP_MEMBERSHIP_ATTRIBUTE') ? getenv('LDAP_GROUP_MEMBERSHIP_ATTRIBUTE') : $default_membership_attribute);
- $LDAP['group_membership_uses_uid'] = ((strcasecmp(getenv('LDAP_GROUP_MEMBERSHIP_USES_UID'),'TRUE') == 0) ? TRUE : $default_group_membership_uses_uid);
+ if (getenv('LDAP_GROUP_MEMBERSHIP_ATTRIBUTE')) { $LDAP['group_membership_attribute'] = getenv('LDAP_GROUP_MEMBERSHIP_ATTRIBUTE'); }
+ if (getenv('LDAP_GROUP_MEMBERSHIP_USES_UID') and strtoupper(getenv('LDAP_GROUP_MEMBERSHIP_USES_UID')) == TRUE )  { $LDAP['group_membership_uses_uid']  = TRUE; }
 
  $LDAP['account_attribute'] = 'uid';
  $LDAP['require_starttls'] = ((strcasecmp(getenv('LDAP_REQUIRE_STARTTLS'),'TRUE') == 0) ? TRUE : FALSE);
  $LDAP['ignore_cert_errors'] = ((strcasecmp(getenv('LDAP_IGNORE_CERT_ERRORS'),'TRUE') == 0) ? TRUE : FALSE);
+ $LDAP['rfc2307bis_check_run'] = FALSE;
 
  $DEFAULT_USER_GROUP = (getenv('DEFAULT_USER_GROUP') ? getenv('DEFAULT_USER_GROUP') : 'everybody');
  $DEFAULT_USER_SHELL = (getenv('DEFAULT_USER_SHELL') ? getenv('DEFAULT_USER_SHELL') : '/bin/bash');
@@ -46,7 +40,7 @@
  if (getenv('PASSWORD_HASH')) { $PASSWORD_HASH = strtoupper(getenv('PASSWORD_HASH')); }
 
  $ACCEPT_WEAK_PASSWORDS = ((strcasecmp(getenv('ACCEPT_WEAK_PASSWORDS'),'TRUE') == 0) ? TRUE : FALSE);
- $LOGIN_TIMEOUT_MINS = (getenv('SESSION_TIMEOUT') ? getenv('SESSION_TIMEOUT') : 10);
+ $SESSION_TIMEOUT = (getenv('SESSION_TIMEOUT') ? getenv('SESSION_TIMEOUT') : 10);
 
  $LDAP_DEBUG = ((strcasecmp(getenv('LDAP_DEBUG'),'TRUE') == 0) ? TRUE : FALSE);
  $LDAP_VERBOSE_CONNECTION_LOGS = ((strcasecmp(getenv('LDAP_VERBOSE_CONNECTION_LOGS'),'TRUE') == 0) ? TRUE : FALSE);
@@ -76,11 +70,22 @@
  $EMAIL['from_address'] = (getenv('EMAIL_FROM_ADDRESS') ? getenv('EMAIL_FROM_ADDRESS') : "admin@" . $default_email_from_domain );
  $EMAIL['from_name'] = (getenv('EMAIL_FROM_NAME') ? getenv('EMAIL_FROM_NAME') : $SITE_NAME );
 
- $NO_HTTPS = ((strcasecmp(getenv('NO_HTTPS'),'TRUE') == 0) ? TRUE : FALSE);
+ if ($SMTP['host'] != "") { $EMAIL_SENDING_ENABLED = TRUE; } else { $EMAIL_SENDING_ENABLED = FALSE; }
+
 
  ###
 
- $log_prefix = "";
+ $ACCOUNT_REQUESTS_ENABLED = ((strcasecmp(getenv('ACCOUNT_REQUESTS_ENABLED'),'TRUE') == 0) ? TRUE : FALSE);
+ if ($EMAIL_SENDING_ENABLED == FALSE) { 
+   $ACCOUNT_REQUESTS_ENABLED = FALSE;
+   error_log("$log_prefix Config: ACCOUNT_REQUESTS_ENABLED was set to TRUE but SMTP_HOSTNAME wasn't set, so account requesting has been disabled as we can't send out the request email",0);
+ }
+
+ $ACCOUNT_REQUESTS_EMAIL = (getenv('ACCOUNT_REQUESTS_EMAIL') ? getenv('ACCOUNT_REQUESTS_EMAIL') : $EMAIL['from_address']);
+
+ ###
+
+ $NO_HTTPS = ((strcasecmp(getenv('NO_HTTPS'),'TRUE') == 0) ? TRUE : FALSE);
 
  ###
 
diff --git a/www/includes/ldap_functions.inc.php b/www/includes/ldap_functions.inc.php
index e538116..3149fca 100644
--- a/www/includes/ldap_functions.inc.php
+++ b/www/includes/ldap_functions.inc.php
@@ -6,7 +6,7 @@
 
 function open_ldap_connection() {
 
- global $log_prefix, $LDAP, $SENT_HEADERS, $LDAP_DEBUG, $LDAP_IS_SECURE;
+ global $log_prefix, $LDAP, $SENT_HEADERS, $LDAP_DEBUG, $LDAP_IS_SECURE, $LDAP_VERBOSE_CONNECTION_LOGS;
 
  if ($LDAP['ignore_cert_errors'] == TRUE) { putenv('LDAPTLS_REQCERT=never'); }
  $ldap_connection = @ ldap_connect($LDAP['uri']);
@@ -423,6 +423,8 @@ function ldap_get_group_members($ldap_connection,$group_name,$start=0,$entries=N
 
  global $log_prefix, $LDAP, $LDAP_DEBUG;
 
+ if ($LDAP['rfc2307bis_check_run'] != TRUE) { $rfc2307bis_available = ldap_detect_rfc2307bis($ldap_connection); }
+
  $ldap_search_query = "(cn=". ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ")";
  $ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query, array($LDAP['group_membership_attribute']));
 
@@ -468,6 +470,8 @@ function ldap_is_group_member($ldap_connection,$group_name,$username) {
 
  global $log_prefix, $LDAP, $LDAP_DEBUG;
 
+ if ($LDAP['rfc2307bis_check_run'] != TRUE) { $rfc2307bis_available = ldap_detect_rfc2307bis($ldap_connection); }
+
  $ldap_search_query = "(cn=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ")";
  $ldap_search = ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query);
  $result = ldap_get_entries($ldap_connection, $ldap_search);
@@ -486,12 +490,42 @@ function ldap_is_group_member($ldap_connection,$group_name,$username) {
 }
 
 
+##################################
+
+function ldap_user_group_membership($ldap_connection,$username) {
+
+ global $log_prefix, $LDAP, $LDAP_DEBUG;
+
+ if ($LDAP['rfc2307bis_check_run'] != TRUE) { $rfc2307bis_available = ldap_detect_rfc2307bis($ldap_connection); }
+
+ if ($LDAP['group_membership_uses_uid'] == FALSE) {
+  $username = "${LDAP['account_attribute']}=$username,${LDAP['user_dn']}";
+ }
+
+ $ldap_search_query = "(&(objectClass=posixGroup)(${LDAP['group_membership_attribute']}=${username}))";
+ $ldap_search = ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query, array('cn'));
+ $result = ldap_get_entries($ldap_connection, $ldap_search);
+
+ $groups = array();
+ foreach ($result as $record) {
+  if (isset($record['cn'][0])) {
+   array_push($groups, $record['cn'][0]);
+  }
+ }
+ sort($groups);
+ return $groups;
+
+}
+
+
 ##################################
 
 function ldap_new_group($ldap_connection,$group_name) {
 
  global $log_prefix, $LDAP, $LDAP_DEBUG;
 
+ if ($LDAP['rfc2307bis_check_run'] != TRUE) { $rfc2307bis_available = ldap_detect_rfc2307bis($ldap_connection); }
+
  if (isset($group_name)) {
 
   $ldap_search_query = "(cn=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ",${LDAP['group_dn']})";
@@ -503,7 +537,7 @@ function ldap_new_group($ldap_connection,$group_name) {
    $highest_gid = ldap_get_highest_id($ldap_connection,'gid');
    $new_gid = $highest_gid + 1;
 
-   if ($LDAP['nis_schema'] == TRUE) {
+   if ($rfc2307bis_available == FALSE) {
     $new_group_array=array( 'objectClass' => array('top','posixGroup'),
                             'cn' => $group_name,
                             'gidNumber' => $new_gid
@@ -714,6 +748,8 @@ function ldap_add_member_to_group($ldap_connection,$group_name,$username) {
 
   global $log_prefix, $LDAP, $LDAP_DEBUG;
 
+  if ($LDAP['rfc2307bis_check_run'] != TRUE) { $rfc2307bis_available = ldap_detect_rfc2307bis($ldap_connection); }
+
   $group_dn = "cn=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ",${LDAP['group_dn']}";
 
   if ($LDAP['group_membership_uses_uid'] == FALSE) {
@@ -741,6 +777,8 @@ function ldap_delete_member_from_group($ldap_connection,$group_name,$username) {
 
   global $log_prefix, $LDAP, $LDAP_DEBUG;
 
+  if ($LDAP['rfc2307bis_check_run'] != TRUE) { $rfc2307bis_available = ldap_detect_rfc2307bis($ldap_connection); }
+
   $group_dn = "cn=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ",${LDAP['group_dn']}";
 
   if ($LDAP['group_membership_uses_uid'] == FALSE) {
@@ -802,4 +840,76 @@ function ldap_change_password($ldap_connection,$username,$new_password) {
 }
 
 
+##################################
+
+function ldap_detect_rfc2307bis($ldap_connection) {
+
+ global $log_prefix, $LDAP, $LDAP_DEBUG;
+
+ $bis_available = FALSE;
+
+ if ($LDAP['forced_rfc2307bis'] == TRUE) {
+  if ($LDAP_DEBUG == TRUE) { error_log("$log_prefix LDAP RFC2307BIS detection - skipping autodetection because FORCE_RFC2307BIS is TRUE"); }
+  $bis_available = TRUE;
+ }
+ else {
+
+  $schema_base_query = @ ldap_read($ldap_connection,"","subschemaSubentry=*",array('subschemaSubentry'));
+
+  if (!$schema_base_query) {
+   error_log("$log_prefix LDAP RFC2307BIS detection - unable to query LDAP for objectClasses under ${schema_base_dn}:" . ldap_error($ldap_connection));
+   error_log("$log_prefix LDAP RFC2307BIS detection - we'll assume that the RFC2307BIS schema isn't available.  Set FORCE_RFC2307BIS to TRUE if you DO use RFC2307BIS.");
+  }
+  else {
+   $schema_base_results = @ ldap_get_entries($ldap_connection, $schema_base_query);
+
+   if ($schema_base_results) {
+
+    $schema_base_dn = $schema_base_results[0]['subschemasubentry'][0];
+    if ($LDAP_DEBUG == TRUE) { error_log("$log_prefix LDAP RFC2307BIS detection - found that the 'subschemaSubentry' base DN is '$schema_base_dn'",0); }
+
+    $objclass_query = @ ldap_read($ldap_connection,$schema_base_dn,"(objectClasses=*)",array('objectClasses'));
+    if (!$objclass_query) {
+     error_log("$log_prefix LDAP RFC2307BIS detection - unable to query LDAP for objectClasses under ${schema_base_dn}:" . ldap_error($ldap_connection));
+    }
+    else {
+     $objclass_results = @ ldap_get_entries($ldap_connection, $objclass_query);
+     $this_count = $objclass_results[0]['objectclasses']['count'];
+     if ($this_count > 0) {
+      if ($LDAP_DEBUG == TRUE) { error_log("$log_prefix LDAP RFC2307BIS detection - found $this_count objectClasses under $schema_base_dn" ,0); }
+      $posixgroup_search = preg_grep("/NAME 'posixGroup'.*AUXILIARY/",$objclass_results[0]['objectclasses']);
+      if (count($posixgroup_search) > 0) {
+       if ($LDAP_DEBUG == TRUE) { error_log("$log_prefix LDAP RFC2307BIS detection - found AUXILIARY in posixGroup definition which suggests we're using the RFC2307BIS schema" ,0); }
+       $bis_available = TRUE;
+      }
+      else {
+       if ($LDAP_DEBUG == TRUE) { error_log("$log_prefix LDAP RFC2307BIS detection - couldn't find AUXILIARY in the posixGroup definition which suggests we're not using the RFC2307BIS schema.  Set FORCE_RFC2307BIS to TRUE if you DO use RFC2307BIS. " ,0); }
+      }
+     }
+     else {
+      if ($LDAP_DEBUG == TRUE) { error_log("$log_prefix LDAP RFC2307BIS detection - no objectClasses were returned when searching under $schema_base_dn" ,0); }
+     }
+    }
+   }
+   else {
+    if ($LDAP_DEBUG == TRUE) { error_log("$log_prefix LDAP RFC2307BIS detection - unable to detect the subschemaSubentry base DN" ,0); }
+   }
+  }
+ }
+
+ $LDAP['rfc2307bis_check_run'] == TRUE;
+ if ($bis_available == TRUE) {
+  if (!isset($LDAP['group_membership_attribute'])) { $LDAP['group_membership_attribute'] = 'uniquemember'; }
+  if (!isset($LDAP['group_membership_uses_uid'])) { $LDAP['group_membership_uses_uid'] = FALSE; }
+  return TRUE;
+ }
+ else {
+  if (!isset($LDAP['group_membership_attribute'])) { $LDAP['group_membership_attribute'] = 'memberuid'; }
+  if (!isset($LDAP['group_membership_uses_uid'])) { $LDAP['group_membership_uses_uid'] = TRUE; }
+  return FALSE;
+ }
+
+
+}
+
 ?>
diff --git a/www/includes/mail_functions.inc.php b/www/includes/mail_functions.inc.php
index ac74561..312f422 100644
--- a/www/includes/mail_functions.inc.php
+++ b/www/includes/mail_functions.inc.php
@@ -35,7 +35,7 @@ function send_email($recipient_email,$recipient_name,$subject,$body) {
     return FALSE;
   }
   else {
-    error_log("$log_prefix New user: sent a new account email to $recipient_email ($recipient_name)");
+    error_log("$log_prefix SMTP: sent an email to $recipient_email ($recipient_name)");
     return TRUE;
   }
 
diff --git a/www/includes/modules.inc.php b/www/includes/modules.inc.php
index 61507aa..c44e0d7 100644
--- a/www/includes/modules.inc.php
+++ b/www/includes/modules.inc.php
@@ -3,7 +3,7 @@
  #Modules and how they can be accessed.
 
  #access:
- #user = need to be logged-in to see it
+ #auth = need to be logged-in to see it
  #hidden_on_login = only visible when not logged in
  #admin = need to be logged in as an admin to see it
 
@@ -14,4 +14,8 @@
                     'log_out'         => 'auth'
                   );
 
+if ($ACCOUNT_REQUESTS_ENABLED == TRUE) {
+  $MODULES['request_account'] = 'hidden_on_login';
+}
+
 ?>
diff --git a/www/includes/web_functions.inc.php b/www/includes/web_functions.inc.php
index d859cf8..f0ac314 100644
--- a/www/includes/web_functions.inc.php
+++ b/www/includes/web_functions.inc.php
@@ -9,6 +9,7 @@
 unset($USER_ID);
 $CURRENT_PAGE=htmlentities($_SERVER['PHP_SELF']);
 $SENT_HEADERS = FALSE;
+$SESSION_TIMED_OUT = FALSE;
 
 $paths=explode('/',getcwd());
 $THIS_MODULE_PATH=end($paths);
@@ -17,6 +18,8 @@
 $WARN_ICON = "&#9888;";
 $FAIL_ICON = "&#9940;";
 
+$JS_EMAIL_REGEX='/^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;';
+
 if (isset($_SERVER['HTTPS']) and
    ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1) or
    isset($_SERVER['HTTP_X_FORWARDED_PROTO']) and
@@ -27,8 +30,8 @@
   $SITE_PROTOCOL = 'http://';
 }
 
-include ("modules.inc.php");   # module definitions
 include ("config.inc.php");    # get local settings
+include ("modules.inc.php");   # module definitions
 
 validate_passkey_cookie();
 
@@ -50,7 +53,7 @@ function set_passkey_cookie($user_id,$is_admin) {
 
  # Create a random value, store it locally and set it in a cookie.
 
- global $LOGIN_TIMEOUT_MINS, $VALIDATED, $USER_ID, $IS_ADMIN, $log_prefix, $SESSION_DEBUG;
+ global $SESSION_TIMEOUT, $VALIDATED, $USER_ID, $IS_ADMIN, $log_prefix, $SESSION_DEBUG;
 
 
  $passkey = generate_passkey();
@@ -63,7 +66,8 @@ function set_passkey_cookie($user_id,$is_admin) {
  }
  $filename = preg_replace('/[^a-zA-Z0-9]/','_', $user_id);
  @ file_put_contents("/tmp/$filename","$passkey:$admin_val:$this_time");
- setcookie('orf_cookie', "$user_id:$passkey", $this_time+(60 * $LOGIN_TIMEOUT_MINS), '/', '', '', TRUE);
+ setcookie('orf_cookie', "$user_id:$passkey", $this_time+(60 * $SESSION_TIMEOUT), '/', '', '', TRUE);
+ setcookie('sessto_cookie', $this_time+(60 * $SESSION_TIMEOUT), $this_time+7200, '/', '', '', TRUE);
  if ( $SESSION_DEBUG == TRUE) {  error_log("$log_prefix Session: user $user_id validated (IS_ADMIN=${IS_ADMIN}), sent orf_cookie to the browser.",0); }
  $VALIDATED = TRUE;
 
@@ -74,7 +78,9 @@ function set_passkey_cookie($user_id,$is_admin) {
 
 function validate_passkey_cookie() {
 
- global $LOGIN_TIMEOUT_MINS, $IS_ADMIN, $USER_ID, $VALIDATED, $log_prefix, $SESSION_DEBUG;
+ global $SESSION_TIMEOUT, $IS_ADMIN, $USER_ID, $VALIDATED, $log_prefix, $SESSION_TIMED_OUT, $SESSION_DEBUG;
+
+ $this_time=time();
 
  if (isset($_COOKIE['orf_cookie'])) {
 
@@ -89,26 +95,34 @@ function validate_passkey_cookie() {
   }
   else {
    list($f_passkey,$f_is_admin,$f_time) = explode(":",$session_file);
-   $this_time=time();
-   if (!empty($c_passkey) and $f_passkey == $c_passkey and $this_time < $f_time+(60 * $LOGIN_TIMEOUT_MINS)) {
+   if (!empty($c_passkey) and $f_passkey == $c_passkey and $this_time < $f_time+(60 * $SESSION_TIMEOUT)) {
     if ($f_is_admin == 1) { $IS_ADMIN = TRUE; }
     $VALIDATED = TRUE;
     $USER_ID=$user_id;
     if ( $SESSION_DEBUG == TRUE) {  error_log("$log_prefix Setup session: Cookie and session file values match for user ${user_id} - VALIDATED (ADMIN = ${IS_ADMIN})",0); }
     set_passkey_cookie($USER_ID,$IS_ADMIN);
    }
-   elseif ( $SESSION_DEBUG == TRUE ) {
+   else {
+    if ( $SESSION_DEBUG == TRUE ) {
      $this_error="$log_prefix Session: orf_cookie was sent by the client and the session file was found at /tmp/$filename, but";
-     if ($this_time < $f_time+(60 * $LOGIN_TIMEOUT_MINS)) { $this_error .= " the timestamp was older than the login timeout ($LOGIN_TIMEOUT_MINS);"; }
-     if (empty($c_passkey)) { $this_error .= " the cookie passkey wasn't set;"; }
-     if ($c_passkey != $f_passkey) { $this_error .= " the session file passkey didn't match the cookie passkey;"; }
-     $this_error += " Cookie: ${_COOKIE['orf_cookie']} - Session file contents: $session_file";
-     error_log($this_error,0);
+      if (empty($c_passkey)) { $this_error .= " the cookie passkey wasn't set;"; }
+      if ($c_passkey != $f_passkey) { $this_error .= " the session file passkey didn't match the cookie passkey;"; }
+      $this_error += " Cookie: ${_COOKIE['orf_cookie']} - Session file contents: $session_file";
+      error_log($this_error,0);
+    }
    }
   }
+  
  }
- elseif ( $SESSION_DEBUG == TRUE) {
-   error_log("$log_prefix Session: orf_cookie wasn't sent by the client.",0);
+ else {
+  if ( $SESSION_DEBUG == TRUE) { error_log("$log_prefix Session: orf_cookie wasn't sent by the client.",0); }
+  if (isset($_COOKIE['sessto_cookie'])) {
+   $this_session_timeout = $_COOKIE['sessto_cookie'];
+   if ($this_time >= $this_session_timeout) {
+    $SESSION_TIMED_OUT = TRUE;
+    if ( $SESSION_DEBUG == TRUE) { error_log("$log_prefix Session: The session had timed-out (over $SESSION_TIMEOUT mins idle).",0); }
+   }
+  }
  }
 
 }
@@ -120,7 +134,7 @@ function set_setup_cookie() {
 
  # Create a random value, store it locally and set it in a cookie.
 
- global $LOGIN_TIMEOUT_MINS, $IS_SETUP_ADMIN, $log_prefix, $SESSION_DEBUG;
+ global $SESSION_TIMEOUT, $IS_SETUP_ADMIN, $log_prefix, $SESSION_DEBUG;
 
  $passkey = generate_passkey();
  $this_time=time();
@@ -128,8 +142,8 @@ function set_setup_cookie() {
  $IS_SETUP_ADMIN = TRUE;
 
  file_put_contents("/tmp/ldap_setup","$passkey:$this_time");
-# setcookie('setup_cookie', "$passkey", $this_time+(60 * $LOGIN_TIMEOUT_MINS), '/', $_SERVER["HTTP_HOST"]);
- setcookie('setup_cookie', "$passkey", $this_time+(60 * $LOGIN_TIMEOUT_MINS), '/', '', '', TRUE);
+# setcookie('setup_cookie', "$passkey", $this_time+(60 * $SESSION_TIMEOUT), '/', $_SERVER["HTTP_HOST"]);
+ setcookie('setup_cookie', "$passkey", $this_time+(60 * $SESSION_TIMEOUT), '/', '', '', TRUE);
  if ( $SESSION_DEBUG == TRUE) {  error_log("$log_prefix Setup session: sent setup_cookie to the client.",0); }
 
 }
@@ -139,7 +153,7 @@ function set_setup_cookie() {
 
 function validate_setup_cookie() {
 
- global $LOGIN_TIMEOUT_MINS, $IS_SETUP_ADMIN, $log_prefix, $SESSION_DEBUG;
+ global $SESSION_TIMEOUT, $IS_SETUP_ADMIN, $log_prefix, $SESSION_DEBUG;
 
  if (isset($_COOKIE['setup_cookie'])) {
 
@@ -151,14 +165,13 @@ function validate_setup_cookie() {
   }
   list($f_passkey,$f_time) = explode(":",$session_file);
   $this_time=time();
-  if (!empty($c_passkey) and $f_passkey == $c_passkey and $this_time < $f_time+(60 * $LOGIN_TIMEOUT_MINS)) {
+  if (!empty($c_passkey) and $f_passkey == $c_passkey and $this_time < $f_time+(60 * $SESSION_TIMEOUT)) {
    $IS_SETUP_ADMIN = TRUE;
    if ( $SESSION_DEBUG == TRUE) {  error_log("$log_prefix Setup session: Cookie and session file values match - VALIDATED ",0); }
    set_setup_cookie();
   }
   elseif ( $SESSION_DEBUG == TRUE) {
    $this_error="$log_prefix Setup session: setup_cookie was sent by the client and the session file was found at /tmp/ldap_setup, but";
-   if ($this_time < $f_time+(60 * $LOGIN_TIMEOUT_MINS)) { $this_error .= " the timestamp was older than the login timeout ($LOGIN_TIMEOUT_MINS);"; }
    if (empty($c_passkey)) { $this_error .= " the cookie passkey wasn't set;"; }
    if ($c_passkey != $f_passkey) { $this_error .= " the session file passkey didn't match the cookie passkey;"; }
    $this_error += " Cookie: ${_COOKIE['setup_cookie']} - Session file contents: $session_file";
@@ -181,6 +194,7 @@ function log_out($method='normal') {
  global $USER_ID;
 
  setcookie('orf_cookie', "", time()-20000, '/', '', '', TRUE);
+ setcookie('sessto_cookie', "", time()-20000, '/', '', '', TRUE);
 
  $filename = preg_replace('/[^a-zA-Z0-9]/','_', $USER_ID);
  @ unlink("/tmp/$filename");
@@ -289,7 +303,7 @@ function render_footer() {
 
 function set_page_access($level) {
 
- global $IS_ADMIN, $IS_SETUP_ADMIN, $VALIDATED, $log_prefix, $SESSION_DEBUG;
+ global $IS_ADMIN, $IS_SETUP_ADMIN, $VALIDATED, $log_prefix, $SESSION_DEBUG, $SESSION_TIMED_OUT;
 
  #Set the security level needed to view a page.
  #This should be one of the first pieces of code
@@ -307,13 +321,15 @@ function set_page_access($level) {
   }
  }
 
+ if ($SESSION_TIMED_OUT == TRUE) { $reason = "session_timeout"; } else { $reason = "unauthorised"; }
+
  if ($level == "admin") {
   if ($IS_ADMIN == TRUE and $VALIDATED == TRUE) {
    return;
   }
   else {
-   header("Location: //" . $_SERVER["HTTP_HOST"] . "/index.php?unauthorised\n\n");
-   if ( $SESSION_DEBUG == TRUE) {  error_log("$log_prefix Session: UNAUTHORISED: page security level is 'admin' but IS_ADMIN = '${IS_ADMIN}' and VALIDATED = '${VALIDATED}' (user) ",0); }
+   header("Location: //" . $_SERVER["HTTP_HOST"] . "/log_in/index.php?$reason&redirect_to=" . base64_encode($_SERVER['REQUEST_URI']) . "\n\n");
+   if ( $SESSION_DEBUG == TRUE) {  error_log("$log_prefix Session: no access to page ($reason): page security level is 'admin' but IS_ADMIN = '${IS_ADMIN}' and VALIDATED = '${VALIDATED}' (user) ",0); }
    exit(0);
   }
  }
@@ -323,8 +339,8 @@ function set_page_access($level) {
    return;
   }
   else {
-   header("Location: //" . $_SERVER["HTTP_HOST"] . "/index.php?unauthorised\n\n");
-   if ( $SESSION_DEBUG == TRUE) {  error_log("$log_prefix Session: UNAUTHORISED: page security level is 'user' but VALIDATED = '${VALIDATED}'",0); }
+   header("Location: //" . $_SERVER["HTTP_HOST"] . "/log_in/index.php?$reason&redirect_to=" . base64_encode($_SERVER['REQUEST_URI']) . "\n\n");
+   if ( $SESSION_DEBUG == TRUE) {  error_log("$log_prefix Session: no access to page ($reason): page security level is 'user' but VALIDATED = '${VALIDATED}'",0); }
    exit(0);
   }
  }
@@ -369,6 +385,21 @@ function check_entity_name_validity(name,div_id) {
 
 }
 
+######################################################
+
+function generate_username($fn,$ln) {
+
+  global $USERNAME_FORMAT;
+
+  $username = $USERNAME_FORMAT;
+  $username = str_replace('{first_name}',strtolower($fn), $username);
+  $username = str_replace('{first_name_initial}',strtolower($fn[0]), $username);
+  $username = str_replace('{last_name}',strtolower($ln), $username);
+  $username = str_replace('{first_name_initial}',strtolower($ln[0]), $username);
+
+  return $username;
+
+}
 
 ######################################################
 
@@ -377,7 +408,7 @@ function render_js_username_generator($firstname_field_id,$lastname_field_id,$us
  #Parameters are the IDs of the input fields and username name div in the account creation form.
  #The div will be set to warning if the username is invalid.
 
- global $USERNAME_FORMAT, $USERNAME_REGEX;
+ global $USERNAME_FORMAT;
 
   render_js_username_check();
 
diff --git a/www/index.php b/www/index.php
index 51228ea..f660129 100644
--- a/www/index.php
+++ b/www/index.php
@@ -5,15 +5,6 @@
 
 render_header();
 
- if (isset($_GET['logged_out'])) {
- ?>
- <div class="alert alert-warning">
- <p class="text-center">You've been automatically logged out because you've been inactive for over
- <?php print $LOGIN_TIMEOUT_MINS; ?> minutes. Click on the 'Log in' link to get back into the system.</p>
- </div>
- <?php
- }
-
  if (isset($_GET['logged_in'])) {
  ?>
  <div class="alert alert-success">
@@ -22,13 +13,5 @@
  <?php
  }
 
- if (isset($_GET['unauthorised'])) {
- ?>
- <div class="alert alert-danger">
- <p class="text-center">You don't have the necessary permissions needed to use this module.</p>
- </div>
- <?php
- }
-
 render_footer();
 ?>
diff --git a/www/log_in/index.php b/www/log_in/index.php
index 853c365..be0eb30 100644
--- a/www/log_in/index.php
+++ b/www/log_in/index.php
@@ -5,26 +5,40 @@
 include "web_functions.inc.php";
 include "ldap_functions.inc.php";
 
+if (isset($_GET["unauthorised"])) { $display_unauth = TRUE; }
+if (isset($_GET["session_timeout"])) { $display_logged_out = TRUE; }
+if (isset($_GET["redirect_to"])) { $redirect_to = $_GET["redirect_to"]; }
+
+if (isset($_GET['logged_out'])) {
+?>
+<div class="alert alert-warning">
+<p class="text-center">You've been automatically logged out because you've been inactive for over
+<?php print $SESSION_TIMEOUT; ?> minutes. Click on the 'Log in' link to get back into the system.</p>
+</div>
+<?php
+}
+
+
 if (isset($_POST["user_id"]) and isset($_POST["password"])) {
 
  $ldap_connection = open_ldap_connection();
  $user_auth = ldap_auth_username($ldap_connection,$_POST["user_id"],$_POST["password"]);
  $is_admin = ldap_is_group_member($ldap_connection,$LDAP['admins_group'],$_POST["user_id"]);
- 
+
  ldap_close($ldap_connection);
- 
+
  if ($user_auth != FALSE) {
 
   set_passkey_cookie($user_auth,$is_admin);
-  if (isset($_POST["sendto"])) {
-   header("Location: //${_SERVER["HTTP_HOST"]}${_POST["sendto"]}\n\n");
+  if (isset($_POST["redirect_to"])) {
+   header("Location: //${_SERVER['HTTP_HOST']}" . base64_decode($_POST['redirect_to']) . "\n\n");
   }
   else {
-   header("Location: //${_SERVER["HTTP_HOST"]}/index.php?logged_in\n\n");
+   header("Location: //${_SERVER['HTTP_HOST']}/index.php?logged_in\n\n");
   }
  }
  else {
-  header("Location: //${_SERVER["HTTP_HOST"]}/${THIS_MODULE_PATH}/index.php?invalid\n\n");
+  header("Location: //${_SERVER['HTTP_HOST']}/${THIS_MODULE_PATH}/index.php?invalid\n\n");
  }
 
 }
@@ -36,27 +50,37 @@
 <div class="container">
  <div class="col-sm-8">
 
-  <div class="panel panel-default"> 
+  <div class="panel panel-default">
    <div class="panel-heading text-center">Log in</div>
    <div class="panel-body text-center">
-   
+
+   <?php if (isset($display_unauth)) { ?>
+   <div class="alert alert-warning">
+    Please log in to continue
+   </div>
+   <?php } ?>
+
+   <?php if (isset($display_logged_out)) { ?>
+   <div class="alert alert-warning">
+    You were logged out because your session expired. Log in again to continue.
+   </div>
+   <?php } ?>
+
    <?php if (isset($_GET["invalid"])) { ?>
    <div class="alert alert-warning">
     The username and/or password are unrecognised.
    </div>
    <?php } ?>
-   
-   
+
    <form class="form-horizontal" action='' method='post'>
-    <?php if (isset($sendto) and ($sendto != "")) { ?><input type="hidden" name="sendto" value="<?php print $sendto; ?>"><?php } ?>
-    
+    <?php if (isset($redirect_to) and ($redirect_to != "")) { ?><input type="hidden" name="redirect_to" value="<?php print $redirect_to; ?>"><?php } ?>
+
     <div class="form-group">
      <label for="username" class="col-sm-4 control-label">Username</label>
      <div class="col-sm-6">
       <input type="text" class="form-control" id="user_id" name="user_id">
      </div>
     </div>
-     
 
     <div class="form-group">
      <label for="password" class="col-sm-4 control-label">Password</label>
@@ -64,11 +88,11 @@
       <input type="password" class="form-control" id="confirm" name="password">
      </div>
     </div>
-    
+
     <div class="form-group">
      <button type="submit" class="btn btn-default">Log in</button>
     </div>
-   
+
    </form>
   </div>
  </div>
diff --git a/www/request_account/fonts/font_01.ttf b/www/request_account/fonts/font_01.ttf
new file mode 100644
index 0000000000000000000000000000000000000000..1c388aa36e561988570c940b541b5588fadda282
GIT binary patch
literal 76804
zcmc${d7La+Rqq>n?})u)&M7jYvWBdx%u|tPtaCauE3?ngb()^&#-<0m85$bwZbq>i
zkY?xxWFF2{yb4!j5EKXSqR16&1(EBBfZhfiK;?=!J$M2SMSaL1r|N!J7W#SbkN0{1
z+|RvdsH)72VMoMXzx7+cwbm|Ad7jtei|;kBx#re~zwWyq^Da*v`#auUedtwJU*mPX
z!c#|h$?KbLyyfZ_Tyh_;ulGFtmWST*h%4T||NcE*uk!h+8*e!|zU@s<*z`R0Mqc0X
zgnRCM=7X<&+owIxyoC3zc*1j^z2Ob?1y1%MKKGw;=e^I|-}j8C4u753;ZyFu|H)?_
z_OUxXFZf|kt$gLFPrCDoz5O@+U+gQ#pFNc~?2qYJ^7>X@AA0IN&%W>DA2dJCYxY+c
zzUN8LdV23UD=+fY=1VyI?Cxhg;m*e#@3i^(qip}-d+xmNnJN#S&9?XPdgJML-t#0k
zoBg<_w%*V6Jo=f>xcAx7{m~N`Pm|9-@5#O4|Eqp@=a;^#aqg>L;`4^*{rQ((_r-(n
zzw`V1pWhG7&`fw8dRpG)5Br$Oe(2q9&hYtPnc?C{2cI2$y=(E#UHa#|seYq3UF@kA
z?_KU~^GbQX-cmp81&r%W`ayR3p@Z-0OWs69yz2$#-w!C`{P#aMJ^AV<dN1)dycZd7
z-(w6DPwwtw8~rc(ANYC0)9Sh2Kz31&;6KMxl~<}i_O|rS{#SL&^VQq;_w<$f|LpyX
zH}w8bujPGi|Euahd7FCT4b?4PUmy2Y)t0xZ-r)uMNBREd{jcb&_CK#rdYOKK7whw0
zOK-5<_wN6bZg`PC<|T{m*;l=5|7&{5vwZ)$-u0IBd%Q~j#{QS}_wVm(<r$+rr$4fP
zQNNDQpTnK_2`^%decjprhQ8lB#PM4C*Swy7J^Q_ieO|@3Kk6BMuh-D0xi^pB|0Z{}
zrQf>$4ReO^yoKZa6Ysxq|7&XM_0&&!0aH5E>)x7v40q#O?EAmy{NDfVMcyxXhrLgG
zmV2<pBar7P|5p#5k#|lkV)5E%Y)oGM%Ig<lD?GdX{r$iF_LiQq-+r)spk(&_+YIE#
z#UJ)Feqdb~#Yvjwjb^LeDY|8~)LULzUF)xJYz~Hpw(8O0BS()NKe2uC)FtD|bZ0id
z^z@mt=PuhlfB8eMxDph2=(X29>^rW1_zgGSbn|!Ka_b`=`KU+V_L#@s{<z0~*By8M
z+nN4%eqUgUcl6+|zRCP{@F(FQdPn-K>~LN;Uf29U`#%>&_xa^g`Rt|dU%qDTs`bwf
zPHo*cdjHYSo;ZH$1E)TG>W{|frjMKrF1_jO(z#Eb|KdX)xca7R&pqt355N4TzxvL1
z-}(oSdd+PgynXME-Me1##LqtEx1aXJd;Z{=`dQz6&fvahKmT98FMRQXFTM0-d#||b
zm7jTac_F<}Tv)wu=)&;}(+lS=Ty^343%6dl{lXJ3+<oEM7hZVb6&GG};YTjK<-*Tg
zc-MsoE`0F9hb}yL;gc6W^ZiRdFn!I-eo*XGi(RTQ$Y4C@ZNEo(C(pgt`QDeu@3FyW
z&b=4o`106$kCC?ndHcQ2s&AcpFOUDr<4J3?HJY@B1J(Td2Orcwckz(}{bbL>w)fws
zA`^orFY;dD{Ri*0-W$BPcyIIG?)|*lRugqv?W(KQ_3As-qt$n*C#vsO&rr`{$6Sqe
z^>i?rR=cX6%=)^R%!<A$a=)+muv-pmEB^;YnJc%ghK|WKak(B%XXQ>ks-3M|ovWQ)
zJ<RnE2eI3FP>%-l*?2Y@SdKm)^M6~-=F<j)=&Nq+%4#;+RYN<U)w2mFn6quJs(N19
zntyZNwWHa%vV&3K>d|mpIlD6(ZtKy!TAX#dtN1scmED4G<$T7E<FYCXJDF9bExUu-
z%Fl8F{?7Y~(en<MGOKqrBjBWE;cVGZa%%P}%0aF<r5p6sV6j1AYd0!pBZfJ$uACqI
zSkG;@7|pqG&guq^cc&xUWeg)*mGe<8o60fge4o~x*?e5um+M5Sbgipm6Iv6e&6x_6
zwK~-u8z?^1HZVctH<hoAQA%qYhGFhh$5$rsO`vVmR@OI>zog>G*(DnUK^T~D$*E8&
zXLML7r&Q2Y&ey8FtOKppBUECd_bKfwpM%J;RiI<#{+l-LGd}yhQin>1K@>;)04|%z
z<w_|w%Q=^FYeCvhqgX|;AH-qovx)K}4O$x$SnEvU`;m%u%$qv2I#5}Q3)Q~QWd&S_
zk@q-17sLz46$A`2I25Ss9T)0kn-}oYnpQS>y)wRU{I`W#HH~Jl#wP4>KZghgT&#*S
zKQw1JT##NZcgcP-@i}f9sMzjg%0`B<<#B4+S!?IFL+za7zHoIBH%d+!M2yFUI^Z_B
zz#8Ken{!Dj3ZhVD{=o2=i&b|q>X@ta{Y;s+2LbnIq$9JVL*qwb8FSdHf>@_>7i&Mz
z{!PZ1bBrg+x}2k-k9IaXT&!=x=UsKUZJTbH&)P$)DjkPW)0pKZH=P0MbgAMw+c-|Q
zR4{71Bez!sfo=!!rL92uNuZ;m)w0Y5tus!Q1l?sG(lC~L8nri-ew9m=34Jy;SIUo1
zG)X(ola8`MsN6<i;=Hm9D(Ep)5@RpdJPB*8a>t?;w`K1K3Y8{;@tL=!KBRui9EKB=
z_^hFKuXn%qDep7hU&9l=?ERCF4prvCbUxWN^{#TWIVgg~OlIAM8P6OTFrSVFQ!%~)
zraQ$v?QGsHCStTTW{IVDu}e1PMYnI}Q!!gxG&r&bUZ!%SAx1Qt3c^$c@6}k@aNAAm
z>1>-1n5k8Hp8uAkj@+)g3=<!5%5k}CIEx&-8qdqBuk8S2C`Jwp8`Z^Gz~ErKqXV19
zZfA8>Pv@m$T%+lH*Gy+Xpn7wt8rW#YZH`pV<Qy}N-Ep6($NV?Ur_f>3GIf|vz6wJZ
z2O-m+=_j+!IWZL;OAxeG($Olgt&A5zxMVRHW}po**Xyxf`-e6TqMT>!q6TNNLDVyu
z3QC1}89@Ub7>tAA1eqy}37M<fS(7H1B*v%xw#<w;SJpB8#mrv7KpAw&BtMq;I@VV*
zfiOi3OMxcfh)$gTfZnLGBu$x#jbtM+#Se#pO@72h&U7QKa;-mNTI~Wj83kb+D6=$Z
zHaK^t#4eO;31C^}#}Sql2TO^sddw{Cved2v9K|J9aeY2>&9-#%tGQvLI}WFbZ<b@M
zOEuaiv+H4WIu9C$gQd_<xsh=kuj&TFZ}3y*f)y7eQG&@dt;x77ZZ(!4j{246$5r25
zqQhH#n})U>x0LDn4cClcq*uU*!uNI1j%St0{ljZfnnYe}|Ev4&(wFI%LCJj;sZ6!h
zk%gZ;qpnofft$ChJJplb_o!zw*Kv)La)Jx-3uek$HC}j=(mFfD%?RM<npe2Z@qET?
zt4e2UwsgEVFT3JJ2Q`iYPgdu;$Q7T+<ScW8L$&i=1tBY^_$7{o%jAG;gtOwSn+*q?
z2*;Z1!H9{@ES-(#I9Ty(_&^M>9^`5;sz)=1hWEpA4BmOZ%OJ!P@0tM?I2ljIVtkAc
z$GEFGrMP)hmFsH0>y$XG8WZO1CC&}kb(Z%{eN16zGFCiy#V}{XdJEq=3%D59SM}^*
zpK4z3SU$&w*>^U=&sMc~%`pe8W?LLlewxikv&)z)f2&MeJP(c~iEXSmqO#R79Y7dB
zZv`dBQDQAINSpX;g0x^(8u(1cbQ4ddUC9wLnfb1*^3_-z2eVIyN!D&N>6PxtT+gEv
z^gWen=2D3lEp!x#oAQ+{TUo_Ca-|dZ<ok(AR68&Y->e>v+AT1&V|Y922H09#g}wNe
ztYHZ+-951%Mp@qvv!@&8XH(~EcwQWUv3U@=Fl=gn>u~5)gDb5z_wK`geOz;{PwJxR
zVZ%SOH8KE7qun?Uw_`T@0S-y+agp)f3vl)7KVVzT@lT5{XI2Nt@#?1O9KI9?;0ug_
ziwr;O<5JbD{7^?HI7aXX#_6YqdPCXur4yTju+>w37lSd0@f!wj$c<VlLksnY@D%}O
zYEp|a14jWv<O}y!3|c2eqhB3ym@C^P*7#k!oPsMya|RGZ#nA@u2Vk{H`(R;XeYx+q
zw=7SgJBpULXKty<(SW~>Z5=Ujd(F4di-<Sf5?2Ki(K%12F^(D?e4J`He4AdchS9Yp
z_q>D4GT3jcI@a2nfN-jjw^wtUpE`Q+JC*OQ_Y?C;KL`^)^tXKipQ7+vP1uK@uE@=P
zs!h~Dr$LHumI+}QWZ*NC;6X+$nS@E;<JyCgt7W+ONx9dc0oU~+ah0Ce_x$~rsBh?t
z-XC~>>iwPf_e6L9%4QA^(o^f|usW%B)LC`8x>nr)YCKjwPko<yIgjs$)$7%p)jQNL
zsQ00Ej0Ql&px%KGPRG-2wF7b7#?c(ZZg<UOT+Mfc&Q53JzCXrsZU>`nf4b|>c^9MR
z!+;<4yj)WSXe3Ur3*P7n+;ZFx))YvDF&24vOj&TKDgYelZWmiG`i&yDL%8^W^A9ZN
zYycVZ*=PoH#a!LNhqmB&fYH=p%f<M-SUyHOvPA_f2*;hV$Ixv7No#7nHJx#|q8iV3
zs_CFxj1K`?AmDW5=5TF+l7U#goP;Ax2ZeBgZn3ULQxHTzY;okB>ChJQ@tkM^m(Nhx
zcs`p5&~lO80ytW1$Gd`?48Tgrf<Kp&%!~1KFz2QX>!FMaE;0b^O4z*}aQmh^&}R5u
z8nu_STc4Fsa6l^B#DC#YnGA<yLTIdDHEl%wumv8S585qv9pHc)PPh%JIs@TV56MlG
z^i?N@=P^HA6gfW{`phA-R>3`OAwFK?e&Jl5xCx3e9aVg42}^Od7rM&Cn?a<P6PMw~
z^utcJAr7|SXx0yKrqDTcmC$tclY9WKN5ZyG{w{Fv-xEB&{XGt-%_D{1`kBR#|2X6$
z+`B0W8^GTy<4B#<jmSCE2yw^iK1Qw0A&f22K?@rX-W=NevD^=BKC0E*V@$bf09_#`
z#^~kDtJ|2SiG2%HLL-byptSC<c;nse#+TUu!_{h2u;V%v!r`ARK+<RgEgV%4r^dqb
zGgSw<wN;oNiSW}Pxrty6E2g<-4h6QUuWkA!4L8fp-1M4$dOTIp6@k@pWZRX5L|CiV
zeHU_JHQ+<E)B(TJjxmP-_8?pha;2NZJ`7o#74uzM5lRJ(P$eMSI{4P?@^-t9*RMGN
zq6!v=9i<uo>l8#_rwwI_AoiC78)j-5Qe=h^K~0MTGGngd4S<51<Ci>{+)u+5LJ4Cz
zz$k1u92b#?A2ihf>emp?2cV?QySQ82pvMz#1WN~pT10R`fBBdSIzbMr!Gpm$RC9TW
z$H;S2I_H*wK`1#4ljzO_$NcoNL_S5z^C5)K;G!2ni*WS)z5TDNUowR^_O9@*C({38
z^rpY`J_kSFSCv{*wdYM7-XABtZGew447vhn`h?)sxNu|0x>(qPV;see12S`viBP|o
z?2OA9Krr6HfNh5`c~?&gY!Pk)D=zHNt>Rgc0x&T+NbkIwomacsbuAmfir_B*(zf22
z)}!fgFhpLMgF6e}j!DWev~ZQac7Vgcp5*BOA`7^fLw8{91k;>OF$#{cLo~3BJa8E_
zzgs}6CLjZ&pY066jst)h&Bqf|2HX7?qhZ`>3Ug=H<Yw#GnmlZr^9qI;5dQFhxaS*Z
zGn02ONex6HXyBrI8HCNmQSxw1O2aE**Z#`GBiF($m3h-PqHxeS9O<L3Lu6Kky<-WE
z6Z44uG-u`m6>Xzd2|VqR`Ds9<lZib&wiN`uCE@^Lw*dcad?JJ5Hot8(Ai$LAY4;Rd
zl$tTIEfkmOcePF#V_@0O??!QF6=Vp^^)hW`k{uj_%kb4hWJB#j7;Hjp+Uls9X&i5y
zgivrDV%0>o#$P&r_^b|Z@Dm$V&Qx&p8)9GqHgT3u{Z5y|ux-<iuYG6OTgow_bTn8=
zyDRRR&W*stv3R&trjz{44NGOF8%ZbW<cItsDdVhf^m*eqla{?s!tUiW4NWk5Gd`RM
z-r64b(NCIrv$J(;W>l)mX7IB<-ku18PaId2%NP4xb%oKDAFZ!TsLIt1e2Y)U&M*Tm
zf~!0vL6d(}kT25S+WtT9|CYX0zZ(TL^V;ZKmomQ}svfTHP)|}%Q_ob-RWDROrrxH0
zR=rF8l6t@Tp!#j~QT3quBlV~1FV*K1I)7#BNeMS60-be*jY||cB%Xw=E4(V7^D~Bt
zTin*uaS8LCG3|(d$ILj~BytwMn>o9k&Ddy)qlbQLyfu_QmwC@C4vbZGabA4qs7P1y
znJp{m_H0DtX(7@s54vKa!Mq}b9mAnZV&keSnwD%nAx1v0rWg)ph^=9sbyxhpsu}b)
zBj#1tGVU5(ieqBX+iH*l$hEB*;e3ju#z=;i4cSF5(z5Sx;ojL(_MO+m0seE$MJ_Cg
z%Okj8i*if&!Md7l>p>or!~v7p7Q?TDgHQ3m+zC81zIjmf!||>Uq>QFHp%ou-lex+f
z(FL11v2YHLd!KDV6-vU1a>Ng=oLS^R85`bS;v@-2X2KQ-N=Am8!VpXD|2sq$+YEG~
zGgIk7(!1I*EgE>5j!YlZz(b1_$11DA0*Ea>AQqa7LlNWAce^GQuba@}Oy>d6n}vSt
zf_2|^Y;0NpdvJoO7j{hQH*aRg%-U6Z%0@P1isCU8deh>&C@kT1kvkMc&0a*rjhqL&
zbRA}JgXr8EFeHM7H<;-RE)G}CvD`uMZCACTI5U2Z2#1G3S|C<N_X*Z=?f2Vpm~Uzm
zcDT;c?^j90?j@#<P-krb6bm+RG2qRzAESC@?-M>@KE&1Hi^WfJz`b`|4O8d7WVYyb
zOoFNxtM_r6?B4y{$3)#DIAZqRB4}W)XAD^p8x=Mp!n0nph!H-Hwp0~Wn7Gofg&T!<
zKRi;fjf$5e0diAMi`%{g`fyd?w^Yz~oX3BJu~~;OMK{jlP;C#)!KAO%tGMic1R>7=
zoSYgdAPZ9@6`PC7kh7^Ub>T#C8!lRejl)m`9*DMW5IvA!UYTC_R6lO{F6yQxX=Hg}
znsLD$u~B+#8NXgI${@*L4Jz1%>Jc`EHU@b#2W+XsC^muaKzT%igD3)|CVpt6NUsU<
z<~lgDii+bjK|ZWbgbX7J4^iYPztPX5W*ns|vwoSZGBxs|Z5jk}k=<A&mOwRy>?o6j
zf{daKrXjN|({-%)$R{4PY~(uJN>KekjAV+6qY$)Tz#RkZTenP<cco@<-2O0PGVAb|
z6X_D+XO*L5X2rjs$8Z|0mTAR3O(3d1qh~Y^bcu5|)54^y%avL7w?-(k5Fa73PYb#E
zr=4>h?E>zz-9VSJ+FxZ7g{Ysd$$Ui|MeWg#Qx44uSH{LXI-ZX_cy)0WV0(EcQVaaV
zdPDVx-lq(Cy#I%W=ym?5s)p77pKAEA5Ya?*DpBtm+}ul;0rt4W&xoJIqJHEGqW=GH
z^^Rx%Z|a?jq4w6carDS{704ow1{e@y5$XGXhm0nAtwqhc)%%J$>HUcJX748?<Kw;8
z^X7Oi;vD|YP?F|+!Lhgs9aez9nn9q*OYm2+9JXtTpX^}UpeczTBPr4?fbM}PxZ+p_
z;wey-aD_0w6kr}#dDt!Ska*1k+klzj!Mdnhw&1WFNy0h_5l1y~+DV05s08ID+wwvY
z-F=lK{sd?Mfp8QZxfmrMnk#7LRFWhPs{zrHEJyOzOhXkkBJvi59=;VKE@=}LJ3nzY
zanQYH)B-g&d~@_vjG1o}W@Sw*1FEA*RKPND8IpR*mA@+F?2*986+(OtvtI!AqML?)
zN=z2nEJfi6x;;EdWLzJcT#4H}b>>TIN*GJ8Q=*HQ7|3g;TP7Zmv`~7p3ACsVnKIEr
zQoY94tJEcKDQI7MW*TkG4{ap6b;7u#M>yEYUfEmTjr&2|g`?`A*&OC>X-!`XS`qcE
zuY_vvUp0<luH%I0(fFSMA%oumQZnnc(J>$4{h>MTz1(|^_d4%Ki3EPqdl%3D{oZeQ
zzmID1C*EIB=kO)(pQT1%ZVSn7A?9hA1P_g8F&xwo8=n4v1e*lRMB+SVq(7eB;yY7d
zGTZiN+rddSuS(fsR3kyaKl(9@--+`cF6L5B<RM8m9Q0^N@GoQspKe7G6c11I&sXcl
zbNo9LrG#>g3Ly;Q-W{nuf{bz`RE5_SnZ|FEdw2m!H--ZV7|nLzJrE6!gvhWBosxH%
z==Db=C}kQT%=<cP1jOVwI28esKq-M~IEqXt;<+EC0dtEeQQ=Dz5axmmpiY<t%*d=`
z2)2Cay^9hOJb@}=W^7D6%q9+W7Fo>V`&1C34ESafX$~}W5$u8INWKW{4qa0uPSG1h
za_2SD5+hj%4xEXYoM{P@;EzP)R`3=P9Wf62AOO=OrxU`qTL7!>;>PSpvo+NMljF|1
z&IkQ6jaF`yfPxG5^LbA#`)hFQ(<|q+CdXi_r-!8;v~=^TwUf2YmP}+;ddsaS<FZ<W
z4M~g_vaKzIzO3%8C7o7ZobfUS*>Gm6S6ay=K|Fmca}zd$_v2J;KTHlY1LHf;I=bRW
zxHjV7%;6ZJTwK&L_r#F6N+e@wP~}#*6FO}9DftaY#H9V!n$Ro2d5q}0s^UJ8Q@G`l
zb^xYrs`skzrLyIhn90BH{f_s0-X}b-!$Y=HN&J9BOfsgdFmXvR!EBkL#GH^@$RR>`
zd6^=iBPnW<&U%iJEmOKnZkUX1jqavp4kI|#UBNBpCAp{yvzQRfqGpkP?!&PNM&X-o
zMq=3Z4TKuv+>n@nnaW-c%FJvWaUM_)0A=d44U=@9b5f2h)Sg&j@%4=;I4K^tMGzzs
zHrbcR4=yw9q&dXj<9d0{`~y^oIf2N$X&OCd0|*c!y6OO_h+Ag;IB5|0En-Ec2_g)$
zl{w%?I|ZI8Rwc8WN3|rAD~VdVg9aR{FtQy|!pt>mnS9!B#zCGYrM9hnbQ{$1UQ$9<
zJRN(<tbCSyQJ;m}1__}gr)V(w6V<|Af@mjz-l%1qpWwD+f0RoJ?8M=Q2pxg05T@f~
z2%Cf+z?7H^hC7+15kp3;U+JVkanQ`q>t=hXhD;G&5C@aw;tEJawGt>8X3gxQ&SgOe
zk&RK8ZQ3OBhUZ1=8R!wQJ=|6`nO+}68Lnlb2F2nl6NfD38QsvAdS4`e`E_q^q2VTM
zy#!(n)Ce8-phn_Kl-!52Lq)(=OE5GNNEDPIg(+zoM9`gDrXY|ei9#tr5IwfAXYqUj
zuRQJn0Tr*AP9!v`OBl~ea7_vtB=}>`MFfc3<prBMNhk@zQ9^Mrv+=c5Q!r0O?-(#c
z3uYd84FD3`jcU$Pj~tN6+k~RxrE5|=6`@iMngWk*V5jqXK+uJ}vVc?esE73;b;?)(
z<Z6Mr0I5W82VyXDdPLO4YYDmlcINNDZ6#iOF4-Gyhb@qW#D=71V?yNY!0d7%^pxy6
zFN;yhtiORN2Ao7;)=+WcS3Hs+$9<E6)`t+ijuF;?2+aL3%2QAq{|PG-j1hJzvLBQ*
z;RmL6QXB<Xk}z*li$DO8hmu_-BPh%vwZS&C6zDP-0N~7g2QtYXkx<f52h2(MDJdU*
z5(x-K%W)YIfdlUt^j6=N&91+pbpf^kQYe9nfQ`+Ctf28R+X8jX!tAv9T^Z)jGPRr7
z!W#ti$kF&u72Cmh<pQ`)t=0@V;Q)u8V$kXs+giwe^AflWL8WnR7$h;PQWN|N#78n3
z_$Ce!a)>YycfzG`FtPI>KYujLqX8M(I8O4cNZ6^$L{`yD+9peq_?mSOYlKaVD755#
zL#~jYC?W``8UXZDj)Yre1L8~qDxjHy4%AGMRqUBon52^x&MHi2QFsDWv`G|Y&B*#q
z+g+J+<vaj*m~dd?MKB5T;}{1~T4)KSEJxSwVT&8Vr-Bcli+BM7VE+gB7PS4?%*gi^
zBEE7vyI8Kn#%+ry@Am#YI1e12;SCdsTlth~RlW-x!m^GoA!4FB&P%=ieyEOlzl)#v
zi1(oPN8X=#pCwoG74Ms5cb!T_;Q{>B9FNgZ^T}*ygpptsb99#3q>DB)!eoYsjtD$l
z)ev7Xa9}$cW-ujJ3fmRY0Xc^n0}*=8s(t`F!4(w4dO9QXS(4!ClH=JKl#>N_8VkLW
zv=0PJ5)-xftI-^GJqI2nF*BTE<D*3i1x;2yt;u4@X(r@e1~8lvlm<%_CN-W7hGLxj
zY#q82gP3B4b~19qg%paJ!lMR-q<(g$;~mU%dM}SfsuOGyMj|ja!0ae=iLNPb!I2Q=
zF3bV_p74f%8+$;m2u)b}4fr*Z#0mChb|j|P?TLrVlhvp}W{o7Fyi20NB2vh%gvF6s
zVP?UU&{R~kiE;5vnTawxIIe2Rj38x77|m`*W2x|NqDkdn#dC+_Vv^>EWU2?Ez36K(
zPfV3BND-Xy;i3!rHdZL)%8qPEmi8+mK8WTUGyRAF@GFhXCZn*2py2zY|F{Ggc?@9S
zVG-UVqV45G_j(DDoFxdPP?Nym2q2;2Mk9_Y!fQh{1rb5i$r__R`>&~l0*B=6K$lyN
z%GWSC1tY|JcSXWSu<1}ABqB!yUZh-iqWqH4o)w|rl>%h4p;{rq0xs-QAQjjZ_T$b}
z+$8>SyW2YgNx#Ykqi3#qpWrBWdp}D(=`VX9@O~3U|KGj8Vs8JV_bu^Yp0~9~o>@4&
z<nAgaAj;+7GF$}3F^KyEoWgwP)DXf0Gsh<|-y9x<c`_*}uR|OpOSa=q4UyIsOlpoo
z2#1>P%uns$d4x_$N{}yOX7*T8e9)tkAOVy|sK=pIoV=vGfh=b^F6=5P$O%d(s^k#Q
zhEr2cW;vc@#|mrW6pN%DAEMf?DPlx4{gERjxJr!yREki*)!nhw4KOJ5$N8zzuv?u|
zJ6rQp6Y*>0533nWqCQlR?o+P{f-LYUj)S!%r?vqtkd?w16<w_lLBRn*;r7}LQ|J*-
zr_%#ek$S)-9vMPV7Ow!qq<Q!gedh?<a1SGS?puT(AzI8n|8Y{*wIp>`9GHoz^+V9{
zpm1(*SDX<Gb2QzK@f%Xe@Bq^%S2tr)985Gn^%@Y}N2uqV{KvG^-lv%z@IilFveCXe
zT75nu#9(rZ<p8ac5@7zyv}cr<2P`ar3`xx!!xH_CH~3L9Tl@#0!8{;d<S`~OS1y*h
zC?~{7I24h!D13g8&GC=OI=E=!8D=O2VTzbWj9D(3k458<vlC<k!U3K{j>Rx!Ktkp)
zRs04gV^j9SPwGeFSMcJ`#OX0K6ipJ~-sb*?RPOy0I(_Qh?%m}*1yn|$u7w$snqmSo
z72#L23Arbj7t;#q7Y$f)MbIcj13(h3Vn-@#AUGqcHLJ2_Lc@|q+dL#lP33B&j9MrQ
zK_P)=`Fyf)lu>ap{-LBrTo%=E@D&OCkjc1I-915Bh;xz`<knEU)y?E$IuX`r^hTGg
zBdL@uu+(NnV!}H99;T4?UjSMKmkNw>7@iX@w2bT^9tEon3Yds2c~+*Enkchz7Gedy
zY2m~(sywnKwywDIhzC49a=%fW!&A70F;Da`;|kOk_t=+40B=dXQ~#NF-n&X-ct{+V
zMp(lg;;+z43Vyh7YUC2R0kb)<%n@=j-6+M`YAfpGZl&XF1F4y-zp|vbQ$nz)-*pww
zaRi@^Y`QV3(Vee_$n<gSJYXtrif+=rq-w7(C*zGgSs%u$iGSvWTz(H{dj3Rm2~$#6
zS5w#4j{Bz{bwyNmR=`^8E%D4hufI=!)XTkhdjG}y74MtmCJA~~2?%beEp=RtsY^bu
z9!g#E&FYcraq2Gh6m<{Ng~|tlFrGHq3L-oq#}fKU6%_tg6eYe;4Gezq2}Koi*#lZF
zXhoDK4zeFkz-{n{{{)EjE_o2jw17csu%sjzGLHsgpu{+PNm$mrRS)X2Yb7OFGARk+
zW}F<o12T-1!Gsdl4{k}Kh2%|vV}?dh=qQN}<{`uZjDx!~Ey3BsG7_dMJepZfJV0<b
zCvhUECPh)jj6g$p0BpICd<!R<Z4D}%J6Fv7W*bBfgqw=7RWhUbK7?G$SnVQemC<k@
z#)rUGF!u*#N5YEEU^ceIm}!0z?9k0T3x-!x$mCp!w?ljb$YO)+Aw0l!jg8ivpQDGQ
z_%&$dS?Y}j(6+`(<Is2ml-!7N(`=;!ti22GB&*SYT&FGyn^J&F+_&M!)Zh|j2C>~_
zvm^^%2Dk_uQeG1*wUIY4f+kUsX*Nz%++*}isI5|uX7V%Lsm`eE<!2`cRgZZ3j1Xcy
zET3i@s2mp54P1*<1ZYk!7mZNzfFPWDgV?0D7e7tz_Z2pZp*Do2FG8?rQ&teE7h)5_
z=K;&Tw+XC8KgM-y?1P{oem#K+SR3rZBS!q>o<!kU$#_EQDafd_;M)3cA=4JC6=I8d
z82H6flVG?@vVo{iuz{3>u?_^M40F3>f)j1`^!#dmPJ)eD!?d<w^9`F11-GRxxotLd
zSgxe;hBK?rl4=aU8HL@g%sGn8RBPoSY20n4r+iaY>GF1BmZ+$BIbH;>Vs)6KVpB!M
zmGVT-=_C!tSQt0_fp}Bvb8rMdb!+W(eYHc8cXXn-E>9W-`LP~yX>o}SyK#`N<IKqL
zDF3X$c@m{~v?+%%w=CigVtS%0e*$s@%f=0QVS|#13^6M=aRD6q!YB!AI^qiC5aKhC
z!=y&-(ZG;hlhSQ+CoWxMxDMe`MHe5Fld?Fy(hfz#&iB8v|7G<e{aR{_KZjZ=G5S7F
zDuT|HBpkQYF|`BR8O`w*<Fb2-f?(_w(36}gv>fUI{-JB4KRX1-Z8Dx^moh3;A@;yO
z02&wwpJKFZOUD94Jm-3(UKn2?7$dlXRgD&!l0>&9(K1#nh(q}mxz9Om2#c^`!FvFM
zdNM{864eOzgqzZUmgFoKdcX|WA!o}84`iy6dgPpfF7me{iL)028X*Qut%IS#p0Hk#
z#}~F-2<nKL^A=w)eHcF1iB4cBGgSk=TE|Vm2N0fU^>h?Tp`f@n;Sy5vPv!^Gi$OC%
zDy9n7T?(N_QN-RQ4@$v{l_zC!RyZgVlkKBJfvFRaF(Oul2r<E!4gtoB(1_{6jddHZ
zWx4PyYNUXGTFu7f8tEe#l{+hG(>lt4sXh=!gakxdO-dXSW(_huQ3rLDDY0cLg+aJs
z%t4G8nj&VzFmXUu%u2hL@P4cwzX%*36jGzZmkVU9!eM?@wh-|PLgHug!oPuXde!&{
zMv5H3?30SW&^!>ui1};A-eGSvYHSLkOu`Pw6QS;gYfrghRSyPqgrt$7f)kQdEnj!(
zgb|Fd5RS;rLRgc-%4u|vz|zPb7jR9oW`woky}9oR<is>ui6b)@kbtvYeS&KRhl=EA
zNGpZZ5|yM7U`s8^O^PUMlOOkc{oBJcex9!o6`fA0Dj{3}5lB$-Os%5C6i}|XS!cM7
z$vxyS;@n3i(2P|R$q>d<>>BxZSn8)uafoZzwhk!khKpYO6Rg^(s}@zV*sj<qnYsbp
zi+`c7)xYm`s9wBHJq^L{J}M?&s$NMA<9}4IQ*WSl;^)*as$WsRrhZp_jH-#xsJ~I4
zS6@{Bp#E8XU0vklmH{<%7e+Uo5sF|arC0;%nI@<$N;j>Ecd2c_J(s(hvc<lki)h@<
z4edAMa>#}lAEMRRPRfOoM@o{a=FzmAQ5ZeOZ&ES{^_$K?9sH$Q1PPexww_V)C>A%_
z4JI@45^jLqLINa4-qqXG5AAIGI|2~cB)kznjYx;`2AgD<7^IjK1x?D~Mi(Uz1w)!*
zd=q500RU1@srvvf_)jziSDi{g<WrXELr*D;En%%BGw|=!R#7~`u`qB^5~O|!bSb$$
z1_aF@95Sw^h!6l^P^gDe*ugvm3<ecu&Yi*EbHy{leY@ZYf&3sD4+c0nB*FmcIf^mh
z258sRZIL&T@{xLYfGC28_Rx$sw*W%wLC2uSLcOaX2lL^yuFBCA?3ANdvqN<;;iqzo
zJw#&w27w~J*op9w#Va){9B~)iWhVUS(SEztjMGixeSJjhEq^^$_c9U4TpXek;)q|+
zm}Jw-Lx0j^6Yzp82%RfZj7vn4Rk038FXO^-zd7l<pt1e<7YubCt#Xt?jhaMNVKmD&
zB(flzt=9o00(9GKR!F_hMEzDwPXtAZPGz~jGKo_^K3Y_CWmuHDoc;hR{zDP|TF~~m
znKDbsH#m#In6$8A8@)}0JyYP!iGC=<%>A4z5YI}aMm$dKw9`kncH(3sd*WJ}j&#>_
zNYY7|0}fIA$aWkRTT`m^!;s<(hy>+;66q}>A{v<N&zz=Srvh?plqZ_ZyX?IXI8f7k
zyZ1m2sxHe<e{TJ-=L2D105Bd);Ia264#U<cgedkDqKjEmq`pw_eu5fiyLS&80IVjG
zn~SROI0`64)Uz+9*ie012Do<xvDj~MoV`76`rVxA=>S?(QhpV_nzwJ~lEEe4zcviq
z-VR<mUM43%px2hGkyfxoJsCVnXbMSM)O)$Zx}DO3fwQ+L{$WUc0I=v>ST!M#RO^HK
z@T3%#lLFc-rmH1s;ftV7s6{A{D45ij(t#ypf#HP?s3I-pw<t)Z&T^egNRyPZi`)g<
zlzJX5b{oej04*33`~!j!WNVFfE2rU0Em3R3g@)#EzZ>X0@l)CYmdHM#O@?7c42F|Q
z)iMlMYIuSsEQDKG$lV0lm%4bq%_Ay4OplrEhHA?-jL8p&x`TA8pA}0p0NW=jo;3Up
zVUdWrWTw|D<gyKJUAFf==1Zqx(OOAY<0(~!Mka@6R7k^6)qvUO#7PI_aip0@t0U-Q
ze+qSu3nyW^At}cn>8@j%Hv3eH#_e`$+vJ&ZxTz*ENgc_NR%0pSF}Id%8FZ!Dj$XGU
z<!-icv&5;K3ePV|k$^Wtl9CtyTC(Ynfb@P@N=>{qsz^VhC;Ahpq#5l%OJrY;s8edL
z&Z+Cvjl^S*Rd*`s6O|gem*5HBs(wcOXZ2sy1Neg9R3A|v1M$&;27-0MohTOtT!BhZ
zb<vwLpU(OYdIMz>jzWmUR%|M12w<?b$gvW$0qn<+f^Z%Z;&G@M=qEj;2FeAbTLE5?
zswf_yik%3DOojz3Nqq>&!^lXkPzfLArU10rz3<50Nuldtgp(&~Dhp8-y3~`qJmf4p
z9F4zDq$grcXQ`5t^kE_IioC@TMzwT@f~MBZM+Jelu){hKq!wTXd<8+}n;>+#wM$u?
zp?{VSg_ItGJ%Y>ZGnsuGnW=WIhkfYW0njdB-?0^MaRk(1VVay*LP*ZGNMv$8TnV?4
z-WwuAHk*y`mE}y75Q0HMT9W9Dc;RwfY5J1X|Fu+YglJ;WE~DF|R-^U8tk4@pF>?|2
z<JEOnZ8Qz-Whk-PR`a;f8iY%D5V8^dFL9F4be2W7k>r$OG{ZG&e%shM_DbHY3<KRq
zOO>L8<?;qNy;`QMDkJcb*bHP~c5|%d<k(^6+j_PQNjR@omb-ezE@^>+-c{()QplyV
zxbkT&^Qpmu2r_Bm{x}9$N=VF>Wa0B8;xDS!2)}}`7cSdIBf}2z_K@)2zhaq^2%l0O
z?S|~^-U>DteK+;GD0*-s1^z<V_O1ix;XZ%4__lY32u!I@Sl1yJj*Fo9?UB@okTJbE
z?%;B==Sk7iGpOd^l+vK0Qe<LZbp<d&RR|-E1hvnw6AT;i&=jO={EoFtdsi_6V_unZ
z2$%IKiT@^`i6U6r1euMK*)KIr$w<KM>nO29ZIaLp8Y~$fv&`6zbVqb;f@JXVrdl^g
zxDtStR-RN{vb9!I=m-=Da!XYM2gPrY6pq>eg(J|W4@#2nj@rXu$q$1rIpdh@YGz4A
z`BX!v^vQ9%EUjJ8-6JdMp<{qmB{d9$a{<Lpjj*+5kM*xkIWS6PK)_Ak0@ochb;;Zz
z#?WNS7>F_S=p=U4+)vuy4;q9JKD(re6pvBn1ELXea0LXuxZQ@yUTzi@6wH^nL2(PW
zgdJL@(L|c%urxHV3o(hf7vSmWnxlR(NH_dEZkipS7EjW~lbEJ%k^kcCGu)AZUlP%%
z<^fOdf`mWF{eg2Z!RgJSY>j$qz0sFhnjArWLn|QAM*xljcN|Rj=?ef+A41E9L?BGa
zi@O9s5~p^&7)|S``s1EK#$8pLWR69}nxkS#-=Lu8?bIGWTRmUBR=pJ^O90AA&C?K@
zwkS%fJFF>Wp*G3_mN^7@8*_z%&Ug5L^pM!~fRwP7Y66f@@Y0rmgy0p{-*wwQxvSZn
z@|;m!?Pf%#6w`|UMivUVkyKR|2qqe)T8ICF72UikH4RkM5OqS)se;%wMYVWA-kJ<G
z+lih(13np8EtpNy0I{^36vCWqsqKNLa(HP%;w_26XFHCH3~BG@nhp>WjDn9tF%hLK
zSZ0BEON{MmWHU|$PT8#msKGdi+66-yqF{PgP*=3AMZO*V3R1g}?Klhsx5IhZc-PS2
zBQ1#%_RhC8k@}q1>QAE}d7R{XP-BTSW6Az9`82!^Q;_y>AsTqx?rBHePFrV(C=w$b
zHEeIMUZV6+!CR%4hBlOM=Lu}m(=mx33VsQFrN=cts$ZlJ)8}HBM6nH58W7tM_JsKf
zq9nSVq3lp#7Kt@tOE3`~R2^!;Hjv7B@m!s+A3F}6Vk}*x;()%x02AwCw8HEpS+|hc
zp?!cdmH1dS${5i)U`}F5VmjCrfgueD1ekY_j$qh`K=#S-G4pm6Hp6TkqrA_hl*}D(
z5TQR5YbB#l$tYh8D>7>D_eG}}1Np?5Ul*?MT0R`eq(>VRbR@C`z^s1y0+l}wu8V~c
z?h2oGMCM=?w~&)FY^V-}t<l|5pLYmgT1G-(a|HA(fxkh6G{wq|r5aA?`?8z>Lk7Q~
z+tP>y>`}JGxuI2*mEb}^woMY2B=$^ep_9W1)nWTGcf1!=ev|5~?Tkl5-2fsX&yBPP
z_oWpgOHoYCHDs}$Q_3Bh<6V5&kVGWv*7J}LovHv<aEUuYSY41I*dV*N46MOSY2QcN
zKoS=T1y*d@1K5`)OYL{Yt37sDz!Eqy(81y7=B#?4!kZ|q;uf^Edc5QWI4RHtsRc~9
zI-jv51&;}NgQ5jk*cK00x1K}LfPyB~={mTP?etIbS<OQP9LZhyG*K2&bc8!@_TEc{
zFCLhhZ$cr0SxOU)?LC<=0kGqag#{S3K|ScF^jZBeV)^^ki`C1&9m&5D=JxCAci?TG
zP@hzPrar4ar@p+1;rF=a7!O(MWj)ZfJ`O89&H6rc`Aaf+SNZ_AaT9J^qk02X&Vmwr
zqv8oxCABBgnt-eZEI@`N%pW0)fjYcE?6TE_2zN5W_Q4m8`b&)pJS=i76C!av6<lyE
zUXU*b5iD|c#Tf?M5jjT)Ao28ICio`UCQu;*!ssO}DRo}-O=@=F%m!H8wh+lF>3504
zQPF_ILWt!Y(y4dmmMa*-AORdsO(XRjiEp~twG_dQ27?k(383s6sqAr51LH)k8*}Qu
zW~C9Z2yC2`$cVyaxf7tL1lokg@IeCm+QR8jCS1XX4APo<Bq91j&08QKOc>M?VXxd8
z+1a-N5il2T;UvF60s`!;gq?B-qz6XK4HEc-vx1>gIVmX$SmPG2N4O5k2IPojPC2z)
zg&c^_z*Qa&J8p?sISZydERhkQo7{Pc`uQ16Vv%H<;b=;Wj<QwbI5>e^D2}YOwfaTZ
zx<LRaA9Rm0{m7jW0LcubYL^*Hiw+7uVI`)(Y|e6h3U+lG+(^2V>lBTpK_8$2zbNVA
z8~zu_Q+|sczQ+gT16*0e1m{%!_CP#NqzU)|-!3Q<ojliGGfPw%MhKE%4=bej@hTdk
zM6ZNNokg%r_(;7sMfHtFGn&OkbJaB39r__jUr@Q&IMJn`n4~VCP3=Oq4sBt`1)bj_
z7D^}P!f60Zw%`epks~r)w27#=goRQj1Nycs$DkPk{ub&Zw-K8!O?tE(f(;$c<0GVU
zFx*0_x}oVJ2yA4_!4e3?WtVCxPNRPY3t&am%5Y}7C@c^S{?R-NxBPL|2-*8?;WbLV
zi^>g3qJ`H8QUcxxo>8j-!jNeZ!5vY_8QKQj#cxWw8nhsLr(O+=oXa|NL>%Wvf@OOj
zjxcuRKfn}o6A;$_O?eu7U*)lN)O|$N(RXu@m-2*>Tlk6S)voD7WyfZ_g}8#f2T|jT
z@Xshv%GcPH!&yfH0B0sJZpn>n8s4P3N`z+|9(7&*(KHLA6v3t0Y2qSraw48^&p3g#
zQKzc8aHN+uQbUVA?v=LhFT?li$B?6<NQsgq*_7Hq9uX3^luiM9rm@;Uy=~^Ls7ZGV
z6_s?0r7*`eYR1X-`|TJBha1;!wi*F_b0o=`oXxJD@tD9}U_H#wEvK!Nd8|-raY+K!
z&{1dtGBE@ceM#hBW&pGhodT?-dZg1{QLRf>&%lbga2l+0ldm;8Cd(*JOAA^&xI88k
za}I2$idQOLTGGg}L|L!6brA;e4$Ku6`QXT?&^{iU$?nX>zY!X+uoK9;AH0pEJqsYn
z+AXBrpbbpaxRrLhq5;F+@qJ8y3`!e3wsy-LpJznUzR?u+oWXl;woSq#XaIB<;{99{
z39&!Og|4Ohj#_YP0La~uGLR&IxRWO%qh*7%kx&67tDoQi83v=`=ZjY{quI-@&__Y|
z<lB3LEi%mI7erl9Z(kf*IP)^~SzmyZf7<(?_uEvke4LeJ{)P&cuXz{gR9#<a4pVi8
z9{QVEo9cG;1UiwPMIZf()hiS$2@)_Zvb;d0hznMv14!kJ@_HeIqBBI2gI)B>1BFtx
z3)!qiyG2O=?159nWD6pLp8gQ*7q=kZ1Ls7;eMJX7;WmjNj*AzmtY9YYqZaDDSOKdB
z7r}o*?1AGzypJaU=Iev<bOCXxQkg(f=|`7CBYqn`uB&p3Q;h~v4GNeqWCKQt+hJ4a
zHMPR{4vuz~i!+v1R~hFBB3!W*-=OTXk$^dLKj8SR<#vGFl*lj+vf2yH<T8BZ!cTFu
z5wse|Lb8i9NsvHVtdud+EDy>{Ywr$DQCx_ml`$F>wpuk$jEM16lhvRoh?1lXRF8TS
zEL=3vFwKO1Em^(nZ!4X3saL#&4$ez@CD_<wW{J{-CI|8aU5bbg^>XT}=roP#2508L
zr&Pm+dd;pLZKY|Ca+EPmqpF*j`&(-mv|yi<FNT}Mj+~kVhzX^ALaat(JTyyz*M3L3
z-*&K53i$<N%{9#AFdOq}k6|{NSLh%m(nRF#q$EIf)TN1S?>>^Qq5njIU$e{S>z!mX
z@8qKMt+Mb|bLj`g_O*TrK?0{^b{_+Y&E7p?C+`+6Y<>u(&Zu|su@t+}4M1f6F~(rk
z-kZ3@x5=@|I7vnt8TzFd7t_y}-^&{<y=>mfflFY7<$Y3&ngd3%Hc!L1D?M(#rDs`p
zn;}BsJu7FLX_l-7;R;o)!NyUdbfikh8YU*JsQiv}-(-ilv%|=A)?^(Xz&A+IdoL?2
zEidpwl6DzkwN-PH`>uRUFZn)J(_l1s5~1+6Cr%TYLt<>mI9!vPX%uN(Nh{No77;c{
zt_b4JWyz)SfEx@Mm}dw?I?v~5Nzjan4Ior4XUGK{i=YUnV(-Frpd*wcDokv#nxd&t
zPHNh>a%Z_`6lx2C@WgEcv7WrR%%3wjJpPd)41;^QmyDM@0C({?w;ML#CukiBQUi4?
zCF(FaFH-$O@GvNZYwtolcpeYMhr1!9!t;9j|Fr+N`nCE);K}zBmA{cC6W&fv>pk=W
z|Cahaic0@N{k8f#^^fXbxqd_u4qa({o<0Qwp7#$bN=no}YCI+Qr63f(3lYP>CUcrP
zF@3^m*qv-5Pypj1wFOW}PM7`xI~mh5K;8rxl4KWT7XHPi9MB<dLgGjfW1)f&atQKL
zypkMOO)|Kq^WdQ40C5$fT(d__6fgZbPD)GVOeA$Emy#TH;poSQpzfwaK|TIDsoKWk
zo#4u#hFO!}sd67F73NLN3;HPdN=10-?1CDzBjLDYy~^2|g12(T)k3Y5H2Myax-3{C
zQfm#(m%><)E#yj2ZAH&Octt)a>Es1b(H#JyvCw0*O2Dq-h(z$L(lKLRi{#rCiVfO<
zvci845cS~eqWVTCGg}q&DW5`FIfw%d#|Nb}WU>~wiF*f7azS#>%9CIsASb}b7rqG-
z2Eys32383az`qWSZ8Uw)*pq02vYP4Q8A=Qwj9(&%IV&jbpobJh`-oR0n_a&{kQyUK
zQ+&=u4d4hQHdLD)Q&<E6WYC|OF2+M-N6mz4VlsY8*vJAx7=vC8gA=Spfen$>$!W$3
zhtLxsukB}T!e8OUf<TxTN0wGE$uwbwAS5Lwgp`!GV-8Z+3MQi{lAlkh>4gMT9r{E}
zBXx*xxa;OL>r$dav73sA&I!8+bXIgJsr4xW2{;*RhXPt~LGS>$KZN|@I?HFZUP<*s
zlwJ|qqeU)jUI&mn3f$l-wwbe=n6hwm;#Y72Ws*d=kR>XLVDQa00;LSFjdJHFZ5l#A
zbd%q4k}qm){hZX`As-x&3ex3j@7L*ZQA-Pf_BB!-AF)^m*KNN`A_e6x3Z3cGju+mB
z^ojiJ=cLQPsOuK^q|L=IFj^#I9!Io{EpsDRp^N%1B7-JtY*1m)VQItc7RoGPQFa@!
zd4^DB_?K@U$_@UMv(`QU!B_E#xXHn?KZou^y+{%0moLiZojFP`p@i?QL%ok?WhF>v
zveeaSOCK%t;aOUxx#Q*l)Xa-~2@N42?}Sr8uxJA2sLa0KNF>#`xun9AhxN43@f0Oo
zP!|?`lKKf?5?}|{@u-rKL~@bd0{R}}lF1^`gHJWHO7r!eW)-GW=?S5T?2@oO1U!mo
z^y>%#r!%`n2Lg$(e1+u~Kxot>86Q1uxG($_u5ID;aA`P#m}T9l0Yt+<KSm8L@#?(>
znS^#uT1(;&2!c2n9GC0{FHVrKs3O#v6y|rNZc8G<pdun*i8#j9AyVO*NJy{)YCn8}
zr?NQv#rMZ7v|_H7+vG>3S!X$kd{->MQLn-9`aIA#(~C@^Qw~VGD6Df~bq`~H!1SrQ
z!cK&Xhoml%j-nN;kF%hdV3O2R$aSI#5*9Fh7X?oK#Vfe2a?1jJsl+SapuSA2Pcx(Z
zu#k2Jrk_o=L`p9&hs$ny(f$XxcYjQe<$I{f{x$Enybn{6E$glbpM`NFCw9oC9jL;W
zsVk7(Zcw*S+el@jx))veCDc~@NA-HqhEaqMfN3tSg#}uGB_XRb;CBG{vMSW1qJn|0
zTT`-@0&luqz>2?!5v;EONFkR9f;nNe1)x{-eZJ9cyMRDsi^+W9Re*d@khSADC!7!v
zq#0AtT8}tHu2FdknDr1+IIqP&kk2~+&PudiWFAVXgcNgfoEOyuPV@w!qe6XIvK5jG
zsE)P(f42Gd-lB}`{JUbo)l!|xktoc<oEYl?fkqHtQ(KD)D1MaVF(%>KQbz)m<3M({
z86X<ch<;BY$@nW&Wmk?E0Qk-=!<%$O9hn!%7q~(kj2oDGMukULofei$PE^ENO?Dz_
z!+4Tw2G~e1*)>dJ%6uiPqM3&}M(Aybo6J*WAmcW>o2|@JzILRHrrnlF`pGskh3QEr
z3egoTX4Hr`?O9!r9AXv-$x2feV?;b4q$0Wm&!ZLWnQXFu;|isaCOS?XWBV=$&S7}Z
zSpm&xnOSW%Wlgu$tz@Set=Z;qC8O?9O5w<to0nsTvATv6h*7+h^RTu87`*owus8n(
zloBvvqF)19y%#0p?_p4XOi^dccD5jo&C^{%=C5MyCo#P9upJ#<iL|J1@WWS#jvF*v
zpiAp9ls4h0P|xYNqMGwHRCX!#58Szc`UhEjAb1|Oq#7T_2T?Q)`oU-qOPf`S3&SZ9
z2!IBn4-pRXoM@_LF`lzAH;8rKSkj89KU<?DzqyI~skVI6jia^0?$p=~V^)t#srNvi
zvAU<G`LZ~mpyE&+|Fl^>)(+AY^^mlEf^JCMmf#(!WJ>W}13&^_5ufv;Xw-_ni|AVL
zp6H(J6C+NN!_uVc`!5vCqI#4E(*w@*;XKMWS2gQr8%T_{Cs_HbJc1%hw2jKccKAPV
z-iKSOCe7w4i#tJ8$(RZ&WqnE=9VSx0h9?!Q+vDAs_CmsvSa;6AUyDNm<=HV5eyS)5
z0^t9+a=ujL-_jWMhI~C``%#AL;b5``Cz&XqS<glB(I-*c{fh%msv1A9S>%cY2dj^2
zb!XD=CfXZ$$^JXJMSnuQc!S=NW8Nj+oSN|)z1zGed3SryVingHd$06<(ECr`n~1~z
zh&cS43&fHd%MBWFE+LQg9qJ}>Sa*O{->dG|Kds+M(yN9T5h$J&8Fjcb?NHV@pzdf6
zi<`oSrCEwP==si!x*|x`pz9XYil7x^-x&mG#5)AGvRn>*APvRN6>H<bfjQ>59s)$&
zimd^fX&_XU<*8)LE}%FWPaCSsn_G00P$e*seXN^P1~8k9<_k_a9HEpF%JvN)g%T}A
z34q2BKyrg($g)vZ1b{A2f%7p)mW<;_40MYPB@#bNn=b^OrRi9tR@%#fB@$a8-D0IX
z;m@F}&t4Q5EiNvA0z-^B-kcTi=5$_3ZHJ`TxP+0jRj>;khG8N(6v57PMBqLE#~}CL
z-p>J;6lGN<lpV$j(fl@)cE|&|k@V}>0+E3Nv{6j~1nUHH|GNM`vaS@nb$J4lxzy6h
zE$1c^|D$IFRhJGOxxu987OQPaV~vn;P@bqo{te}VG}$|}b18zg-Krik5F_hqRcy!Y
zna)R4-%oh>W9}$RZ*e({uv<w-sx0fpO&wy`Zb$-C-eC<sab7!9`eTRqBOVYdj_t7D
zyzFvo=n<MR;&FXUae7&;6gNSse&2~=V%cT9BQ<t%9`dE!Q^Tn3;6u!KX{wLSgDfZ|
zND4E-<{&As>fllEou|RC_Wr9-38j7>UI-0<XQ(%kPcr7GAxi9qH{a#EaeM#O`1e6J
zAUwpso3NCW>=aq)C1KkXfVOq=7)U&92g*)$m|BkWlgku#w&~yG*oemT)1hAnN23V^
z-xQ%q2O4L&27{JNAi%&-z*Exe1heGxeEMe+Kic~Q<5xRSr#(9AIX`-bs2qX1ktP#o
z_r6DjTce%?vJ)CNq*vSI<SO@G4>9>3{D!UWT13xEzd<-vz)E4Ly(l!<P@;D}V@)~w
zSWR9<hmy7_cY?LD^3A$5-$K$=yP)f>>sZT90QQ7FG%;<+u4n<m;9Hc}3x(wNu(7Nv
z#s{(vH^sE9beaZ~`+-~#U<y-B+Gdq(;5CbJ$OI;;q)$|?e4VsEM}dvWS>(Rs3wVzw
z2bX0DQI<#&FBaXLmh@?HmB2MQDE4Le3+l^(@Ezhm{L-iEkRpQ3Bq><Xg-zhWIJ{`7
zBqX~^)8q<f%iD$o>tY(bhJFJw3>3uXk}>5GP!n+-`bWT{m7ZAcCyxTI#E$$VolP=K
zQmSjQtn)$QmzGGgatt2pTWZo`R*9okn5*&CtAKELC6t1L@t}l(s^Vmy&cL{ME(H*&
z@NWb!VzP)uVbzaPh7!W^bU1C&{=eR7;5b6=E&fI3YtRVHBT4yDS5^`mY3YfTIgW>c
zvvM26XOZua73Fjiem{CJ3s!Pvv28E6nq(ami$Rz{2+0Uo3Vv<r$!y4_$z@S|fddu)
z!5v?i$8}sO(IYt$C@Z0oJsTap{pN;=dbGH~MA{~3Z_s<e@p(#C52(Np#TiOr5!l=4
z@ze)pyVu<&<Qu`7Tc@v?pNM)vJ88GGBb=LyI3n|3o(IK_Z0Ht~iW^Ua%6bvfQ^t(I
zQfLvCDaUQ(Q8ZZ;T~r}tcb;W%t1Rit<fTf8wW&EO|4b96F9pp+0IZME&Zs4i=`vrG
zrE97->}v13Lz-0d-Vbma`Mny8{xf}ZbHs{7o_cqaRdYO#_ZPjx|F8EO@cexLYx}>b
zewp8Il6Vg+Ixj!ueH7*TkG((l{txd9^cH{3`&ZGX0mllEW)>OIbVVp237HIQioo!N
zbD^L@RRKDDLOEO1f#7Iz9|@wHJ63y3@muU)Tciu#qu_!Ro~)-MZ%tWefbS^ZWK11d
zILa|b6Fh=w;fDSv774&@a^#MXcFE#VEFye+Zp&Ii0Oa7=4%s_|W~pZ$fxdkN95^`?
z8~H{?SCRt-X<_jtOJy)eAWGjN;T^`3X{(#du3k0KcCwuLJkbs@9-t{!N|J}xGI&f=
zXf<}xb%{AfGPxVI+DUkmuZ~kkaX6!<2pNH17pj41IFk6BECcyH(oP%*8w_38VNHu=
zIlFZ9K*^#cJj@(9M94-_Wc(-sK4y_06<@=iboS_!;5;iSSonbI<aDVp!Ov5Q9-vP%
zz*X#pu>QXxNIV~ECER~O_87CTZUSr2h~eT&&6so{89tJecGahzOpkTX&yNwVl3xdv
zrE8qbBFKps%3~>k3z9>G3uKl6GnOJ?A(d0)>qitnbW@6*xkS-}D)MzKw+K<=j>_`V
zvi3XkmRJ?(vh4_~DWW57MNSI^G}*!uhCn$@0*?pXKoziNecyw7YkOLhAS!l^Iik_5
zrGnodips(IVhBCKikO#H%Veim9*(8Y@KGz|EoqFEUm_#x`djZ26kxp4do>*JwdzXs
zum#tXmCm1{?uPF@Pr3^$vJm)iW-J}N3-zp)h!d4h{z-<voRxTXna%StAuLlHjgzUv
z)a5;bGf@$lRd6#B{t!e7452q-3QTF}#{jM<W%SUAvS!&KX|drIu`F?~t*dD{VQ~p8
zi4bpxIB_)H8A)q1{K7Hundxi~zgQfPOh43#+`bh?Rd;C<q>rCNlOU0E3~6Vkk*B1M
zV38l+M$na%_Ke_}@Uoom)UY@iH+CTxS@NIZ6Kt{)<6?aeX%x_17)mLjFkK2Y9R#+P
z&SoqfMHd4k`wjwdv5+G6J_vtVLQxX(00i|AAOP1i!5%B=>l2H+0O}=Y>AuUE2yst<
z7@4h&|2S7#{J9^btR+bCG_fga9aB*c077OgZZ@=d;3#h&2sk)v08v&85@{x4O~YnR
zd3YG~Dv`uVIr^-PW#X=^JL*nk=4%ujy$wVA8PL~X22-i@#QI=NjEQ`nj?kjAxC}aw
zAmE*VjZ;>HdypNrp%!V-bmVDM_yfvTJ7S$_2t<;v;bQ{Q6?hV+ds2{E=s2opLPJ?;
zM`xis#l&p+$WRzq#o#Do8bBge87U>&J@T+bOS1HG*jNYtvHGF#z3{mbAKyhv#kz<4
z;pc3?(y3(LmH$kPJysu*<#Y5iaUIf~ozr~-VnhM?dMu5_e^EzKYVkN&EmuyqgcS_Q
zisISiu8K6v;?G<=oCCNZ!-EnOb4^Z`KHwJ`;2M#M#OnYbLSIM|qe@b=&Ot4ST{2-d
zcr$7z-Ftj2X>Qq)IF{i_DuqYGqCc|IhhQkB5qM|fJ%m#{957+yGKRV07>Oli)j*hm
zybl@0tMP=9BS_uC8R0fQbbw_9k(Y_VA+Sh{9D#E=se)ql<RI?x%Uil=be!D~T_OY`
z)Zvo#E~E4HS`a*qr@*6uPq4le%N6k4s0t0}+V;He{@3w?@79|j#*cVE&f0SCWNoqc
zp?m%2Vx0|HTkP*~?-D^uPwxperb`dgksyMhP|rA&T0Vze5KsxPmp74T#84!qu(RtU
zEe$b#n)Yk?j30<TfFQ{^;PFW9V!JbZn<Xqml_zAtWzu>J>W~@HL~giFDJ3V_$$5<v
zR|s^8aU+9~TR^EAILcdUjBiw9tmO`)!Zp?iNK(GD$TVQ2Ly@o+0~_Ja(UsVEh8iV~
zlaVh_1qifkf@Mpp17jDA12#CLT$c>wysXFC1qDb7b!eQKu>t~DKtQYO*&Nfilx6_v
zZ{59|(pNF-RhG<BeJTW46^X6|S?_3}`fq6WCT%z4*hFR9Kp$Coq`xV(zPmgmrXn2_
zjzzy%R!3X{)e20MpuNm*%!t&Fqy}50qgKmG{79m3_7-#a8!{7p{}Iy34<uZH8)3eE
z06)XbgPzf^!502&39rslSI2K0lGZ%RZJ8Ws6J|h66XIle^M#`SGp+3p$aEs$p@xJe
zdg;DZq(_Jd0`i;M-3PZrUc%G!i$sjS8HI`Nw-PmB^)c2cz=SHrN@(HV2=z75>rS7e
z6rAD)_+SJdTotlm<Hi!5^pb9ckW;_l)<XT}qZpSgxWFaRF1*~zuIP}X;B3NUSu~Zs
zp$06vjc4UTSrttd;BY?_Q<p)V2QByjW<oCtf*$FT&@?Yn1I+!Av;xKuWzdKP-5#PI
zEeg~r?r{}2l(kf8>A~Z=s>MJl-S(l+5`e@5E?;dT@srb~(U24>?KE<qv|i<5%DO9}
ztZT+hWpeYdIQv9u85uYSZe}5^%+$|N_$=nkGHX<gxE|75j9s?9rTt%_rs7-Pef++!
zS1;E7dyDr|>MA9_hu}8#cqPBPgx~N*=f*3rNM_%nbXT00RPaqjennA`1_zngw93l5
zW)$?EB5vn1p_~{3p44G#GQF`x{5BRk+13Yr_cQETOrU$<MrU&zFOJ(`E>s<3Dq=n;
zws_C+NX&P>V@G0`7!SvhMCZJ$Fe+)L3u=sOn+zsPmvDZuI-$O>0LFqP&1!L*q(>KD
z1~O)(0X}2>L7}$8?MQxsifAc|U#L)42q7gKS7;9hdybI3<swj|$+ybC2pS9mY|;NV
z8)3ed3m0vQvr#w5YZ091HOWfZOfr;J9f<8us9%=0SQfDCG5g~(@#9@0TNbyKQc8RT
z>at8CrVu6Vcy!d`f+UlX)g<{`qX`4!tUV($A)>IVN8$tCjpx~5R!}@jGFwPBzP6#8
z)Xidd8=_AzWsdTTs_alal62ulh!K8r7SE_Dl-kO6&QY}{%X{dgUARWb%HFK|<mWBP
z%`vz%lIBw&0lz1%5DN~2;s{Gq2<0cGC_WP18c)T9)E)Z1O|#6ChvTO^S!?ytOyiDi
z4#F#iU9!>^asW+7sZ>T`;rv1%W&0sQS$e8xPq<FseTP&~$Z9O;u^1UpLYErA@+d>G
zl;6BtK6wKL&UB08^Y<Q%V>;{<^B5AKROcmu-;*&p*4e#*Ulb;3r6Q!q4qik4in3e0
z8ZLCLs1YPsQp!TtQ4vt1QD+GD*@wiDSP>m&dVnuv1$0`}=#?QzN1ItNCy70iM%4HP
zJfl%}aa`z^EPe!ihekl4@X|y*O;))DYJY;PTb=J*R^?_R7bKOcZ}PmDJ6(;$K?~PT
zuoRJ+DjOuzpd6^=TJ;kMJh?B-n?p(lnM*>}fXp4Tx(+sb?OV89mi`m`i&;VJJjpGQ
zJ-Rf_cbaiU)s?^ss?~Byihv{q$-`r%f1Hp#Qr{w<0EaaGA$XL;=VS>Ai3>#00k~s6
z+kj6ULuK~OFEq%zLL9Ru>OW1qD_*t#p#Cxa64q*oylm0a@Hq7ZC7ocBy?V9!K~_}%
zX)0oVS$#nLhWZfesY^xir<JUy{w1PfF<l6@qecPG1{n}X4{I)g0_g`6yTrsOpXJ4@
zWVIsXNiq2`8l{sk;W7#+*l|%$0EZ9*Co*<W{`t^~3m0tImIY&221FHu?GP}Ml4Dtv
z2x1{c8+wkhi*U+0c6MV5y^tF9(1L-G_u;5s#3bM!$06vERmyAmC5P}3B8?r=ZphI9
znJjTMUPLs~ZP4Y~7^0>0nV5mF2huS|u$+_>T?lGX?Jx(EIE$2E(EUsAut=o{%tQ+V
zKtmdU2ON<2yTkvIrE#SnM1ltB#~7wUm_Zjkm$~J50pH+ufpS3R2;7^qmI!Cfk;JKh
zgQajR78Iy~uaXZy?U4nl#@vVna)PM?%iGj|N%<G;WK!9%;4|{NQ$w04^kv1c`2Ye{
zvOQq0POw;KcT2M3@w#e!5jYVwhLxqsX)T3GxxpN^!HEo!i&eoST1T-ASX8$a9}oQv
zd>_Axu$Zt2Mo5~5tS$Xt97NGjNgpt^PF?tfNm$VBGSr+zek~9RmAFd!{Y3y0K8*K7
z1Va76Ty9BSk>+{-<n(FrNV=f%DV4Vf2n54j_Vi@|q{{}42IffjsIQV`XIM{ng^V(5
zT)>mMtapvqJ$L({LXCi%<PF+d0VEc)@uR5Ans;hd0GWgi%e+$Gz$GC{BC&$HBa=`1
zmtB2%g%uqGxC;QBRGX|w0xkbu2%CDOn42;$mBH&dCy1h-MM6U&r7{_Vmo*126U{Jv
z1zd}}@n$4ht!@B;0qc$wd<ObcpaMVmzaf5v*dT1M5Q(q_poQE#nqoV#dtV{(_qQZd
z@=)JT4)J>6bnjL!`l;+iG|xH%r^si5QwXT6(wV3?ZxCgP4ndh`-1g7qMQ3FJ|D;ny
zS>YN`X7~mSQZo?v-SrKA9R%7TwGQ<4vVH`#i6_BtSm6%I#Nao$$n8e~=XbvZmv)<R
z<Cv@1xL8}`E=jo^$YwgtzTE8a6c`x$y_=il&@#GXX%qV&MBNFTZFyB6`r5<U`^-a~
zspjFFs&nqtb%&~3MR(J;p&PoJMiB9#jVK7Tf`Fhhsc0bJNH9i1h$dnXBEboV#Hfjy
z`10Zq6XOsxA($78W1dq!PZFct>i1pywm#^4Z`B$0{9o(0e(Sf^D$?S3Lq+y#mOb*U
zs13>M{rhI|3>ABBc`28VKCg?wfT?!9J)YLO19zlYz3dJ;zYu$9quL^|PTT7?=iwS3
zM8=WQW1Y?J4kmJJF;23mJ!k9DwbjerXe4ctU1Psk6((;+O%9g&{EZHm^l^`2&GSpn
zY16}=FZu%G^y|c1!DB+^9@AFZ4Ky8rlPK*y*(R0Z7E?DCL^&KVJb9GwXej0DOb>C!
z4oWOrTaRzFtGt6tDj7+!kafe;pFbXNeKjX4=fJTITb|}z>%y4z@`q3S<Mfx(kLl(7
zv1$h6AL!;By_BMJ=@nVKdwgmq+KRwD#yx4voXD(;)WcFT80w_1GDpQSOiJJz@fBin
zq@*m;OG2~bWx)(WfK!%(sb*g1N4;a#w9?oHL8BdFm}r*4R>G1AjbNj&mwG6fiZ%)*
z?vgP<t3*wRp>hBjJA5<#sm!FJ+Eo@O?3_(GHc(9XHLs$wS(LCY92P>wG2EXV)z~)$
zwezB6kpjs@`_yUJ%F5WW;(iG@HeB)?4C-0(!Gj7|XM-x_ohRG<)$O7)p1XIRmYBnc
zTO>e<$5Ou#+=C~pE53<h$cPc#x<PP~);KqAAr6j^m2n3#12pS~%79!!wd89y)zY3P
zWaVjV`K@v%45Ze+kx$W8B%2)8@onRcUc)*eUJ%ktIJa`0FofXUvC$4P&?7_X(p@@r
z22{O$p3Hy9T7SR;%O<^wCK8n){P<6j+{2yA#tn@>lL<~A*avBv7LaU8KWXh$9nMWJ
z1#a5e4~8AR<-v7eVNINF^5>$BmZ_3S`eQqjwB4VS7dqpt_00aG{qdFFJ=>#;CnHa<
z1w|s(O4^j*o^ZpYWRq6Yb<9!-HZ9pWGOcxi4DqK6rgK#NW~(uz_3Ct{-JP<t9i?6_
z1*jo-i8X;n0s6pCi2xVL|8YVsQSZgWTs2d@J-NEs7`9vDCXq0t)7*etYJ&@>2j!rZ
zUeLiPT0!X0ZH2UYOm<^@`)<__&+?+6DGEGQW)z(-b$hTXPLovzE59pQZLYS~wTRzY
zZ*)w+aXeD&VeiCiW#fbN9U6m6Ck(<k-~PZPZMm-4kC{2#-$gh2#FJ|-Ccow4t2;HG
zFHOE6iTN@y@9nR{L?4EN{$28`RbAD8Oa37FljMI^deZ26v1$(ZN)5Y!)rf`RnMK_D
z??h#faAoeX#&9U3#Ep861z1NxEL7rlejMpxxezZ3U<7Oxof!pB{zL_45vx+Ad=@mM
z1=207RB_M_5oWAL%9zTdqfI7IL^rqYL_l`Nd&ImZ-%>n^nWf5c46(pvrV*O-H})8~
zB7&oFELbMOkCEI6+c0(%r)Pflt=KkWV;Rcd#|n19AX4zfR=-Xx&Pu@P>}Fk+;{vcb
zgavHaDtJ=uQixTRB87pd3`G@x+5hQbWb}8EL;HzwGs}Y3zM%L)(b7pdGZzQajDi3*
z0b%byC`~6h7uK%Dl&*r0J1m<Ho&OoMv|w7W&MK**_nLDg*N+`f$e{|qM_HAF^2sF&
z7C+jllbB92SGrs{a5z_J>XeiHwc57!+PuWTG{I)AIW*Hy8xyGlu0JXYxsMJ{n3uCw
ztB2RirBquRr;Y4raUy6TC<j>ryem{Lism&TMs9`F*09g!$6yTcigh_z;<+FYBAy$h
zrk{#stcyYSL29EuxF6M6!5dJZS{M}ziUbXt=e>K^dZXg%RURxeA+opKUb{$~gf6~<
zW09PsJ{c?5thMTZ7f$4>kxD-!ma?9(9vtB-vB^wOcD+{itHMKGkr2l_;rcEQ40&s|
z?$TnguD_QHIg&F`2V|3t_WE9{YXVHYHWj2gR0lO&jm|7T9U$bNhT$5+m?L(!_@_bP
zG|smxrK)%+YO&A%3kGx+VN_$XeThX4Y}VVwF*|}r>x#L1_2GWs`mcocilPP^qM|rl
z#tr4eW=RHrcW|KpEcmnY-*V*d6Ku=D6XysCnOrgI`R}uEKN+W$yv-_pSw%o!=PnwL
z5(1enq<L$Qu@2?aTS{E@(6mi9GV5-Xll#iXdbc|)FR6$dua)m5e0NC^$q_7zziX}O
z_Jxz1wZ@hCG|^H<+EXY@n&k7ghG43X4wA!S_eO_>QWVwNxl*nr3e05X)TQaVwMWmY
z$s^R1Jc8L9v?hW$$AKNz!OH1f?~G#hjNUh1O)z=d$GM9^@CCn6v}X`(WRP<=9p)DB
zibS1NaCIK9Ee1P1ix86S-h@TPpu;>8_xAhtGCee=Ga^c;r=(-mdb&9k>GL3xyWGgU
z53SuLLx5GcMa|s$B*neO_GHtnoqF_jDOz`j#$xqUmO2z37;anWn#O2UkQ;WFlY@94
z$(EyygKOx8xNRy3`-d}8E7!0`d7y7~GlnpsK^lXL)AjAN-y5%yqsIKC{$^CI;8fFV
z{vNi9m(Crq=L)US8<bHR6$z8Wp($|}siXOHchW&T#ZtkNP!WW1yVAKP$)|obV0hAr
zd2uQL<Ddhht*vBF{9f|^X35GA>T?<Fc;t)!oqX}f)H=n~?7x85VySd1b?8pA2(COi
zlW}8nmtnQ$l<4vA$*t_{n&G`w!mYAbY|NNN4ayuuV`Ke)d@UN8R4|NQh9Qht(AVK5
zFZ+*pXr~r)|L%m;FxafPWbh~+oCZf#XQewjW#vktbXu6Jt(O)sHIX};O}%;++ry6+
zWyH1+V*FBtkq%f!YkY&n1OrPS5KyAxh<X;VV*CQi`AQsVs9BkJwo`N)pGK)kig5`M
zmWHFNz71H8BA4dyG6}X&myQdCX}DI8Q|SSdR4FF+J`J<hz|xE+_11Oi(8*yJIs%~s
zk}2q9MLd6}>l)A*;)l2igG}OcxMQ4lmd{8|nrq#4!!R4qx|ojYyV>g2r-zP^{-l0<
znGtIfilwGB4c3{9XhV@~?~UYBH*#$_i#E-FSWY)H|8L^5EL$&q<T3WQ_Ezvpn>kwg
zX7)A)>_`j*WQYa*n|^DEnBE;vaPe+&gH$!-(a4)`6=4gv8t?azC2#T^C*|)0t4u3l
z&~qZdYCRr^v-m2G#3R|Pt>=RiIP%Y)(U#L1j|Z!@L6;mqJ9_x}M36xx35oQft~KU8
zLr=F2;X=hX`kmIjj9+UP7rpk>twa~>6B&hO@2b5~u7?ii(uI2Oa((v3<pwU0(lF@p
z^7!x-ct_E4B(!B6m@z4`sv&+fBG$*R(>NOT=`ga+X2Ai0&dHw!p2`+dXW1h-ezH_n
z-HH$OKz<dwo)niN?YZw$mQ?nTelsl>C2j4c8~s7n-50lw*Kj-0&Zw?AWm}7edhIbQ
zkGaeZ1y{R^1#lJ1=Z3Z=x&5?ChrpRwlQ&jMTJ1lyK>xxejTzrVIjVW3bG)hV?0u?%
z{#NoHQ+mH6`5=Gr5q*tfI^e%aeku92<W5ac)W`pMy22*4)CBFNhv}vCT6&V+lRl6>
zoPKutqV#3yE7Dh|Uq&TaS_%*jiVFYT&=qpJ(;Cf}L5h3)7vdNzg5+7sxB_G}AW>qH
zfkpsK#YZEj%Pu%!xE?m>7KoP2g7%3}Es$8@m)MBFty-%Tk#b<7G}uHkUTuAJ=$NQO
z!YZM|Z95k%%`NswYzOZhmLWz!btBrtM4`}VQCJn*JUJbLJQdgpgmdF;89bhsEZaM;
zpM{{2(l8*A-32**XC>2thjCaIatO!lhSd3VEbK#`l_zEyJ6@TB*qjYm<B`V0q#4CR
zrpVZg7FWqWV-k5XT`*^b2S-1pxK^>%!`O`uc$G~8<<0^IqwJ$$Na=#l@o{7>VLbfi
zuqRB+<m|-vB6nbqP9Y4<Nz@6AeFSUfyco^18Y8C!KTgw0fS+OaZUV6m4eo>b%JHeM
zd!ZKCP;sS?#ud18RVrmpeC@>X4VkrUQcClI!AmKT!@^LdNC*PPtfKaLPOe-$s}}Xq
zC?t+JwW=O^xYNDSyzlaZ{hQ6Jm$LP|(K{Bzc91p04%JhTOP=9~r$RaBH!H!TuZw-u
zl)yUL_)33;EmU79zFWSLC?{#|r+b@{XZ(K`$93iL2`gzTORx<i<KDP>{pOJDv}kDV
zNC<!^J9%@1)-2kaD1sytW4(e45kIq(>H1yCMJv788yefLY7wPTTL(Kd?RP+7{KSmB
zemnVPy9q{VR_@iis|-?lA;Qt(Ww0yzQTy^L4(o+>`ZNM-`H$=iIk5BFQjc$EERv^$
zQaV!T{SAzNP=+j7-f3r@jdD%H?U6)1Pj1R0V_j>~mM1+$MWC-k=QeDD3I1wlki1Ip
zUbO!JW|M<7EA{-7Oi^_2ly4N(Qt4E)`10?EpR*5#J7B&+-z@)+kf%<3jB=L0$C0U^
z4uarQF3(%Jn>_v6*k~;~zgr2rAn^x*gwFZ@6It{)TZ;GO4>Cy2l;lhy>e4p3q#z0Z
zrLDcv5hmFmhO5e7JF2zbBhe?_fIuJ_Y&QB5D~<DC@CEK5a9R2uXLTO!y8*J~pLe1%
zJ4C#PkY(O}@KOD;Xq*bVjCD1YY5#`6de}dB1pEcwSIPNhQn61*o(e`kYn4Znoo4%L
zJP{@qe43o`?qsmNN?vlkoYuS7Uz_0Ej6(=5Xq+uE#Y9npysD7j-F2iAn)^tPt`c;Q
zW|CbaY-p@sOb+Tv|B%cdIkz|btXlo<8$Xa|2VGRSN7&eBj~?REwd~T1)pjHE9hs!K
zKsc8;V2`~EejY=aT_%*Edluz6(ep4$cka+_-r_|DoQ>{(uz8m4V%VN8knnq!ym);p
zS@($k*0V!kbEUECnJqVGU%XS_odOBbVCT-pd37;>)~oS2^`&etghZn;kRa|i`W}cp
zo7eWwzt<gDQ>i=&=y>YR=EoS`a$uZjO}pcfl$<d)@TNx4P%Y$Qf~FaBbZo2nbD;l1
z4|wk@CyZ$@QR(ke<i;VT)5evU)h+v08%xOSN6nQ+3?2?s>_h^q1OkzNQgi4)bq<Qh
zG$_QjN78>bNa$w8yujbC$_Y=Ked<rOrHRTc*9%JnFsHTEpXe|HO6{yfKV*N+`c0tO
z)hBL0@$2cYq@Tc@d~fnY$&XfDV}36AMPBja$tRNEP5w}=?Ek`U;6S57mSu|!MFjfW
zLCKv7#<`+YngVZ#Yba*?*ol-!U|4QoF3+Nq-8Gz^x`Ozg^bY@I#wE**yU31lmQhX1
zq6R_9KVeG3dqj6woaKUOtf;(T;7+-ki0_5;+SS;6>=g$wV}Duug1g{VxH<qgil}(T
z6XN{E@@z4SM3XH@Bs;PbluYH*PAC5FOO+^65=T}hUaIokm6+bKhC@CJio+Yz_*;%>
zYIl-Y{!GdWxtBn5_{gdW3xpe$ryOWFb)UfCIF+l^|5zL+#0|w4!gDO*u$&Ol+0s9X
zX_uTflA%B&1?-NC;~K_gKjTsSH;qKpj#!LKS1lWi#1Jx=0`D&HXt8u2^Qqs9<=F&T
zdw60Wu|r!V(>u8_0buC-xGhTkg}cWe#ucDfxswwDC*ly2&t`_QxnAx#KG;ja5SB4*
zjzxNCG+t^ta-4!Db^EBeT+`wxUZmG3%1OHW9+jZifM~|tVrRHxcoSQ~p{Y@9u5b3Y
zITJOp$~T+JnJ(<Gbi4KX?m9Hui)fBiG@pEHkOK%<myIor;Z4^hm#pUOO8u}eMc}?N
zEvyIAfWGCK7{q$BlP}uXR;z*5l|8*!KTvKN#xeX)SDpDp2a$m6orWV2(^h4!{AzI&
z<~>u_H8jJ+$6K?0-uk@gY7+ht<w8e~03L$O%yyYvT0~8&(WA9ux;E}##03%BCG}_{
zC?c+F=;6>BN7|0Dy<x#<(;Z3d-1j2+&7zTxxTanZB>1+#CV37bxz!26<XfB{T0usw
zzvVh+S{x?j*U3sH2U}X5rp<4j#w=s@`vI`H**p@=*L9t(7v~>sJ7S96T5(<PMEX+?
z2z&c3?5hl18xg={L}`@rd`HztmV%?`KiimSA;?yU57=v#2#1iZKFdu|Q_NpSQ`fZB
z(PKNZ%{IceZ4j@y4#rs)aiaRGxxKX8l-zuk0;%XC8<i5=ZDetn{W8blDX(QXL$W7u
zQB1{L6$FGDD5%N%U}v<k`dGS`T`N|n8=I6qKIRXS7p{`B(sO1+_cn7MJ*57t@pvwZ
zW`D$Y5xhyo#bgslYKjZ<u7DL&#M*KJZU$h`4c0r-I(6e5gYKCk97Lt+ZbLRu>NEuP
z@Tx&6$C0Aoh!Gs9C(oAkw$xQMJw)OswVC#kDQ|;C8B`-zR<U|<!?$PWZ+1LpE{Z8V
zi$O}b)bvH!SMY>F*R1|{(%tJ$uIHN#jaX8>#64~Fi%fde8v&f)jUw64ntuVG5;Xg&
zpg65KihWwXKTAKH{^^RCO)Rud%6g!l<yigwgLv(z`+9Nmc*SbJF?mbXIqaP(RsVMK
zZ92b3g!KK@1ofXv{x6Cm=832+EE(I)3<ASp-spP0Gb@%N<tn9(x(JIU28ebEEZlr{
zH6eS~kZS>C2h|+Jfxv{>W5^?*;WlV{mW(8d9LQb>V@|@xs~B1+9zzGSTQfQLQ;42D
z#Z%BM6A>yt3le2=wzyT^JPn&{WRc@bsh$`<8TrcOP0Hnr;S>Do0~0pzbb1zLqw{ic
z##JqepwK75uScGoIKigGJH9@}#OSzdD?EoHu?6Q+5yn{fv*V@L@z7HNLPSvubxm<q
zLh`!^e%attR#*gA5FCbSJuU2?IiGTq5#ZTc)$M>2jqiKeKk+w5#wo;R?bVOGTv4lj
zk9Q(a;vIdRLx|sFQ@&|GS!K+_4KUnW$)LHFyhi28PO8Mk!$X7L+(NufS7lHny1iB}
zCJz$oM4u|8Dy=Q}0{Fqq)_R)&fZ<Hro7gXpXJw}#8RJ1hJlqmlC`D-*&B#91sFnzH
z^76VhVHsb@mWEvb#GuMfJ3a92-F&!nqjf^nHtM&BUwL8J+dMKWhkQnM$m-R9RuD6w
zzTa9MB%3I&?nRHe3=kSFt$jC%LFA#wa`i=PSni{qG0nB|Ojp=^eExeWocf*CZu#xq
ztns~V(<ukvL$8q4{+^??I@1p^JFSicxc(zycGq|neV*|5`Y`ZKS#-c=ezR`~YrADU
zL76{40s$-3*-<w*9OJ{Kacjk&)AxbH$L!_(O<D8gyS>Q<dh7hvN|16j>2{R=Z7(D(
z+cJNc&G-q+wk&=QtShuDTy1reSGf~{7$*a+X^_(jvfO_hg0=!Igq#A~?BrZ?Xc>l1
z4tE|p#3q?z8+f$2nU~u`)&LY{pB--%Anl3era$i>)lRir)91dGmI|HA;<1EGoO9$%
zw6=(Jf|JUVbt}y+K%&JILr0$uB$znN-bnZ{6bW>FTZz5LMehn3^l_W^jdufF#W5nv
z=WlJu$B8(o97seYG!08<jGI5AX^TtUiU^`RY#P6C52u5b*{YT8UR4anL2uR8`PWrl
zUb!yP8q96CCMkIJFmB0i-`!w)VPsV#5gDt?3lknJuZ*f6<tk)W_!Vb}?TyA@+KPq4
z=M&;GOUfFOD%_}LC~dWbJW!+w()#&5VbdSAqa*~;TPyh!f04c+{iCXX)e{H}jR7pH
zu%p*7O3?u}<|uqV{pD+tFOwU5yWHTroY8w}roJ=zP^hDkpKzQ-kEQ`?O9nA4BVz|D
z<6;x<v3A`IE?wL_YMtEboSiTe#7Jr-edhRD7$Ql0CQ6zP!CF=ZV8X11eOpE$<^mek
z;^iox6=0VlRJ&sbqorXaBJGd03~-IAQ7(D|EDjXN4&DgcbUH0ez-2WV!3td}*#tzV
z1~xdjnqhHF&4e+7R}D0@xf3QRdJ&wJ><*;J-h~Z1q|ZY6B0lghNS9z_ShCqT+9S@u
z<g<Xj5fy~-a$M|SfO%hF$V3*wt1yqYG^*-pt5emrpes&2i&05xDJUEe+oMw^F9sVp
zS7wk!j0<6JtY-QJVXchAF<8(;O>oKWTfm;L;9#(l^<oXa%4^51!Em&EDBYj8Zjn-}
zI!9!{GjcD(V)g8}sW*JO)!TcC0J}YCwRb(q*p5gkyV7BmqDP3-Ry9O~FAq(iM@^|f
zqdVHmZ$5R{JY)qsj-_{C==9<SoxW_l(Mb{65&qpBh`>{+ZVuppr^5i{JCZT8&3;c|
z4}9r$&v+0rvHEJ~Z|(FNoi!Sn5F5Q-DHGeC4L43}XUqn3+5I7y!~lTb3%o*N^|g=+
z8O$G9J91@?J&<Q|ry(+wsqFu%l~C074ZQE1|9Duew`)<A3?zi~Y59?ES-d;)n%Re=
z9wZ3o<k`rQ<oxTTl?UI~FDLJF{BM{R?N>4u=@+qMjeo<~*1r<WXWiP_bhsKr9Y82B
zA9UN*EU#w@T1(MA;kGF)t46CbPus~u^{l;^<S%?~yR*^hbe4zODcx=KT0w3Nwe_MS
zUO!#kpJ+YEAolgJ!VZu+ttQv&o6apVT8MN8-Z^FE#--i*h<@#;Y?T++zI1Z8;#OU>
z<;H{|Bv*le6G9;dId6{z9Fe_)sKPq-R~cj#IgF~t=<OFiXox*N>h(hJ=<do80{A+f
z*cu&f%Oq3gU9PI6i1QeHj^vW=dXJA_?%JaqOwN%yEGMFn*QEj20wO!!pm;D?F+9K}
zm!PQp(XczFf7qt*YCgSVoNc$YDw+Ix&%_>W-CDC#>&K*Xf-Jr%KzylXAXe@h4f_fk
zcA|&LAEsZI{wsYP&tSg?l82M%Q1V#vlH?W1t7#gdd-dCruhT0lxbg2wzAyP<O3$B8
zbo@_#rQ!ghb1Z#B@`Ni==QzhCw)6BdZv3XsvrkK(nLe66FMR=i{H5s^;s{iD3ko48
zdV`9YPQ~fRQIL+eT?lgt3-p-`Yf`cgOyH<M3dnC+yCG6ytx85KUJ$JY>Kjpu!(Xgh
zv@BsqAV9#6O$%^@{bf9tQNKTu09%wu<;o;5QX{naq_8ov*-#{$oE~N40?4dH7)xfB
z(FmCZY6GtxodlK1`>jHOlPSL4kQYZy&6>q)EG>+vtAJn5qS@DJ1lbF~c&dYo_iSo1
zikf_sc_hZPjy;vFb3MuhV_ig2kMck-LxFuIIXLz8Kyd~13?fgeVJ=Q=*-a0Z;`A_w
zVP?hIw(p$7tVaLAYiQ}95+=g?CA1yP14uqOL(D8{3%1!sb9E10A?A$%ANz6u%Qy+p
zyqM&6X!6VH2@ORY!#E@nF-e-@G%Rgp-{IL{*6pIgoG!3$I@IFq^yXPn^TVMnhveeg
z(yoJjuXf>n+K~^(#W?fzn+{#O2L}>@Rv*hM`7Qtq#s-OjgqVy%Z4vy>wD3YyE2J;5
z`n3vF?@83q<*|j~)=n^rWEP}+(NkFr?_~==TG59jqH9G$Bo?})V91Dsfv5-hU=}df
z96m5HunST~lAor}ni~}D(T${Y48@AD*e*<2Onq)rYk?1qqHmUhbUJ;9k6ZbDn5)b-
zY`Rt|CnEup+0K=|)!B_njF?G7Y8h>9JI!WP!^==HV4Fp#o?x>s%MOL89Du6#dYaqe
zHw=!;^EvBseuVe~=z#a`$br{nvSN(D`Iqu%FJ|PEe*oh6wvU~^hj|Yr2+Ncwf2VRR
z`T6JY3Hzw%H!$lX5YaR+3ir>AZZ%2rrYiEpgeoX1wQbGM-|G^YrRX64W{B95^!&BK
z)4nFqtv_$}B^NLG`oK&I>CwICZ)a+gcdUmHf#~e~tHI^QSJ~U!*#0<lbY@)4<jsC1
zo6pKOhk$<IxX!-;C!FVB77@fdp4>yP@?GX-^43}UVno9mQJp0DA(>-|?CkTLU-MxR
zZ+ZUZaY>SQdlEiTaiU*;$Mb!zE1v!%m50TKJGnMltTuKT?)6r*uN~h#8LiLQ;iC7V
z`q{hpD;H&OrXy((*wLhQ1vYWu4YGYtR5VL<h`=VLW^*`8UXyk1lbQ%L;0}uZon`<G
zvO)2OmtMTK8k4!m`t?*xH}~T1xi8clgRIk^hFpLA{rECZP%C|AcJH%1sWW{w8%_Ts
zl^*FiZ$lJ1!yq5l_9CxsaA9|^*_cP8u|PIKA2=}gDyE*ILsE5*<$OBdy-!axk0Wqi
zw|trhN||myuTVgu$OM0E#)2cx?-C|>DAjj;dPPX{zgix&I9G6mFH{UBGu?{oggdgg
zE%PnP)mVCQIiMGAF{V<CGM|jlp#CDEUn)g)0e403G(~>5Ngo^WoX8!Up%xF3mDcPj
zIMHcBH&RmyL!J_Sq>V=Oc&UBUNVw;@H{2<%Y&wssbGKwo`}MrD#mU+}A)jMfi_|m?
zhX<HCs0#Ed->dtx#|HpV9<5H?TIEH>1|IL*?|1C&7sewWxuoE7qJNO?qt5Cts&98Z
z%cd1ZKik_Yzm<Mu<()d|yl>@$<}-hvs>pvq@$v6hKB^no?^F{EWBNEo@ULnk7ZD@K
z6Hf!e2LTd}4Rawu%l@h@CgNumna|Vc-Lk0IjIx`7umF6qKvOIuF$pIZl`HhM#hfo#
z&TgtI#A(M61cXKuH#4U^(X@K$#_1?@a^-2{hSgwtn>n5M;-o-poGyy_;%pi0M34&$
zZ-i;DV0M^gM;LJl>l+x|9;)~J6YdC+5#E-^0P<OLhrztxtVj_@T1Jtj@PX6u(bHn0
zqJu9`_puBYaLT`y%ZY@s{YDWcPry0E&>aqB^k2bm0WbsFA2Z|eXt9(^Vc14L&}jIp
zYqkQ>IQz=_F#G5*yn+WLM7{v3xYp<<MG62cew2kaaKU0T3An<8Sw(DwRu3x|o&)39
zdaKx4hNMiNM}r!qZ=%>P(kt{9pk|mrHoP&W#bCo2a*v?rUp)i^70hUoywTFjz9N_m
zRmMsF_ks2Nor(enM7BEkAyrt4#=EV#58?~o=F|H&k|y5<mA79Q=elMy5qG4mHRt1J
zPv!kjxqq<itWQr``CTlJYBIeh*~?~asXeZbLx-yqgBJ=oCrk7clw1oIV<HWi6+OKg
z7?74W+eJZr+)REtU2BgOY&mAC-}YKl>2Sqzs~AV(Xe-l8MoYvs9$~Vrwcq^qzYA~F
zXtvs~>P~2%qkRsmoIlC~QAbCEtaeJ6(r)u>WQ?`W^=w!BkSxEY0Hm(SEJS^(h5O0I
znn7{RnyEq-?uFrI^sxbkkq_{`TYGJytqdbTNUv8eQ%mk=u7h?tO6C=gL+ZdiO*e^g
z4Ybwk^?yI{$>h({pIrGb`gHvFl|SJbLf<`xmk*LlV)T3UnZAQ|UzWTwd999oUnQ>j
zhU9NTsT8E8$8L%;q}HI)7EPBH2S{jO0nSh|W~Tko!fbTtQ8OkzjfBub_Z)JI*xAZ8
z7jRh(BminPVzPFHqmVA(gYwfT%iFhdL#^gZ8w$92eCneBq$;9FE2%t+7FOCPT^pCI
z#i=i#1EZ|b=WGP>)QwhElH&_Q;;8iF1GUsY5eYkmrH#z2C)GnXbYeiU_E(+=sPU=Q
z8;nYTGVfciA!u-yHSQZjeYHE^iWf(R29Ay_^?R8M+Okpfxf*Mt6=T|$HyMC=iT+&7
z&Sr65Cz^bf)&8qZj%;i;GOES#VpTPOh33wpFYIX5g_tjrPe?Mj#HM9)Ojf|Cw!WX=
ztAvvG)nLeTQWq;}np)I0^05UzJnXkNv-aIQT+<x(tlTyOq&3j5Z&iv~>pJuIL`1xd
z<r&J%D>uU%Q#OWSCy_6aO=&vOp|0}IVM)Se`CApEX9ak{8-Yw2S{@`b*3JVS=~qkB
zxb{!_fj`O9UyHTM?r2eG#rHJ_OV0mB@>UzSWq~7?78sLX%aUuLN_zf~=RRqCI3SGD
zr(o=S=9}4|@8n_QV;_u<Yd?^DJA$<KI&u7G`iQS)zoWscO#ZrDkEDFJex=G0=|;80
zTdXGe8y;%kJuHXw{BWAKueKQk(+!O^jeL~z(+5FXMj8guD+@NLna6-HyEZp0xN#wT
zuQ7M|TrOIt*m_BP(u9&+h+^ZcVkENG;d&ipN*;^)g8Js=J-V_h&atJrJ$8-Z(u5@L
zn$k#Mys;M7bOHg8UDn!zF5%YB<_rkJL);a4kN!D~>>E*gU4J>-uCdqXuueKt+nr_y
z<SI{Lvz=%7devaAPZRHqpvZ3S4CiIJbYe#lkF#VuAp?N+irSkS7wyDjQ|JMc-*Vlb
zia;i6WzOTX4|=8;J^I(%U)IN)q9HK0Zk~}nFK{QrhHR`HJn={3<KIsrGX6Aqk^e(i
z`j@g6uX|GMAN@Q3cJl4X2a<mzC-P5{A2SW_=aOF*8UGglu5F4!#gk&mqc6sMoY?Ld
zPp4U)pf}nGPbarZ0VCVN74wf^0B3l{p74iOx<HNr;*I%pZm~Q)wtm9#E5Ih1jPOhs
zm2rs1B)$Dt-e6!vasug!J>;`bm!;-zB1>Ms!WCj?D_JfkV8qQxrv&dNY-S=H10ZqK
zAfqY>wJIcV92<;)oevj7m$N1Pn$7yn87*vNd9z%ctX9R|cTmT%Mkj*!TPZvtTOO50
zQZItfTdbfwN~YIegoR;w1gH@#GBQt^Ah05Ehxd+RM)RFCi0g3&I^0|q?9|dw(~yx0
zpYQ0kSlt~_p%^l<DNscSvm!37wpGnHJxyFvr(Fn$k4>H=#gbI_YjkueU5$kcL4a2l
zzY#Jjt3jhmRWBB2<URpuY*4<Q&7S_$M-Mw|>mDW}=m;0XCDY_fn)oQ!+*t4EjTx;2
z)ch;SiP>{?WA3b2oAQWGnj6WZ!oiIL&2+o-{HA^)*+H$gxpuYFIF<Y6zI}|DvtgBf
zx{5GfKn`^VV4+XEFxJc|53-ga(N~0tNd}90<81v>z0+TlTLwI0%%ymb3dri_n^W~Q
zVXVRwR5P4)LXxb;+5s}9&RPu>Z$UaSKMh?5^yRE~bTq2$m%~S%(b~8so#b9y2|nul
z6(YH}RG>YTaki!~P8N4JmT2A@;rcAu%dm|;!XNk9^B?nlD=nk0l*c&#aj}FA%YZnr
zFPHF5*TcM4IgdQ~IXz^~`+C-)$bLv;1-kz8Uu4ppn;b&g1jRa*_NPSQaT~t(Gv_i5
zR<)YamW-_`$LlRMTjX8`J9)ZM%$|Mv+>I`pQ5+&?;j+dAy;`~|+H_n@R<VcpbLw%D
z7y`k)L)DyA7|om1TA@ff^m|WAMW44~!*ilUq1hcDwDg>EFCt0i;M@UT$C1l{i*HM-
z7&P%|ZUj?M<+n@eL;h(p50siE2W5V>t>G*!a`rje?CBK_v|=wsx5f5BK)j7;rY!Vv
z1@!e66w&zfdxPbNlR>{Ve0ZD;iH?*w1;gPgw#P_O97nR{VvXA7oHbRz3o38l?sYbp
zc}fgha3jO-gdN^+VcTC2)|SshrD*b1ne!~WR-v_l2kV7C|4?8_x@1eDxi_rMNC`rT
zWjB%V>DhFW-Q}rM!0A@p{(LpR;;iW|N*q6s{4rh<^<0c(k3y~QPIa5^>!?%N-N6$-
zo9?H-v+^HRT>T!+yedcNtpmO7Q|-!BQ0+cg+2Y_SV@Al=B;S~Pv)qbFdxwCKut~Nm
z`p3vf$kwvN;u{usF6VNO`!)-{Z$=>l$lwztAV52SjG0mTtVt=P<(GK`Qzwi2V(9b2
z2cre^4eB9XD?_etgClw66P%)KwLiWV=4UGR3z#iVXmT~XiE{I4WKjIIE7|T_yA-9R
z10|vL*G^2-^L-`bQZ4LwNSnfl%eszkF!*HnfzWQjduK~qhuSJk7q1jvQ|b+qQqD4|
zw60IuQiYU&7ujhA#dP2lO>qUIv##c+)%RhyC*P!DI$3TdB{MqWU&g2RrUtFfi&+UL
zPQn!PAW&Qw>ha{p0*=(nV|wFccH%=vQJC)CmD%Ei9j?5HJUWPXHc3}{jdIv6`dTT5
zc+Uc%?uoF<GeqxE9}jQUy8m=`C?--5L)galcz8p+W>Lpd614IDmJ-s58YHPf9}L$W
z?S1fYmB|pxg!^x5S=j71B`M|iq^W(?+pHm$Bx^rY-gFl1NN=NlEf?8Y_#&J9{57j`
z*JV2M3|qt+&Ws-qEVkxLj^j6!M8~(1nmVTX`Rgl_m!<D*YZoK0tM8--JKO{y3B*{W
znz6%8maBd>6&7Ut*{n2uU6x$3p|o}&ck6Vq5ax0;s+Kei94%6jyd?OnFLd12zxCo%
zSLySuRb}7|YO0Y>q>~Uz5*0eX;S<&GB%S_xqxW#A_siy1<JMZO8RIa^3u4o2?Omj#
zcAT0}*!LX%t#xZ)EhVBXH707{bw<0(XMu>FMr7anWxb!w+Uv*9=@UN<`=deUaMo?-
z&kTDQ;WwRrWWo(2ZMwI4)X~<`Q)U6}SzRORJb<gysD4jgr2Z))bomxBcD-1*x?yZy
zblq^RR_kUlS?4_rDt7wK_S79o*2zr$zL&gAl^6^-U`1!-E|(Cijpikn5~-VI8gARm
zUafUus6iimSHI-q+<rc{Rh)T}Vv;ITqn=ZA_+QiSN&iA$i&oWzJ@o&Pmkn*p574&!
z1RVGCRE{4@{%i7kRSoASpUiPIqlQzp>MUKT060ojT-S(QPNWAyQnH*^CW2;;VOfeB
zqvi%L15Pdcf36)acvTRncxB>UDwnfUaTJsUKv+Z-unMx}Bt-hX(1?I0G$Yl&WnpuL
zWbmTP5(Ob-Hk;*KWldopkz<5ntd=j{6!0-l>=cX_dPrTg0*u)S6202j*~yOTgdT1F
znG#g(u`n2T9ETK?(T#;zk_1q8L%;?%#+Ur#fS9QAPP!sqa~{mCg9u<){U5cZssR>d
zp)f}315T$Aq3Yi6;BA9J5j6{*o#IXQ*Y+w6e_X9apf;7Bf#U8Mv#S!yXP{mgFECG-
zB8q;%SPy0>F#6Nms<g6CNjWTptIpD4`P)?@dvvJ;!;wo77EjP@>@i)9FYen-yc7B2
zh?4z?bXw>`jU@9!>~1Pcb2d>PDg|*T8NtRyYtMy?KB-Q7vIuxtcrMgWhBoh5yhCAK
zF^Jq=fx_^F7UOlTZbnwV*y=7z{Rj||b-*7->r*y{qhk^R)5ZLS(1ckp_))790Varx
zj<q%=ZBcJ@di@aRSX@ksMqxIH9}4Rk<`o%h;)lOc(=v!0um5NuN<DZQ9ZRbtw^?io
zWHC?d^B~(wx4QsPZ`4TESyEz%V1q1Ol{fxw)+UM*1LLanG5U-_0W8g>U=3I~adl|&
zBbFwJgL|DA$chHmffKe19U<|40bvH-!o5KwRCoXlcHMb0DRdWi+Ci|Zkrz-_5K~pu
z31y9QtXom0pBWaT5_Fu;{a7X+3;4veo__>9@!#_pOjgNJJKx&vAN8U1mH=I7Z-fRe
zSd18?Uv~cLu&`eqk+?H?3=E`(OVi&(JADY4t$#_H@7r#Ye1dTc4QT8pyZw(@*gSnL
z!ub6ABE>+DLN=Lw5Np6%M6R};H~T}rC7SWI^2^_G;o;p@y8VcT^d0f^#hu}x!G>QS
z^chD=%Erajtn(1D6mz+kPiq%Lk~q!A%4Z)nuCUpI^C9VG?cOB6_8OAKT1>;@7$VB9
z)vl8;R9gRJ^J2Vw(0ZDjawew{;y=OpezQI77#%pgb}&kmZgzVe(g(~&0Bu)!X#O*m
zyE~^Bq)z)n`F^%DY;+o1t=YDm@!Dadxu36YH0RCwSff+2Pc%T>bsg&_GQUu~(pT9D
z-_;XCwV2(S^5kgBJhY;o>DtEn;Z@0nqT6ZpOPGL=p<WCdd+oBj=6M*+)!6C2y8Vo`
zLHF*9_t?F<X~2;Hbp3KXN_AQExCz12$j%u+MSj^<7?BOXIc`mPYq+iuWLKQiiRSuQ
zOw}ce1Y<Lk#q#{HZYVeUPzDY1h>X~fz-TFLA`K<ArXXUjRa;~X()u+IF=|6>;xgCo
z_e<kpYt*CA*U%XHo`+D&*eOp^lHUFX$CQ`*u>DsALkoN8hC-Ep1zzUSi5k)^fyJI4
z04oc<l|Gq%b^14x|G$sG7wWtkddpxT-<7=Ee5!Bfk-kSg+7Hv-|MQAlh`f8K?|+kD
z`lIAepPW?HN%zyk^y<pW0n(BcWWht<Sd2rxBgDnk7XshOyohL@sb;&p5YaWtvKKu;
z?gu0z=*BySb71>K?3I%;qqQ>WtheA_q|B7^0W%hp^$SZ`%y9v>96RBDd>XGg2@WxS
zmv%mhcdC-oBjAvSI6Enh@^BY+1UTad{33%<0p;P%<;mjaL@J^>+_P|B0le>|gZUmB
zg0qPZ{fp^@zspa~c6h8~5&tQ-R7}gc6Ps{YvK42V%Ofv>E<HW2g)f*+4pbdTII#J$
z7`)vgyaYbNah)sxaqfXj2p437Rl^jl!IGy4-oa%Y<71pW3Dc>sRyh(c*cQQ3e9<2>
z3?^sO_{9%qth!9n=9SB`n=*8ng$@u7r}AmG9BwSK;q(Bm(J3#3|0yEp&1t)Me9KvZ
zS-#;?xV~{Qr*3gLQ688R;x>zF)Jgiq1o`|6!`LX>41M?viDPyQ7^YeE4DuPG+%Bg=
zfV^lf%kmQK&Gl}llkI1{aSTEaASZfd9wQhwvCaP@n=PNtoA5ErHOrwYMX9B7+ra0M
za$&@+LtI__1dvBvKqb48Mq`nKf1rc3aeC6qzB`x>wvd=FN>?<TRky`EBp2rSK2EQ3
z(HwX!5$pAvxyHByNKgZ(5VVNhBhWTrDuP$L4~LQIRKT-v3heS2$t%*d;W5h`(Sdc!
z!pJQ+R%V2!WIJyE3Y%hA$qx^h8qs?|#+QZ<F)Rev``22A3AV~_gucy_wv)FtrSF|L
ze3^YYOY$+NmH&6vv~h(}Jg!`tJ>4B}vVWu+?>>k(d2=K$r7e9NC1dn}43+(S3x=i)
zHzY)P#Jl0)lk+zP7ePB8K}&TezwKIO>G=z)V5Ug^0cRWuW&uK+bObjn7Wc`)!T0*T
zxP-)-UUqZ-cx_RyRqfnYJ8Qbk1)319haiZ#2M$srX!-D#E^*Uxx0~Oi-QCkVYxU-$
z+0{@%Z+&+=AV+^H>)q9r7twHcZM@fAHLJw8JM9>%DjSe(qjAex&tpPImzR2v%Kd1E
z<c_ztHBFnYtq<lNC4Ij#Zi(ELh&Yo1j?ND(W-H8Xy?fC7JZ@@hh|)hJ7zJOF*0$|)
zG-v&-H3VBWyj8Xq^g8YQ3IaU6>GB(ID+llL=TGYvz{wrp(sJsn-SU#lRF>`4o+Q50
zlupC|nNfqH<^Vyj+P)8_<)riU$4AYNI$M`hlp4&Ek*<ciiak2fnE-&90Ot_f)eBDd
z#QdtP-Kk9xb&<oiE*|1Ch{WQd4A#o%vR;cM)-Tz;0qq{}KJ{IGSVcO18Cy8P)=5nU
zZV9z6NMU^_*zkIL9?v<)YH-(%davaCK5dlK&8Im^&oQxcJs*EY<+Nfbqr_V|9x5Kr
z%gz9N8WhFmSGg+2!fHa1UtC$))zjvGr|(GLyYh`Ie{1EvD|&|N==)J!3jXhv-*V!8
zt=6{HNMFLW+(Q=nNb>yTi!d!;Ud2lhEd}dsCQK4(s8o&codK#5(~PHNsfJJSMRTd5
zLL=UJ_zaZ43^9~!@&_KKN|WJW#5CN&cq=)|#7U=T1n@XqHocfFmQQ63Zyu#rQT&*g
zP+#RN_VILx55aC!v<P0KN_7QAa$||LkeLd025&>cAG%lcPB-LVQw|UAzg0+1NmyM%
zr`W@6bT|nXCfo`;FHD(<sLm7x#F508&*Fe1f;c{lRG0l|06-mkfb$5mJ;OuaM?rTo
z^PMWfD2>-1p<-m&@i=%PtWh@77r~dK(_h6GRh1BP(V?T|3Y^a!j@xf|pYS&*m8w$Q
zJLspS)S7=PR_D$v9{hHQ+B{#K+64QU^!L|kO3}&X0W*+J3=u`EdF=Y0^!-c)mH`@!
z%O#M=n)cr=(F>DMrFcm@wq$fcYyk@uWYV3zq&E9Jg70{m0ddLk<@M*EG^{Os+i)#!
zsmv4W_ZXE)UVjz-BmKB3$kl^<z1xL3YvcXAL~C~22X~cE-(rzH#7XUcu)*Jf+4)GC
z{4I#EP)ii3PAgN;9U^92RkO0<VLUVWX2(i%<7|@KA0qDgJCG*l1y&}>1Hr4DKV5+H
z;g-Xig1vfN=N~Yjq8zpj$5!=YX-6$={@3h-A;&Q>#4bYqn!I>s@F&2V_J53S{=7zg
zu;~{ybO9mX4dr5yC~8NnO>%`nNYeeo-Xo*^J_mB8v$c`$ZKWivTbyma&#4aA^b-$(
zfR<EDGAqrz@ob?(=XA(hO{pqBuTiV5%P($>pLuyZ*we}A;PPW@GHbWr1HR*lF=m`d
zmOtjYg4kL4Igsg%lWuP#YxI_?dmZlnXye%%lm69QQv-#|?P0tA5Q#x3_{+wF`JgpB
zytc}XI}@;2MS$jWY2#!SRL6h0qPfv2-mH%_$ch9&FWqeQwQN>i>cNqTQvkKin}|q~
z3z3nuo6dg3qEXr4$q?K|asUZNQ)f@rJqh;;g6B`Az(q8pyuIb=xc&FN!{YnJJ&8Qq
zT2*KIrt~*Wh5q@KUt0O~mEU->Ch7j<neuL*O-28BRgLtf=wb{Vf0L{mMJleB3=(q^
zm<TWfO(P8hMU{|g7e|ZD4d@1bD(D0&k1cRe(p%P`>`&+-0}!(e*n_G&KkON3m8pSU
zXSX^x%;iwJWXp4#kA=w)i2T81y;A_<vDYhAXw{??4PjJ45#SRx1FPfHCkqA;E<}Xf
z5jduIpdPp=U$qmx@c>{zH+6IlAn1;O(NH4tq+F=uv|R_udKIUDcmO^J8I!Q`!jP=s
zH>gdQWc$RNH_3Nqjx=hPikeJ)*hRf^<oX;(EpmOq+LVD$D~1LpB`uAk`ODS^ej?Sc
zDv^A00fL^EpzK+k*sWxEru6M`v?IWR)rc&Q_J!z#Tz`?E7~;VdlNReC%n^afDtU}?
z19-vcXjQc@sX8WE^40`Cg!#~TwkS=1Od4DF+*Q^ujvKqTI?wLZ4~S3pHyY_-o=##C
zoODp@l4o<i9wvd|>2J1US~;D`A`Hkuq$)hM^<2yB-8{R<k!RU{tpBY141Aq#dk4%%
zp8P`)4D%w8u3amN4P*!KQEs%7yLC<q&+S>Y@U0h%I$h-$nF*g3#TBMsCQrkW))W2z
zB%LC=4s;<uEE(zS*7=uO6iNB~x<)mOo$cL*SH<qN;%hMlf89~3D|ygyL_iIz<%zSh
zQl$9;9KY9!`DWMhA2gL9>J_XBYJk-8eZ*wNxOtU)0nTQ)yH|#|353Q7IBlr(gKzg)
zCcSQMy{t3oUQ=du55VKrOZ_`5kj&jdJjH!Ty6pmH6hfPsEkxMfFd+Wo)zf-RX_46?
zZuPPK^|E$hns#2-(PyijUM(*9hV(uVQ;#ah_SAjA<e0<)T2c`N3S;9UOb_V>is>j*
z7PRwhP6tgeWQCji@ofA!CL%q!Hg_G=qY@?@Hm;Y(zmx&nNMYj)>jmfs=eB!|4aLGU
z2BdxJX5?!s8U~LIfX1x07D=ZhTVKQeBbL(31~T_H;KA&(E_TKn7dHs*Nrc7i1C{<6
zRzi+XwE}q`seCGDt8+yRClxH^8}86&JABbQn4Mo!swAy;`zuK)!e(92=jj*HZ%l8m
z{KJ(Wc(T*e&*<~?(d60m123YWe>{0*^2ISr<;e=lzky@^J2>X|C*Or-j+p)@lTgzC
zTY7<Cue9`4HGSv?kjeU>M+6U4HILwqDz265q2e~}0Fvp_j>hut(gK~S?itG=i3dfY
z(E}x-ST#QE&s<cvkjhsI&a9~tDvQYK92Ejcne~8JN2&M0q~KklEVgJE95S+iH2^{i
zGQ1^*Hta*Boy4fokR|rx7v_nzSu9lxsmM}SB-#%0!0w}o3wb}(=D;M)PLAsE5gf%J
zh55W6H4xTqi5?KhJJnDlur@+lMq1!&Q;`xANMkHYhCZU@YQ%GN{bSTvuqE<Ww7g)Z
zDinCSzyZtZd+RT$;^oLMd_mz9l&N~XxFzsr-eN1R!szsntU!TM>GA=Iw&t*01&$&n
z96C=F0|yhQiU^4PhU$??w*l8+I4K<O6cl@?-ngeVyxA@~2Uo4K=2Pl}T6e#EYBukg
z8dP=aAYLP?QT!;nkOa}YyUFE?)XJjQoLp(iS|)}Xh-cI{Mshw{lD1^zdF1fwfgw0)
zZO!SCaHT$xVc(wdDkAb)xlXntB9Mq-Pa28ISNWAsid$;YwzSz^uD11gYF!i0bvHyR
zDfMhP@~()M2j5|zEYSY{;+yNOPP)OY!AT))vV<A<v=a$)md@%{JUuHTP2JmCKb-Cs
zp{r60D2A>gk@!Mk8hpznn&@TMSe;Ip1o>bX0VZHH#d^`Dg?|X3cm4;JQ6}@siw{()
zTZ`~pLdO$dlRiwpFiBsfMeF&~gQ@+cun2)`EPm#ud@~D@o!^vHDw2N^VRX#8*apGQ
z-x9rw-<GVWgH>$0M)OqJvrwq#-_$PO>0s+`Wa`rPMo@g8&IzRNq1B(rB5@3@U&+ds
zhlDI8t-7nTeOZLRMvH2!c0;|(^>V(sA3luPr=jkRai4<s_Ct$xQE;;_*EgQP%}KGB
z?Oc)L>fNuK2Qrh{)D1u^y021Gset<>$CrcXW9YibdyQhR69RQEtr$n!j$|#^jXHHs
zGNS9;f75<#^*QGUC=7U*C1;77Y+i<ubQeQ<mA>5Vr+g56aVXu_mBUH9Q*3e7Xb*}1
zz;b;8&R(}8!FkP-NjyH!=FR2?M`EkRWV2_8+*6BmP4CJ5DG3WcyE826_pQssc`(HR
zc}FKomzXslZn@?qM9^#As|gE;85(w0Uf_W&b?<ra7$2llD{d-SR?Tc$tL11@zeP26
z4l^5w`iWf1MrRsjT*EDxzP_oVL+avCq{F!5l1yndi%-J@?E{VELfg<DWat3)`mWHu
zh-o~^^T<0aINi`haLC=;D^B|}Jb5XV*XBy^iI1l*&x(~=GLr1wtJI;_lbftlV9%Gc
z;;&1-qN;*2t69|h535cn|04MrHBi62vNEk!eYRw|SjTzbz9YsrCQb=h#b>NJWr68#
zv;=eJx?)$Mx;e`@7yYt@P$H|N2WuA0WDK4kiEg`P$&gj{Rl9jcMv|<~Crn3n6~*r}
zR*AxjWeh|Yw%oQVE2K?{Fqie51)My}15YyY=4*-6!>ooE5UQ3HdY+*tZ{i;pblbd3
zVV@xE%oah=m;wTrW|tYeVc1k3jM(&!edPnDVJBHe=5Z=C_fK?PWifq-brk;x<ei*G
zi!H=ugyW%tSQcdjxCCg$h;HHZj75zX!aIe%bs~SIV+eST>~&?luKz1{Ad-edgAoSQ
z<yn~S$qmQksKZ>_dSvp7@D_}8@w0)e9*clV{@k+A`-j+Idp$jD-x3LK9=&3JQJ*6i
zCsv+yhEWuyX#iwoM$DTD9?o*FM+pZrBmn~}MEmcs-WHMIYujqkVA!NY;-Yx2kvAix
z+5Y};T)$M#9Dyc!p<oCC&}4HvfDYm3Vx}v3d<T*XfCrguY>bVbOWPz}WZ!b>Q8*Z7
zhkj8K1SRX^9z>gzf7r|_V>4tjTbbFCx(o%;+E&2cY(C^b(Kr$5o_{=kegP{z=>7*T
z!&y8FM?4;ENsZ9}48A_h+%G%VytBU9>#ob`lRb^iw!dyjhK03cQ#2mR%3p#equoTB
z|C+00)&6|cPSno7_DP%k!_KXqzORlHOwa!Z+gN19MOM#RM8}<it4a6#Pesz$sS9EI
z-9LztwBRB9?mq9wfPeAx+xdfVsWWuRYK+Z&&)IM8b-ZSV6H2ywRG4km9A<6(1T<_N
zsL?NXjQYvy<E_2{Nf2U;8s+mgm{D{39Eo`Ka#Cr=Wop!XF?!%6hTQGxPpN2^*&bWL
zhQ)2C;415T(Jj25DIwDm(iLD~XbFJYL32&7X$=B;*Bgz|u-}?!=#6z`ZSS=2?P*9t
zoQ`l9Mjx)o%H;#T!ox)!<#5(J#iY?|mhXBR!+!p8Z$~j&pmIOnhfypIqqV)qLEIg{
zI~-40JX#^u=T4&X$%E6*27QBA`dts{dbab>_HGOTG{&o~&n_8Pl-26NW86`Fqqe8y
z*da>ZIZDmJ>w8*6F7<@NNJpeIPIlBq_2PL1ELyduMk#r1A=2l%-{8m;6vcC>??csI
zab?H+%pXWEr~h-Mxzb;mu57Q&S1zqwTRB~MXyv&ppSAMxmDjDj(R8A(sU}YUy_NT`
zd`NfHAJrT6XH3%kk1M~axAxz~B%bMH%7{^i-=V>#cb0L4&&(1gZO%fNye#0YpdL&X
zm`(y_G(A4O0rOhyT0)yN&1&BH_B6(2paP?wk=AM|mbO(Ib$04T<Xi}`kbGxH2?QF}
z509s$eFi6^*%tPSc#|^mjT3wI1&V`NNnkcPE`x)dp6Zny-vq;}euz_0*{{dQLZ*LK
zLY^hFWNSB14(aEo<(T0@FV4$gK#!+#Q<FPWl@SzV4CGo=_FmOzWE7UwOllogQL0G@
zMZ9=ftCi{5adoWR572#|=--Kj%efDaia<0$$zK@<VB9u=n#m`Ll2eG>jKk>o8uOtm
z-C4P$!w9Ox0l79a7hpC<n;3Cj$<|D4E~nvroQ2J~1P)K}!?6+v*Lf7jKbmtiI1_5S
z_zcQ)F&A{;Qq}XeZWsdOij9tSCx24(#=-C#_eCFW%&P&`IAV^*t%<p5&O@Drjgzp@
zH*<;_zC^29W2jxna<(iT-mIM3$(`e3?xAnTzKngMfP-Zn#}yHGD7YnN!RvzV<asj|
z9AeCW6s~-@vRC<C*7PP7*|!0j>DMyV--~|B{$;2`!{V`F-$8{+G4VCk+RV}yM&%CR
zT;{KXSlCvf^%pbGuSfaAO<A!G?R-hBFY`bf$wezVJ^z0!p^2S~{31uh7Wk8#KUd%@
zxPLXUQZv{Io-tX~=dHkxh<%%l$@xz)wBaGBv2X*v3OUnqjM=T&9`gu6izA4J{RD7D
z{!RiRg8e$={0N<!U3ON7w$n+DdlOxeXRC(1`c?BoxM)}=_vOh8cNQ(Ot9EB~q#!kG
zZC|sq9U9UwcSg4QWTc*=N&`JeyC%sLdu|UEpxXtb61Gu}&`;jr;k51z(@{LwTib}>
z0wByfm;2e&1ZhoR^o(7NOV3J%jc@5B2+D<r<`dEfot+e7N5(1iXEbk}=>X(Y5IdNf
zy^<3$7_}S@#9mmo+DMq?qDA%%97iW5^`oZ~Urcz*rkqQf|2-KMuKU3_IFm%aCGHX!
z>4N8<9W+#{>qBbf<6PpstT#+Hf`X1%$gik|d~3qjB<X$eA-kg$iGH@-K~4N)L#_yt
zt555uAdM5!8^ouw7otXsboHqbr(LtttU(Z8H|rL8waLTBL#J-VgP;@`|E_C_4q|d>
zS?xufQJiA%Uz#s|XGKG82+&|*w}>fj=B{)|0mWBg$mxJYX>l<D<CcThqO3CMp-|jh
zE9233aiwWBwkg`<t-N))-Ia)%ijruKo81kgW7BN)h$8$fZGP7Fu-+}8BeV6c3Kj3t
z>cLa&mP^h>GA-&SK`g@Lo-5c_r{&U^Vi^fZYsBFP^a4#x;Bu`arW^D+gJ)#Dx+y2M
zjWvN=ZNFZ&+lzF|%)e~&(pqwOtlz?*P#cDvI#Pm1vEJ^~>sJLto|3^s_KQt6i<*NB
ziXW%rZiIwN;3<DL4(iTr@~Sbv^vVt~9xVZ_ELSKzYR{Ur+O-pj&WZBkd|0dfvb(yn
zvi-!LKk@tN7o^`tC)mVH|6-LN`%Q}EPp*8bs_E1O15>?Ssgh4sls%Bd)V<G4J}0>|
zNB4~}?O_oRG^l~0EK}HZ%r372w#SP=Iwp4pG*@8zYBCzb_wxHGY8Ze9)PuoZs8;ar
zEyf*JtE@96tMDD|PbPwlkWnnFX0^<`K3C&#G{=6xAmNTUJ{@8Je^CVNFYE}?g53_L
zW+$0fO<25TH_Ur60ppo;u95|}4TpN_K<yt}d`fB;G*EaZ2*2{gA_l#<I5U6dOC$-R
z9O?$|y^5xqImIB6?|kboS!LYKq6GF&usx7_8PjG0w#QCf7-S2#9-+V?Hy<1i?{Ib;
zdJFNyO;J`fHLyosNW<dzYeJHjJYYC0>ced3s9YjfNU?;TJt|#Fe>%~gCMb<;6Nk}|
zF+vYELkRozfij`*Rtw$)%lq_b7It^kEC#hsqcMc<nRy>?Nr4cyZCq}uQ{Q^!dV5`~
zlGFS2*!S#3VM5E|2LKtn#v}MdWzI0+{rgB!>26D~5maeVjau79DMI_pY%rV0Qc7y?
zWU;k933J5KSU543682_vT4ft^AXD?jl)wSylQ%LJp5^yJuTOpQJ9n|lb8mh+l-bT^
z?60zH<!-tljBZ8%^gSsOq1l}&?_d<RBd9t5h{TxAQjABxrvd{D3^9@n*8XkS`b+|u
z4JyU&hy%k1H=b_rV5MNw#-DD>+H435demUMj;d^QpQ%w5%2v$ovWAz4CCDyW_g)ye
z_60Xb0)PlYWrgh9q)rNdT#(zaiiHo)26xxf$vWoRSIsNNmPsFku7O$vr^M_j_G?ai
zt?WueBiB5Algofbh_S!_JnO26305oYk5bf^^ZHhHKQ4dobG2+juSw!h8?`-*)#_PL
z7utt)7Sv*t;b`q>UuD-_=?fkWH52Lv1-xqWDxswSnq0c##>5NKVJxZh&tJlj=Y2C1
z)7n^S6W3jt>2tT={rctj8>cP%wYxHS;^)$LrT;;W>lOIoH(-lnip)3BfBoI$1Jqxp
z&sRNHenB_#k0$>u`TeTr>bdx`XI{{DdYImo-U~gC%JJE?<8e{pBIq;99TZ!_X=leQ
zjUPk$AI(^U1O}4gH6I4aq7<zR+fXWyh|Jf#t3!Li+Wb|qE1RKIAaL~rq`Lu+RTZr)
z2fXKb^OyeuY(eWwZ%5|s45~DP?(7t>_176p4YuAm0rZqgT(w{$4Su3es&WaFe1o-)
zQVscZi1y^h%_x62+9nXEa*8`W{33&v`W_n<ussTAZ9jH&wph;nYl@&R2f~icMmem8
zRbh9lIR|5D{`3ZFTBRHzLcsE~>4f%e%HV;IC$^Hz)UKfwD%-|>1r&8L{QYEP!Z0#a
zPuf1^A1Ya8+0Miv)mNCo>X2<p(4hom6rqM(exx5G3=v=yL2RGQBbo?Jvcd|NHBd1i
zUXB&MS7f%2ht~Pd&M69P%#1+S*cCUkQvT1lV=ZN7C(Cdq&Ubt&eo!7fb!|>>Ix*M5
zT|PPX<9vCRzCMVA=+?w-Vke?^Fk}*XUf$dCreCtuVzuFyhoL7X$vnjGd9K;4rkf--
z$H%b`coz^OGmI8mY0lStTi2$JhSjy%bUHrZj|q#XrH*WJ!>Y-7Wgb`WJ=o9!btIKM
zP4O1pkH0W{`WQz?73hvoxhx=pXd@!2m=}h)G1_H5zCPEg)A6&W5u`e1MGkRz3bcX<
zwvNF<R>GMYer;|qn9O1@fsP#<h@5<S{&$gx4m|%I7@(Ov5oH#Vh7ewWJpHeeFSX|1
z!u0wToCrV-kygE8IZ;^C=uP169j=?apAP_C=X6hx+YjKy)ZrfTXI0?CX99;M$zMe8
zkxz><4s!3`ZE4YzJXmo*LEfmhw-3lKZc3m{ur^6wL9ZQWgJErT7mgumtv069rs*-L
z*Pt7UZo8F_o_=i)4N_#9lOaWzDre$KXp7G3k>UYAPBicrt$`?lL_u#uhstva6*jY}
z;S4=JNG>flLQ*H}KfFt6Vy)euw~F4U1&`Z_YLtjtBpXK>WXZ>tc-H1Y%&Qe4+-o#x
z1@jjB*IuzdkcfOrXq%38B+1%6LJ~l2E7%n@M)wM^t>egcdw)6+Ld3n+s4#RAL2)I|
z^7J(q+vK`Mqj5S+`m6QrgW!e83{beW+iwt-gwWCBl)VA4Z00*WP$S;}12H3>;lt38
zG(NvpJi9RxhGYcCopi29EsqY^^`3Jm8+%TuJga59z0He|WIvy5Y(wpaa#StEC!t=C
z=@Krddn{Lz&p9XsH^><E%GvGLN7}STqua#zIXqxkFK=PjMm02~*}L8b6UQ2nuWaZ`
z@bA-)q(22y{<iKQe^SkZ!QedEKXBhX7>2Q$O7UQYB_B&ZFNs{DKCIB>0@OR3B1zQQ
zgJp$Kw>VlqJ*oje@&AzO9!GND6Dr(gwBm&uK-N6$IRf}*h-BHuQylf!U+RW^&_7xN
z8q;uE0+oIjDo1_nan$g#CtzP-#WA24hPRuC<UlY_GEr7_D1jc028IM-SLwBJv6u&J
zI|T<9fduIxK-oZ%Qf_C96K|bOphTds45}Eq3!v-RrRXMSqpA$UQRBGf>tY<24axt-
z0I)Io*H$NGeAT&iljsQ;xlai745U1cJfe*)AZ2a194T4WSs^*=E}A}2_5vWtrzv%!
zJrcCY#kKO?tm}a>aiki!AW-g5%Xhi_o&^GGF$^$+nledci#;D&`BKQ7zH&`gh*OSv
zUw7|y+nr=PH5W=_8gNrL{VFNqeaLELq@-ub!>jmzBTF`|dU37i$&t}m>3<K7MWbr5
zV3dqniw<p+G*&y&G-E0+A{}jEhWe?$uud(3j@Yk?z{OcH_kf{}0@vVdi{!De=ZBJJ
zuVr2Agr@#QMe%m)BqTY>!-O2?ABf?EzfRtGK4w%#vNRFMX0<QUc_;Z?=B;Xo{7NNy
zj1)#wi3@AVQ%pR)Wz)dq<o0jNJzb6S8Z>w69TAxjR>f4O-5%0Uc2=8%>9x+FU$o}E
z_T{oUXls64pXaN6a|)OxJ@st8)^$NN#Fn8j5;Jl-05rTfbsb#d=-6-NUB7?3d01YW
zEY_jHp5}?4f7BJGC!_5f*;eb?vWm;)r0VHtFP*`^O?NP@O@_m!PXD?rg+c92rTB~H
zhDM4;WhC1)ujRpHy4h~M<lxhGdd;3Xj+oSq<cOP)O!HoIxXW~4zC{D=LqJ>ukIrDg
z4L?sq>Uot{dQ^}(h-z`vuw?4`Xw=AW(hEmeGKp)pPje8Ia=I(Hs0~If30O8>^m$k0
z<SrWjr8jR<yDuD{>z?QD2%O(BYiy`jm3HOz7gbY1=ca=GmeApMSL%9yeM_awe1GyG
z{raPh?Z=XzO8!ros$WR{y{du#T+L<v@5vvl8~79=r{&H}$<_iv9;avNedz-%3?smH
z%mX07D2P9pjg;UxrirFriL8E&ePITIO@w(Q=&d?&q{I@@(1;NkD`NG5sKSD0B4eZI
z?I;(z-XaUI@Izfhk`PuYwCp}RDdQUpMgRwD14(3ZjvYbN2iWh3?b=l_5JrTMk}-<d
zF;YBXm!{)L?2kl{j;4@8VvI`WG4g2Y)pRED>8VZXGk3b1=wA|j0v28vu{w~e?cQX8
zDh-!3olggnE`-zei+Y~n6hk%v);gUSy5r~#;K@$d(B;hu3u@;PEwgnl&&eWc8l0Fj
zIu-v<%3IMk6;@*bL1IV3nE7yowO(Nk{RCYzYt#&YrbCENFq5Z?Fq9!_fJ41kl@LTZ
z0ka%$#MVZ4<`puPRcYKvGK{9ng*pr<4gKHgvtYjS(q&ut8pW7@V}1Z2>+)oasG%@F
z`81&9;a@2l&PHf~^nu732xsc&FKhPntOKqfKZqds6c47}U?UgYXnKHAermU=1%I}G
z2Q+EYu5%9)#OGSt@`J(-Y6M9viC%?pc$Aov+E|AynbCHHtEy5hb9)iITgFV84{I+C
zdvwyhWD~xL#&p5ag(VDJ1tftMzMyMxn5!@sj7lhxs+kuR>%@3%F)i96^U|w^36jRH
z!GVH8HKWcEXcZ22JL3xqq&kCDrE74j{RAbrddTQ+K(a9$w$UP|=Nw#u81)rVoz%NO
zv=IQIVOMp!s3Jg}?2ZHy!{4fED~cMq>uMD&Legwsbo%@%CLzl4>*!|J7DKjRU*zLF
z<jDmFN71Ubc(Ww^Mz+0`{7d^vvmap<e^S7I{)={>y_2!}*Ki*Ae*Ui*pLg5B*Eklv
zl+yhCe==P4<Y)8V>g^wJ>%w#Vh<MiV-Jb9{>94t#*fVW)QX(cuhTnL3R1yei`Hk%S
z9pOlluM;Q756{S(U7CLgoWuEv^rD{PHe%wmYVj$?b#-}YUfSmjhpk5Ek>)|LrQ7J-
zdNNs<x$DL;yY3R~*j(3zzj^DP#l`V+Mf{^-XR^D~;OGPy^X7Ip-%1DjZ8d~;R4+<X
z3OChu)XPoxiYJdCz{zeRI)XZF>ETSg3n>qg&5isi<GfSouSk{S;VSf{_Kn?u$4$h0
zqM1Kx@H6sCeK5*u*PqgEH)c8x;g}Rg+Mzxj$dYJsgTRIDqxHEB=AH5KGTGsUE8SLY
z>;NK=nxv~2U+W{2VSzIy+HY@~uDjK_zBZ!TxunE<1I)}u3KZ_^T;GZYBW!<YW?Wfp
zY*WMYV0Yd2X4$t0a-NGHFydu+`z>yuM}u54Gr<8*o<Gdhf2dVJ7#Hw2n5LW`ZL~Q#
zRT+_KbeRz)_=wQuDVcAyw^g^B>TBFn^vy`K8+4CG&JeUf_eHX+lUhOfgLWU+J=7eX
zXGBQ?0F8?pdM+*WkUVZ-)biV3=1F(xDU9HsF~PRL(od%@#+X)a$NaV5N#CFTtUeBZ
zwsPA8S||Stt;N#p!<$uo!84O*LAx(WUY>jry~XP*#f4s6)l|0c(p%?8Xnmt-n26%Y
z-c^4s0|oL6_=k*!ZPv}%Fh-Wm=4}$DocRqUL(JUbeku=C<B%q&BlvVemS8wp8q$LK
zLIt;1Wr-G{V{1iUo<&&ik^zsV)wF2fC;pW1fM*B~2RxshFqb{r2Ko$rh<8k*2urSe
zZHY)_t1%Ni&`w@1mXUB|Zdw1ziZkp%gR;eAlnV^&1s{2mR0ZrE7Ni`&7>W*_*7un3
zMfAn1sEClf1u#B6oSYVmC2exR{+pVm&R}H5zxd0(d^Q~zn_sAq_38A<-5mONJOMnM
zo<ADj92B<{)XYLXckIA;0aqc~y{6BuD-1TjN<V>;SwqP6$s@AP1Chxm*1h=VuC@!&
zs;*hry}hu)b_COn<=WuvDd1F-IX0*LBFg=O&U|$0330IDSe|lZD&y@*GQpzWY^{4>
zq40jvetw%UVGmKbHA)L2IP*uinPhc;3tVo=Zrc&z6*<3DwAmyI)7Iom*Z@VN9eN&l
zj`xpCL2l#VGtvts7-@GAdyDkx7&w%Ys5ei)(9>G~R^-6%hY5YZ*DWk33L;uGnnk9K
zmxh7y$6;Cq#aD#t;{s3^P&6!aGIuV<N?Oew{l6@`T?GcWKThW=uS2*8BFjOfOZl1G
zf6h}R<!-o|YZj)3?*RTJNEm<aP`~FA`xX(`W&z*+e$I#Ucv&?)-f~QD|7$SPv8Ibq
z4zo<ddR&~EM4}W3hsDk*u1d-WwCSnce|r5(!xqp+!Q=cmEgg%2s=ljV-#J+y^xV>(
z$>BE|o#vI87KS?CQ_RkSjMaigSf?f=FZZEpP@R|DTqRom?9pynyMztBw65MvCGP44
z?bK^K_r(a=-efhBXszh3A>M~(ce5d8UUMRsvMvO75XR1;PL98I)M^gv<<axYi#XOe
z`pT*^vK(Dy+?&%w^#pRM3un;ySw5${8TM;56><grA{VHss7vC~8~x*EnhqnXNL}Hm
zHcz&~JZ_|`6p6j0w`2z!%q3{z@sJvl?aZSDanx;>Ts{dN*)z92<XZOwgb>YX1LvyS
zN0MH!qx|*<i$ER8r*s;}EA@Mwwo9aax9tcO@!T?ft<VckX(WC_AEHm_3i{jn5&kh-
z_`ie6fqW(kH+JdHuCj&qCedl^`7%gh315rXjhU<bKc)(W3Aq+RTM3xZO+mH{PH~e(
zl(b=F;8~_`>Eo!tGp31Xf*HXjR`T9?Siy|#tMDnxbz<e0T{{Nk*_;w^#lvduzyhA#
z>H^89$5CG@><^G#!RhIZV^qM6)2NB4hDCbA;n+1hIW8g=K!s+D=;a(QIjHd|;}zBq
zI>-IqI7&mnbrw|SBAU^dIY0u276_viar-i~x%WGIQVO8?FD;?-5NMzQ*!wX4uyDln
z(X;R`wPL{e87w`S-eDEWXv&bjJIXrC=Ima*3=SlPJuzUSJY{Xr>2q%}S(qQRKs<F;
zM@cA7h94Rm&}X2LQC43P?KY40h<3?HLDx|<Z|_diV7G{f^c!sS-Aj)&bi&RI3_^u&
zPa1cT{g{#B(-^KYSu#}}N$+u1J}-R=y)5io=#LjIn^+c)EumDb(Mhmts%WD>00X?$
zZe;(42C0QdvjMh+*|R;;Uk|Zw2DVPLGDyD?{(_UBHQp2OeYMYNSdb*IhHh7BJ{#`~
zdo%Hbrf-(kaXDHd_;*Qkq}OH1oAuj2W3#bJqXC*VmhQ(F?gc5ut1gr_*mvs?y&QLM
zOfS6SYIFn*a9FG^dfTmTTZh4#Mh%%Nd|a+0(=RzKwm#Q-L;AHPn$p(8v%K57)=IAP
z3wN#R$!8#x8jdE(Zmlq~*UV{1)a@vc5{xD0*0=ep%PiuJ=2bMyX4%v1wLk4-t5@W%
zwMif&O`l(D?`TzuS&`S$flyOYr{Xl>t6gj{>(8juF;g@|T%BZ_t@Ha?@DUzogR!X{
zi)dm6m-|@~O}=*7pkxn*I;|b1S7zKrZ8O?l@prXTzU%@-svyIhEZfV{gUV`fN-?lO
zJMv~z^)kE6Pd1vLS@{r@QN%5FZUM)4G)R+h-gx4FJ@FgqyVGw<9;$4>W66tIfmc;E
z1ks!Hn`DH(Bl&>X{s)sE7uo+S3e;b%Y6pHZ`Ca&ET!}sx5<5J0G!Be4S!%2jK0MZu
z6vu42n1w=TsQ};6feqEtrB5nA6<LCt3v?O*QJ@rniu%bXj<oWVZMl_AqhF~_Jo&xY
z5SwA0M~rJ{iz1?VOkBLeNSsBWA4y#G2lnrSa}hB*(npp6R>cn#zCnysMaYwgp!Fi2
zOh>*ThXt02=qEB(UObf#S_<hUGeWuQ&;TZTje}(Zp{9Uh<;>{ZxCY*5r()jq@>Y({
zSlURH9xn|_3Ahz)XBZv7Ed6@IM7dlnXuvPW+VgcsX)}x%gB9<dPO%gAioXcc=Kl~`
zaF!Igcj^%w0PA&9JF$25X%!~`bFptI$dee+<WiOFwJRjho<=|~=s%@qMM)$#6vn2X
zl^NCUsZ|ibt2I~q?WR_}z38q%$iEY!j=g6_F?8?7BpGk)dKF((EKGRUq>0yMLHf12
zifjf%%TSLO>rh{{p6iFwp9eA`!@c*{h6jraFwHD2HzxN*iWhpZlo>Iii%8(wlI*2T
zumJQO_OIc{$l3uqz?F!e5Ok`@qZF{1cK5Q*^{-(xg}Z6mH88!r%Q|bU_Gm9Hz2N-|
zLo!fpVn01b*_F`LD4>eTq0yAsY9*U#Jav?A9TvLIQv^vtms^e2gl=5&Vt2p3Lo1$U
zD*dwdR{(Hn`&$|Bv^jH@N&Z%$^~RAEU7lE$*u=G{r6}6}Ny$uu?sih|J_V)M?Ot}G
z8}bL)_(P260IDfBFBeAcj$goJ;!eZ*)e{X*o9BN@r4*+d1Vb(P&&{lNzAujjO^BM}
z;-qs{;-|2M&D(!gML+2?sHVO{qS*Ql+q^nTJD9@=CtU_N1D10^%_^<e$U=3&vGKMm
zPy}k}t(6+@K}d?|gPL}aLcr7AK(6S4yy+g^q+Z=8>l__?8<D*upg2ooevF$G4*+fe
z2$lviv{Z$F;;9I?ZQDgM4^V=`)+2oqpU(Su5}GP`CU_OZV(W$Fvea&vG+(FI==Q?F
zICce8_#b9fW0!g{@S>jdHU{7FPmp{Z04n1-<NDS;9rdkwZ30r7Ruk<4CBlrRii4DZ
zDzoo~r@qAg<3OsURa{Fwzm(ENdeAAQwHFEo1|Mx>yCaT`PP}et<nTODqFOP5CpKJn
z6cBhsDCl$&$X{Ar`XG-yyEVPSiWoDg4U4uI<^+RuaBjWT_gogY-&yVVW~aTf($gR8
z?a5A7(y4ym$`4Vh{=~{pul(%Fzg3(1YbxYFvGTiBPeL8sb?KWd3X~wW&Z<5YOD(N!
zeXhcuh4GD?t;JqMDw|3213q<H3F6u1$&{%WmuKp<U^Z1<!D7;=o`PD-Ipe}iE^v@6
z<Z&>L%Cqc%@n*Ct*0kE)O;|~ehaHl|v6*VWz6|QIKNXl-vSh{REZYB_1-P;i#`3Q^
ztUo!Mqe5xLnBivk!v-Q!Z_q83#m&X9SRRszv}c;9TRAyU0xw6)?LZlEW8D#9oQ#Tu
zCFPf)nVu|94@+i|`jl>e)PnU+TUDL{C}|hZoYgNN3@*rO^;B@2zGPM57j1aymMcRv
zcx?Fq?VrXHMosGzM5A7=w%6UnT-Pe_=6<&uMdxw!3+N^Aap&puwV_~Q#FVHoM_75^
z2>3J>Zq^jH_+R=1iaB8h&wHdHS(gyW;ddJC*FNJ?_LX7wc6amoLsqV_Z0X**TAX|m
zO9fP+z*9G*n=-RF+>AbWRzze-ToMo?A_jv++KuBSa{%zL36JSvxcN^WVaIzeYfwrl
zI;qt*<|#?Xp&5*TOCml0)Nfc2N%0m)<72Q(L*aOqf5dNb#98t%%a>obmj&FBz1VV4
zZ|0j8W1>p4sNa6Xr_yMOzOhnU=_T(=e{JPmE8n8$!{1lC_<bw?c;%mYx_@TnS1GZh
zSNi{`I2u<AEFN<Kvx=p;0bkIf;TQk}$^sO)CvzF~9Kp6!+&&6jWuZSF)L=;XG&;A?
zpGD*0iDzkghqK9}-Edj#Y|J9Dr%N4oo^XN1($}E>pvdn$rChO3#)G=#KanBvSZc{5
zd0?4Y3u6mPMBq!_E2HLmX-!#*G0Y~i5@(J96Jm=#Z!0^d>DmbQUcD0=90yTi)jWv=
zVnaUu<c=10A<poZSFM}aT=FIPwB5&Ki~T&*>VJjWF@Y%(*4j@=40g2BYRUMZC^Wew
zp<s7B2QuaE(qZ_J9*UY;f%qvLsfUd(txIuX5xB(;@&5nU*PX}Mb=`FUKli@<&Av~@
z@nr1TVmo%mGoG2)aRPB(+&Zm0#!2fsb(*@xO`=4$>n5$jE<~iVC=#K7_yekfph&0{
zG^J8OK`NAjT2&&2sG^O;Qiv$1DKr&b)cW!Hoq2A96qwPRxyyO?-FwgP{C?lxdaO;}
zXAK!tOxX<)ptwK&OdK)r`4~hialodb9?IM|Fnh>Af5ZinFK&W+kzphP0IYc4ftEGM
z!B25jR)22=5>QrOzExQ{%sYivY%=vzF%XmxD627<mHdwG!SxZH!Y+Enl8*inIbsaN
zpRvQ@0rLo6wXccY$kZX%X!K1>Nv!WsRx1*PCuX7m+SFXRFgP)(;#g&{m>Y#eC*g-`
z|KM0HQq`uVH`gai>uq5Y>Wx=!7$}=d_)U9syxtt1m}%|ouTM{4=vYi&+cKQ9kr3&r
ztn#X)EL6{MS=}Qa!i4B!({i)?nUzT|C(Kkg5fhc#N$;?~*&I`xR?*zCNCCONK0%Ba
zDiWzWBa*K@Q&-d-F2Pq?cQOMDnDIV$6bd?HS?b-mVhk;-?6{?NxaL5G%s}pp8A;?R
zy298D$SsGI^VLNy^`~a{t!zfE^sK4}pH836bq~How!E050{)xX6xIyijoB3RFAoc4
z=6y~o#A>>s^oSLW3a=RbWZewK?sc5ZM#4zlTAi(!U>kW7a^*2&N^Y2p`~~G`2jSm{
z2{ZK~4j(wCIBZOXkTQ`JK$#8jtB*Wmi>ofL9lF&#H8sL<w`9ug7A)W{{E;l?u)A8#
zVN<ZODRynbgkdvJ+vWP0dAMdWIh9M8C^hM;sOhWYztI+$DGc5Cu-eo3pindiT?I)u
zl~`poYS)KZ68AM{Tf-9YYqi0Vfq@gv-NkeSc$y0AdT2N>rOMJ&YWPtNLn4YZDP&D{
z1M?h_1jd-%XLv8mjY@@rVJ1KjUkP|=+brm`bPjCUh~>Zxtk#%t$$MkEQJ$lkVt^;~
z67>wIwr`I!9mb~j$Qn{Ny0V+g=kC6l9m<KDDvQlsW%-fURF))Wu{X3E5F=7M)Yw6o
zg(p9}{sV(N2F&_2b?>1`x{Nls(Z`0?2I_-jGZq{@^fm~+Y>d<dP2W1OAf(-DCNmy%
zMBwSv#IhIAKQd#5Vh<rclHp@8SdYxJ;2)79YPlZuKrHR)rCJjMb{gI9%aC@h{#KAn
z6hcw`L?+%vZ@BnF)3`if8h!V>4mL(^*io;2k|_dIN`q;qn8j{oA=T5z(x0N`&*Zgl
zUP%9(QPS5{Zq{uq=!D0Uv$)=1pGO3!HP-7TJSHayksw?VC1L3f0;J7>J*-N0CqSBr
zS4Ld25-DAQM`R`jp5jjqB8&;a8!Ol_RJ~XhQ`8<ic_^zJt_f+;U|rZ;LT_dR-HU3v
zt)7No8=Q%1qOLxXeWbKGc|>k>e3Ke7zFAv}BBRTj(QR`oq=33VIc_CnShhq}fHP^C
z#7sQF&rlbT$Rhv^tb$`&oq&;{(w?le25%!KI2#)*M%EpR;1EX6J$OIMC7F#!fiySJ
zNt9cmKS0YZI9o{S;A~)e%qg@1RMJrI1Og~(RBZBx{w9~is57xNEL;|9jzz=tW1}&Z
z1}t#Z7#lOx6q&2{sdmxN)DU0s0QxIOu0F!k${@+#^Zs!5G-)M8^&hfSAsa66nVu5}
z6;*-VK})&9D6w3>qaDU}Q;Z3JHVkQKY&c5r9vhpr?2X`w=BVIZ92j-74bLeS#^?p;
zDQW8Nf$iEZ9@XlIIja7J``=Nm4NS7VSa2(xZN)IhYP+&WwX&i-ylBl))rhPUB6pzH
zv?9io0F!V9hOXCF6_r-b&J7Hd2X-7564qClHn#++WSbXPA{02>7sXjAE&-xgo#5Jt
zNW=&Bdv3+KC@|&Mu=?uNmqx=(+>-kpmZOAs&vhRt4|l(lBA4w$>BBJ8vzhL{pn6vD
zZ*f{Iue>(`O!4N;b!8Yt;?fg#%a5{2afo<=-M1Ah%MC%R^A?KO)CA2QT3=R-ykfBy
zHVe6F5!N6SOT7Ow`;5TZ2=8Q+WzAu^z_$f^3Xv7pn=P`!FveXMgQjuh7zSadk@d7R
zzY%F@tjWk$(7nRqg0Pr1Og+hS5d)wntBE!uS+Vd4#Jy%&MPLzrx?IETsVEEMg3yXx
z)oBR7_PTw9A#-Ke02VEiUKy8v$Ulpb0XE@fY4^<zTDPp(w{LdrM)<mU?<D>%hB*|t
zqV|(zpLK!g22?pjSC+4-m>?@E3t*!H`Xswv=5lHeOiGb8X1MbZwq0$1R9&Q^a*m!5
zx@A#*&`R&JT@kFmRs6Upu6`+K#wZ^j=>I@y-f((&TcIz0RWl4>hoRR;C=)JU>tjC+
z7K_F!P0SnjW?WILLA-%rL^LmHl)#WV>^rL}inDDftpsa9Lncx@0j1gFSmh`@uXr&!
zi-=eM<9p1!s1558!bRcs%q(gSi2zPyn~TCHCOVx;5Nb-TR8bE!m7hyj(vPQ~P49!@
zqiWmlsM?msgn7(osEi@5MJ(V1dA=?-1v!Nt3J>FW>l>TAo){;t3y$-VVzC%rnEfY3
zP3ycK0XMV#?E9EySkJ}@?$9eYg3GyV;Nr<_xQ8SH5^wItR4uuity<0nYhQ!V0r07f
z=f|hac8eY=99Fg`=I?Lef%QQz(7Te$ieq>s$iyfUw1kpZNcwKOe6RwOFkGu`V+0Hc
z&g)moM))R1<28DLG#d=7)u-k~Gq2HR)hfdMc!1LW2+@!3J6*Ymd@rLF>&u{%#&mHr
z3%^C<L;{YEykl&+H7dw|gpaGg0m&<lP8wGgr&aM06+n0NUBmCQkyV#RjBgNHsYda1
z4>KMqZQ_|HsCRBF0%MT$+iJ4r*mPPef;>12F{ygFkEC5-cR-`98yLTu&^3xM;sQ5R
z=KE^*neuPSFAmq!0>4rG{H`3?uKmT>S9|8)ikGpix;nD4-{}5H`Bf=b^|YM(f3N$6
z^7G|C*}pOGf2;eg^7qSc*jM^b|K8fw_V?!f-a4@M_vQWGx_0(&%AfD8rDcDAKHpmx
z$Nqu5-&?Q2z8bWy->a`~-#T~pd$n%uAB=rJx%QxadZoR%U-iH2ujT%|+B)_R<^5ib
z2K(!Izn5=pe<Odsm#1ZaGoSC}RM@{IpYO%o+CQAn_hRPktKXjAUye_(FO$N4&sS&v
zXzX9J%iF&Vm>IHe?k}Zp!|s>TPoyW)Q|amS>(>AK1Gb`%vlac7IzXRKf6wU$kJtFB
zmPLwj!Y#=QAQgaT%Wy%wbW>&>Ubt9S0)L-^h=dlvClRfN!`GuKA-1V#`ea_bXKiD)
zlm#0qYomTMBx1enfKo0SNF_2PHX3HP?fO(ea1h;;%xGm9HgSfn8|0qYbb+W@5g)$Y
zvJoypji_7hbt68s+hIut7{_Lq%72fcbBP~|<&wlyg-T&(vw{U=K=Ic?O!Vmd5#>Iv
zS4AZJx+b&&(M*CONcz<P!|WhVM!B3p1(t_ZZ*g#~<an-Ha>=9x#WNG6(-I8y&)b;v
zOt#t`mVCGibH_x>az>6oQ_Q<7L$6d-kYZ?5Mgb5NRuTyc5o696$UND87fwq0T*O@2
zSA{$A5Y=byS9<dp6MDqkOz$4Mu77fB<j9E!`wq_EDrVahCz9NNtAxtf7~lVEN}As_
zzP!s*Pwbd&jxMwmwHsTg4HWYtj;xi%8AP*Q3(n6sk0&*i)Z#d#Wbl?1K%Q75po6H4
zwED97NqCPxFSrtua(>Kd(G;z}_G)UCH<a_L478@X(A8WS>;H7HM>1eI-PrxP^kii@
zok&~hjp<x^TY6{uvGmh2>z_)$ntm%wgO9@^X)3hE&=7Aghoi>ErW`<#nNzrQq><Mr
zBIPGw1XVACiF#}S3~ZJWNOG%jKD0T%fpoI1B#ed28|(Fk#fyXKyY^B@mF##S7ee`r
zD4C!gR+p^!@so&HA#lQ7-58J0A98uOumngfXTJ*C+s$P}$V`S)2&!&OZp}vuM?}B!
z=Z9U<xZ~n2QZ`n*1(ppa6Qg`M#S)-2KjDW6VsSd`eqJT!P6h=2KtJ@XT<$DN+9=M0
zqf3>QeQIn71;of2BV&sLg1wMHqH;o}5N@PPh|j>6<A#u!>tFiO$_^E4s(X$-UA(KZ
ztG+nE7~kg9JXtAro${gI?qB)%<SN7REfH<DI5gCl-nolf#|};~h!Ls380E-UKnD~E
zc(m2T@KEb+VPN{F*#4oBkcdbS0x236HYsWg9(OM#&8Nny``U=BE=MMiy5JJ2y^NrJ
zW&e4S$eL6VrMXA~bKqC)RPVkgeYP@;KYhaLq<_hh{hTU`FJx;&nmQl=;Pz@b@`6Kc
z(2>^hD8I3ymkfKG8`P?Ttxxj6r0`j+48Fi7oRQm4e_}k~kwZYZR_`}^;Mn}^Zm3w;
zGeI<VFDbd8nphMK$9*!-V_^utUjr|LHZa7&Y6KVXKmrm$6VND5CZujjOfX6c6e4gJ
z&9PD-ZD&<Vjc|amNqp^0b!Uswtrc-B0T_tu5Xa)`2V2YmW}p8UNTYA692%~V$;gaY
zb#zkMIdwz7v0@QGT>%iS6u^Gq5|RH|s|H1q?|l$t5CiiUdSP3jTu1B>YQc^iH*BGP
z;WbfJqaiSbLn?9x_VpLLAUg~}`96x5nt!$#d$Al00;PqOH>}^I;LSx}^7D*O?e^$U
zzgnQG>Kjzy`+Wn84>$Jqjn)>&7s{cLJ@vPYxRHU2%RAak(+UQLMbNLb7&SnANF>V0
z$k?n}CVdARE#>=~?U8*rSD4BDUO#@F6kaZWV21&~k^YF)tcdX!x!|DpLpkkdv>)xm
zV8;->kOfhmN173<zqg3GCGNI-9?SE8D0~6qm2vA_e3urv06mw()mHza)0OX?0{!Y}
zvjx$7pm@3XMYiXEO<zeb$*umj+-mt`DXB@%A-#+ugLBM>Yk6`?zF(LU=7pDpt2wW-
zjy~3<y{yg-1W(G=1gd?I-K5$VI;|auwQvbiz7a_;gN^0+SPA9!GGc3XhlEDUlr)+=
zNh-Z>BJi<LIEJ-4c^sBxco@CPenf6U%ynrHxG-_!&?ctGM!^U%Z=RSwN>PN_j{Tyx
z&V{nMBuZs`lK~kJK)OM~%SzaVLwceHmGcZw)h8B_M}(ar9xNvml4Ek}ax4?tqi?g-
zAU36V7FoYW>O<F624-jR6W&@>9*JO*<#9w*LIiq=aH}OIcw(4+N>;1tv{LI}x76M?
zAA$PbeFJw({8JtPe)iS8f`PwLnIW{QW*E3DvR{~nLtNDxlo+Q-Q>_Rvbb-paKR7eP
z8dfdtZ_|5<tN&Hh{v7w+ogbsb-l~6Rv%IP>TUFYrIrMp7NGEEECh=T!cn?vp9t+(m
zJRZ7<5%%=HI8tlHlULXYA~@S`D=M*%47eXRBb5QvmMUBuoRIxCG+W;%MiHKvVi=%_
z(G+6NGSf=+sjRbU(=x-JorR0wxd;cu+|7kh8-a9QSz=sBcm$6S-7ZmtTg5?pUd})v
zQYLhjrO*Y+4SEB{P+IA_QXX(K?%(*WyZiUj=rS8lc~QwE>9_J{C_km&#GD)HBm6RB
z-LGoLyDw{}x?j;=*Zohm$;PcOy^!{FpV6*$|3!O9pM|vE{ib%a`yuV&?jLE7bf426
z?f$a%MDBl2?tgFY|Hj<^OzwX+_rEXqKd1k)RW4u9cC>qJKd<d*_uGD1+tJ?a9-h^%
zbzjsT>i)5Io&Dox_wbbVaQ9cVN4j6u9_>D$J(2t0ll$MB`@b>wKa=~P&HeAo{m<#Y
z3fX*JyQlj#?Q8S)3EOM#;ZxfE-EV6<dHba8O~;?n?(Kd<yTAKU?W(hz`o!_O^YN4U
z_-V&)(f>JZM|;@zliI!B@L`|*uy)m*9CkL2-<^-2%*RhVenkJ5v>olOdVWWHT6@&-
z%i6u&&uRB}Pia@Xf2-}}<9FxdC-d>sj(74ncJerO@;G+#ICk<lcJerO@;G+#ICk<l
zc2bOEC&f5+QjB9K#W;3SjAJLoICfHu<7?c{3)&dR6Skk%#yFm|{jxU3aVwAGRvyQ#
zJdRs=9Jlf~Zsl>@%Hz0|$8jr<<Cc4P(Pv{E;ZD!K<sP2W#yD=dhc9bm98c$QJe|k!
zbRNgkuJE;Vk9+u(HpcNDcM{t%j%OTyMjPXJCXeHpJdS7diQ_SjXY~B2HpcPI`ah?Q
zaXf4LNo|bd**uPC^EjS$Hjc+Qp7q%eYhxVm)Bh!HjN@DKIKCy1<2lDK!_qO1=khq7
z%j0-X&p00Ac+PcBX=5Byx*T&@{^s@2_i#*PI^qZYz0<s%PvegL-@mVR_S&&&pNqd}
zhf*bfOMFux|4;Y0M?{jY^tOxCM+3OVRT^~B?d?k1Wd-`}?J5a-wYObM!^Pg-c0IL<
zt=@Jkjmj;p5V|ejMWgR+7iluRwzplf^gr6$uB2l$j_v-{G%A{Pd%KqAie_)S?wYsu
zwp(eTIGgUIEniMguwOl#9!w9V$I=|@#5-`CIdgs`|J`K!z3GB}>CQ`+pSbeygAYA6
zcjG(u%&o4huG}>D-V08g*XIsBF8F^kR~EbITIu}U9hWc6oxJq;MLVaReNfG@NA<p9
z_rimZKYHHAas8ur{J)|{T;s^AUT^#OLHzHaJKO*LJ50wfU3~2Lr7I6!m^<==Z?t`I
z|H0M$ahvJY?(P-$_9owYCB55Qh<lmy<SV}8K>ojCKfUR~m3KdU>EhhV%E1FGD=Uti
z?_KhhkL!xPhdtx`LtgCTK73btB)_0jzT&(ux!_@+u$9i7f9Q$F=k9vs{M@N4=ihzd
zu_qkcrmfWdSXf<N<>&2=F*zE=s>p#lS=B^MZB*Bv2GGM0x*Re7V`zQ?txTcY>&$^2
zX2wogA2+z6T~^zhCzBRgs+NuS9u}v4tV;Vm@y+?kSAF{-cAX7;`xgB72>yDMo#poQ
zL+OV-_%W2z@nFaCw%6imcc<5-*Bkja;5nz#j~MHF(!I3dH{lU)HrMYnyU(Tj(_7O6
zW{1a&r(n}5d(<BG`*BaS{rp9o?ftdg*MU@aj=%oiH2CQG$1ZxF=$9=*uh@!1@tL;!
zzx{vppZR{TIDhT4`TCDsxN_0^yY_9>{PrvE<xyUQ(vw8*>pkiAytmWiDWx|*<G1kc
z_Gs7q7T(pSPaXDKdRs@eMdlgX&r;;i?9p>mkE6~l<?F{Rp0gErBhW@*jX)YjMjA2J
zF?vPuzTA7p)BQ~Ph4g-wg?~(6hoF{<6|w2(ig*4$XNI$!3$zkgC6G$slt3wgQ39a^
zJ_)H7GA$%p$g_}UA<IINl{oSXxbF*j>v>zx=PeS@C*u0gW(gKJBv43TkU$`TKLULO
z_6Ug;@+zcN$f}T3A*Vu0RkM@|tPw~f<Wto*ekx0+kWC?(nvOh^<x-%Fz!o8qLLP-Q
z3Rx6)N%s1SzE5U36lfx_L`a~JKOucW_C(*89DT`FAc(*Z@u|yM>I8NO<Ph>Eq)o`0
zkTiwSSTJk$m@PNsKrxy>m?0hW;e>gxm1n>!X@8r>(ifkud=nX^Fa5{U|GxeIFFx}>
Du;ET0

literal 0
HcmV?d00001

diff --git a/www/request_account/fonts/font_02.ttf b/www/request_account/fonts/font_02.ttf
new file mode 100644
index 0000000000000000000000000000000000000000..6f94b557d17199400ca86a90b6fdfc93759c64b9
GIT binary patch
literal 11024
zcmc&)d3;pWy+7yNnYpuMl1yeMlYJ(cBr}0*WRgsFwvezUfdoPzERzrx4G<C#F^Jn^
z5qyeDTLddUrJt%*^wqvsw2FOVt+t@8ZCzSL?c&Gxq$*a?qM3Q$-??`J`h5NP*L#8a
z-Lu`_c7EGAGmJCFk^u~iwX}52+kgA>rHoDZ7^7LO%`;k95!=I9a3%VMtsU*1b$K<v
zM*lctqOP@b;k4ti<5BdnhLyK>mR0l|?H^-|Q-5Xu`pD3!Tkn32F=Ys2)7C^rhGH?M
zVEtmuo7W6(Tm62xW|T4Gc92V6I}llw?lymcwF#K7UW)<sr^-q6o6*l-yMFVP?_Fu1
zg#Nqu?74hkcthe`_um=Iy$Lkh1~>Lc`afBQwT2&I{j=*MR}QgbY!}w9Mc=m}vVP!-
z|6n%))$8E@z|h8#&6aJJe#QdekG;c47x?V<yx+MZso@i5gHrJK2e$XDeDb>4u@7Rs
z2BWebeKQj@ia)%gtdI4wUV{ts9~z7jlQyTpJ~`6Ix|orbLId<Bmt#}V5@;F3M!p}j
zOxz((VeA&|$=_okZlNVc=uQ74KF9w$R?k?)u4O*9LkYz~tQWi;#iU%LWGb0x`<M_X
zv={h7JfSf@nN{=uVnxc@*yrLV=2HflD*lz_vX5C2zm@s;?aU!mridYy!RuK)*5>dT
ztbzZSnZ-*iz$2_c>|#DK$^zn1ti6L(i>EO*jpc}+p?^|eKaJJ$zhQhM`sY}o=wu${
z4rUYo4w-(z8pRHb{hBq1+tKdB=Q;G>W{tcRZS0izC7#PzqjDV2_we}(=AXp#UEur!
zp8pIUcClpfTNW0_V_z6tEJ3^l`p<y(qmbo3@cbN8`28$Xw6a9WM?>s`|1<iVn4Je9
z&nD3RIV*(rX&>p6rR@=GK#z7S3qI(>(|~`}-vM92-o;|EKj|wOH|ZOT2~IW?w?H)I
zAKp_8Mw4o`SZxXR#H3_Liqqvz^`xa|WM*aOczwBf{``W%K(J`S#Nv|Dvhqn4p~|Z2
za7}GpeM4i@<SA39O^4UF&YU%S&fIxz?H%(MbapLV)V;W8$<p3s%U7(7#3}v%J}+b1
zzXR-UF8E^pl4uZJ;(GCj_%Fq!6f4cj66H$em~zTsHgp;O$?$}c8S{;MjHisR8vkrE
znMzF^rrS&(nm$vRYF3lgG}WgD)pE5)oubZEJJiMMN_DL|q+Y3BtL{<vs|VG))%(;(
z)Z^+;)jz5i%vt6s=EdeA^C9zFmSjtl<uc2D%hQ&#R)e+Ny4<?M`a|m(TdJ+uw#)WJ
z0!zqC=t#IC;fD$D+tcjL_G|42?Jp;qp+I;$w(x`!f(0b7OjgEP8FS=1a(Sr2lj=69
zes`!MTwPTeD4fW#i=lwODpXY%hcr@ESjO>R4PexRepmupBTkG>6F!$m<)(C(tHEgu
zy3$&Ot#Ik=Hes8(NU?4g)*a%_45O_iGufCB^crn786Kmp+Q-dBO6ZHz{8^8|kfs!u
z*zLtG>*EQ$I6o_a`?GBd+TH}mDl6xM+w2^@q5cH^m}1c^vKqE&Lfo;lbjF+xDT+h&
z=Yd6)I@z4sRkQZy*$vLi@)HF29YT{n{AE7FXSGH@c&k8FugS4lx8lR#2Sxl({G^hd
z9AH*<9tq2YCsY^v9QHm4TGL5$TthBNRaH*r{);UTY~-OZ5vHf)$(3|zOMf>Pi^NM{
z<v`_5uaPTxM?>@!{!)w`EG+^2PQ4tNcvOED`!QA$J$kg{D4z^|HyzG2DrWOqdRR?s
zX=EpXN71*LuF)S}D~5NHJNshC#0a8xJvy3xa`RM^+l8H^e=gOex;4f%n5&xv^jR3F
z3|EJ%q&WP*{z99GzV3ILTO38#gy!&p%9g9Z+wG*-8g2Nh@)kboD;&j;lIc~=*Javl
z-a@OZskCL$P))XZA=vVQ+3i`j1Ye=WRbM={V^>Y0xfi=a_NqePtDtWi%Z9a1Wu3%x
zs>h^qe_^0H>;!9#9OmkW1lgQKkQxV<nq&~h_zl*GfkPRb+r~b-0}tzbmnvLFgUbwP
z><HygE~}ki;cqJCFY6O>S`O6#PA*k4xjP|cEFI9n-*%adlQQux9vK#KYg2JeWM+x4
zsU#d}Ey?}pl36UeRUgKqZ)S-XHfBIh<l;_ofH_z-t6{Ur&f-3)?^6hJYV!F#(1U3r
zCj+OgksDOcHE#}iNG-In7|~GhhGM%R*PfJFVpsC)iBCC_7GzsRP0ya(<c0<F_BDE2
z5|d_$mMMLiyQbvvk40AFM7zOfPojrEf!`do*@8)?pv_v8WSV5l%v9B-k8q#AyQFGS
zmCal|ud}+mt28`kReEuvy~trIO0Z3W?{M-bc3R2CJ~F4Y9!2_O(I}`p`aEW#WCK_9
zgH#j6C~2eoI;9r7&ceE3>Tc{9-&-l%i}l`uphbkPUfk2uvmIs@npWsJ*H-LN47sYh
zefi3r+`GMd5t&$}kFp_Wj@U6iqTzPJbm$*^lvL(`x#%uS`g*3pn;*1_%I!eivmKUQ
z3EceC_KB$)@?|S_Mc)E)*szA2Bd-3HkBK)~UR+KU0n%+s;vQhu<7V|_9>7*rc=<_^
z+;X><^VB_C+pU%q%e>_s37i{y9`qtbDA$WOp^#lo%M7YV&A+YA#1ppNUTaCQTGp2=
zb8{Y&@?@|P(JdZ9JZBv7TL!!@IdDiiEZ<8J@AM|faS)APj`$N4arGf+X84zo;2=D1
z(`g?{KhjZs><IGx1IQ9A41YuD@`uUB>JJt3gt|UAkUStlx!!L_@G92lu*3WmYCP;O
z8DBQfm43+Y0Hx?o04-8cSd#b~u+9SfSTBR4zPSy=;vIw>E4LDA;6~=+4<iO7;VHMt
zrE1nw8RkYAG%rY~WFp{M%wy>?9FiP@1!CvLgGvE>$<J89H;4p$U3IRjJj)yQIm<J>
zyI1sLlXtIJwru71LcYMO&4q4Q5j`GW(lh$%Ro#o_V^I(BSpZM~K9l2n?~pd`AiWiw
zhF~Nd{wtYK^;kM26tw_SA3iX<4)4N3WwvVMxnz(Oi}BA*9q3fLc(v}yOV1(v^5h@4
z=I==x?0|;zfqU%q{)~<D?MiNv7^HB!IyB>&m5!!TpTz=F+aJCzlG0d`V^K4b5m~`=
z0Cd-aZk0|qK%OujZN?pg_&{zTeq^j6_TmBML>}_;tCcCHf)w{tVBw>CJIWRrlohF_
z`5o8(6$9K|m0~PR;nOpW3g23ilpJ)LiJ6tPEz6q}F=@HS(>J-1Mkd<rlic#~;Q(JZ
zfv+rvm{?G*Ta%V}WQK>qNE@#TgsS+y=;N>%ew9q=pjb(b?|*-k9Fu>@DZ@`E{G$M$
zzD9DRW)M4opY}}Ct@NC)5m1Y*4iNy#=>0uMIzsL9uRlxVQmY+C$o!v}kXt%>)tadb
zE^lcisufAep>!L_;cNp^tRQwy90k2ZRs!pwkQ`UDKhFsR3COM0omb{EnZSsjv8uda
zZK5HNo-?8Gz`!ydS-t<sJiGB6V$sTZw=@UZI{D0|YM-k%F}Whg8U0RY+qzG$?C#+?
zHrptSwRS?JcIHsq0<ZzObHGdu_;7*?>7mlhv;wIz?3@o-_$O&rCHl!BcY;y;Rt%Ef
zfNCr~)nYNIqL%O|h@t1jkCZaxst}ujL`^oX<sbRfGSDSf<5w<Pm6no1>Q{4<pNGEJ
zUfS+X@3L^{IPad0@_81^N)PPlx}3@sV}Zk+r<s{MlwvA$xaNeMrot4LbyfYWRnt@K
zwTrFh{%O<u8fJGlnN6X-^t9E}rtouRiAiN{OKEaasoQd>GQ|lCD@#rer@`@r)W>&~
z3EIAJDtzN9GgP6#Fg(%)FXn_sE)xXF%70dsTlAHUIRX92jhTB(a}XQzn?^(vZDaVl
ziyI@;Ma_growhNkH)T8&1*kV+`Fs>P6HkoSA`Y9i@mNfbC*hDrv1UC#CGKP?*hg@Q
z;DAF`Re@ghJo%2#%%j%_Ip1M0x-1Ic*KhW!rrnP^b8kGsQGwi`$$nVO7i$rNJwT~>
zfwYNB+aibTo&g8~vUM?*^CFnXCi;M<Lhy82<B4lY)d>9=^^D3Z{{p7?jvyE_Da6!{
zK4NMQnA-aURZBNuKfsBY1^e`}iQq}oyEIX<C5nW8vNAmcDsg{-@$tG3DI6yK+pK~s
z>|J3ae`KYzaB8wOH|Yh+ClnC0h`6e<WzSs8#Ow@%vSwaVMsd2sfnXSIg4fF8Uoczj
zW92p_fZR6)JXBp`5#EctFB6f8>^?AV5lEC(AxCxiOIE}$Ovo;P`>JN&l#2S+-(S_=
zzx~w@u3jag&o8iXURH8hrFTl{wD6>Z5q@8I&b?jL^Sky0`Km5wFd<>0S^Vlc$4$d`
zes|NpO-m0%d6pv5x+?0IR`|KUI2scp4+iWTT6;&@+ToV+{LaMVN+#^5S@s*D&*QQW
zFU36a3&nfPx5z&1P8^ecoM$jk>sQPE%<=vL*`GE3{%x|4x>R3}xCVT4;(czF{kgKw
zVrPZ+{yc3y78Spe^KJ3<Vy5gv01clqD*GMrzRur#*)NR!O+2LpK@R~<r~d=F9w!6z
z3t}h5({jFReEwNEk9#Q0`yk(l>@Sji<Z5w+?03t482sKP`?xX0O~@CR|FP^N#p8X{
zL%5A2d6&pOyi}Z${iU*xdlvDe?Dxuk5&D`u%dkP5HK6vq8MP<kZ^5|7RXNDSk<lD{
zDf!qRDZ6B#bz~VuUs$HHm>OfhkvKqu{~SJo+DX>Z9w+%pK-rn^QI!i4Dw(-f%UHV4
zY5~nm&|I(4yd>s3w454pw1E)M0m<k)Xx%0D>NLN&j~W8`3OEw^)uK`HQ@r8v;>!tp
z*GO~k#v7dQ=o5SMQhvDGpD4K48~vLL_Z|wrng^pd_>2ai0iK-LGO-kX4&E=y-^fJ}
zq{q$!2oN2nk6a)70O#<z+POh`yH3z?uP@!GY}=aQQgCv}F&U#Dz@LE^e`Np6&C*a=
z>gVzBC2A@YA?5YVLvFiKoPHzdGKf=m6*(1=^vuDzn>J}F?%e_vMP#9BYI>MYLax(&
zh@~Ri6+;NU5b~1(wXLHhQGfzMD~bHd#inRjo<?<0^!K!<^(c)N8l%71prx@5*UQ4l
z#SfP+OG`rygq;@eqAcp2th{iGRwzYZIS{XkNPoKjQdQ*C&UMmoX#XiE$-GOoG$Lg*
zl#~B7H2TS&NJLrDzYj%&;loD1n@?{m&Y-Pb)_=pp+q!#D9Z{ViRY!S<{0;j<rwIhI
zi5%q?<kB`>8mi2R{AHkDycqbloFmZ+_VumcEBg6grx&J1rvqQ~6)6qs<7YsGc-LbK
zVZONcaof+0*SKyG0;5qIAw5T}`?-;f^XCr}&k`qbd?Q-Jx6pP=yofPqr{ZQ_PhPT|
zL&>by;M~gHgzPxkSo9T230lo|BiUN?X^B_YFX9_^TGwxt4D`}jF4eHSF(D0i$`j7p
zn)LhLChTWP$)(W4IpB`ou4^E!W=#)N3xZ?qEbIvBmsVQ7^J_deQqDR}KsLr%j-KPw
zflMAC&Py$8x}~@~9uwS`;23{%EFEIfKI7I_i_64A81^i;SZ4yZOngYePdh7AQ(aav
zaj>QH^3eqgZV9;gZ_CWQG$T*A!A8{kt+sGm`_(0gO0*YRd`CMSWD2wdO@YFsD!8&K
z;~HP$`(xiGoWFZCQ{n38+<&?}^BD0dJ}Lszv)m_~7HjmO=yD$XJbH%M*7Sy4L6woN
zH!W;RKa|?yR<e|$_~wp1hZo6YG?`(4lv^kVIH|PD)DQhqTJ6Fx&Y$CziZsq2dueBx
z(?on;eyH5T`65k|6NHG~&2RQvQ50i``E7p>3UM+z1BCD`fyO8K5NSZO9!WvbO_7E?
zPX0FGJp?jO5msvO6Z*-pm~*}^x=!LFV&5VD1=DjM<oA;YecjEMG*L-_LJ}Wo%5zoZ
z<ij3esk({om413pm9O9oOcahv4?4}Bft%u*gB}_^@>k?m+<d}H=w@L&ylEPX*JXZg
z?Od2`Ez2$LBvH8U!R5`}y@$o%pPN$C>hsg1>tB<iY@EMlYX{OY$)e|J$TH!Z$)e(-
ztBjlY@c$yxVuR>=t}@G%{tqPEvQQCwdC*Fxs>cn~29VG959L#xL>fYNXIaW~C+b2T
zTRyGJU-A@a?iGVC);rx{pF4W}`%=>N^ZGW;^SYuR@!-#h7Vfh^5OoKg{tC#!wB#E<
zL{qg)H>-O1zVtd)j107_j#41J^h$M0>zdcUeEIsTq1pfi$V=`~udDNa`NkD|==BcO
zA6lT)gN?LJ<l*Tcbc!rfGj$4DV+Vj&)IzZBnk;&aM0ay!g;igP8+1We&mG84{Ia_2
zWW-0~md?SQi|Lx|P;Kg+GIHQVDI-UF+tvJS7|qywEgA6fc)i73z^ysCe%TYy(m(Ip
zcQ57c7hb2V{lbx;(;!|HbCI}>s?6Eq-9nYFHXy5BtI=KDS8&<n$wEh&$>{*)5$Bta
z66Wo%Q&q5J9S9i2_9N7pKKSSahl1PCfKDgRV&*qTC*wN<LB&Eei$7%Kx$^1~boH8$
zyp)g2pqENz7po^!Y|>Nt&^1z|Cpdrcev)c*pJe107V~5G6M6nVFOh_!|H4Id6ottb
z(O=6_g)g@{_(pIb<%L;O?Mao-MY{UNjuTtA?`W#cz|YbiyA$5j2ps4A9<#-4i29@F
zvDt4WW%4tG75BElNih?#>|*Vh&2jxBFQkws8aeL;F5v};-o?xC7^5`EmuhzhWJ22Q
z3z;W>QrjDQ?0(*d@1cTmyktlzVTqNB7hE@Kmn1}nvJpy=sj!nOTcZ57q}Ao%{`{PT
zBv5*wrXbnK^I={QYa+gd!Oe#?;>}vPsjPf>lZURFBK^~@nPa7Iy&LhZ`B}&lubtz0
z5?@dlM}c3-gk^rQ1-LXm6TxS{#;4{l#GFv2+{7|&+_g&sQUtgsrg=G-s<PR|OF%d?
z&M4YHkc=KDhQMg_4NfeB(c!Z4O<<IItETNBM&*7Mve(2t{BiO#j-xLH-GF?SaU6i9
z?a)!U!XxgPvDTYcP~Vv0Pj&bljyW^ddGiBJ^%*(tl$;a?9~n(k1NjQiber?Hq3IVq
z!_CQPpb@6b2HXqdQBnORv2biNAnqLi>tZhhHpJQhyXAO~9A6^Gdok|7`b~hfvBQ9M
zvEKkT#O45Y%kdsLzC@1qV%)=A@bPq(6&qvuc=vh0+Sp@&b+Nw#HpCtP?3Uv_a(sy#
z@5Oikx6&U0HpI>YE|u+Gw2N30s1)H&>JWbGP#Aj=a6;^NfEBSf0V`u~0k+8T*>Ze=
z9Ph$-8F)AdSQ|SDScmWT%7A|uuv?Dz$nhm|ycgpY;NdgChS&wbrLx_Nb_hJ|0d&N6
z1J=hr0bB}LDY>m=#Ag-S=Ky;F!&pB8=m5?z%a6SQSQ0x1*eu)g(5}TAf{xfjfcel#
zEoPr*br?Sb=)g+sSZoQPBh~|$4{jTP=P+QiY|lfxS?al2>bY6!xfz^1fN|1uGb24W
zGtzT2czXcfY?7W^CFiYD&#jXGS)g^8%>u1MtWD~<P3pN#>bXtoxlQW1jgg+)80oo<
zk)GS7p4+9K+ohh{fqxj|q~~_<a1xO8+zwj9INg(;7huf=K+^L9j9<X_f28M5@UR<@
z^xP@++$Fi~l6)>i`y5+{_Bqy#^&^0!=WeOzZmH*PspoD+dhWp*f~4mjsplT4=Oq|F
zgL6LVxfksvfTZVMspnp)=U%DjUf?-Q?u7jMEculDE5^H8n<L&F(c1!k_7lCW;CC<a
z-|iTgh1cohM*Ko*wca*ie4pO7uoV6ioJhF=m*i|QK3bdO<g;6E3*2S?KyNF!!8)n8
z4S2UuZyQ0kS#O&#zEy8qSU&$2zT4i&hS)YX%+|3rY%SZ2>Ltkf;bA`5e7XD-qrH_4
zU>(i*pxX#mZev@}p203h&&N7|A;LzmYBOdcj7{G-v~76ZnzfsK!Tus&MR`Sev2W|Z
zkT2-#j;!6b#W&;fh_7QfGBU7v8&(sFsUR@K27$tdpE3;)l8A5W(9qz3uWJCE1sGcc
zqJx;hjlqI}HCqNFXtY3t4IoR;VXUC{>+t!X__XnA6lU~^i^p0vZrI$iad^#uukIo}
zw5v<1ONepyHK^Dnj4cAmVaUEtGU9{Q%Go4DA$pdB5w>Vxcx2ti4Zia7Nu}lG<rs-v
zf-)|v#3&{GMhgBqHOgdy^WKjTk-qM)4}%=lu!3)%jm!k=G&2ioVjJowJ8UTlHtoQ@
zj}tYS8+PVFeUZ*Ga3;t?X3D`$gb%0XJXAaRxRowMWDdeoCgA?I7z!;#Bqhl!K)n*N
zuNo1q263zozdmTd$-Rk9hK){T(_nSYu$&geotcO+vvHp|m(4@;Xonrm$3}O;02Z=E
zu(ZYS(j{yu{BRjt&Q`FMWELa^?&m1SGphW+X^!kEn8mN%FhZK3S^8+u3LZ<DXl|L?
z#S#Z2n>Ro<c~J#S^i4eeWQ!W~mKCxzeQABh_$r!@zagp6uLbG5OP!`c(igx{j1lcU
z@>LglloPqkiL?_Q=$GTSd4w$snpuTk6yC=kXV0*AxS410VqVRs@FjeZU-1uS%!s&~
z5pRzm+P;j4*oH{E8FBUqqU_6vjcwqKayMme%G;E+DQ8p0rhHA=npPm|AU{xcrkp_;
zgYpGs3(6G+nJXwGQ$D6FClD!73m`|BWsaasOnI2HFy&y%43rlrD-iyJGAB^xrF=ly
zfN}w40?Gq~|1->7kU4-dfC2dT0RL_o{VB%^%%9h3Q{<<(Z^Eh(tQwXvpE4`uRf_iX
z{xQrvBqKfLQ{wmxM&6KbQM{)ta8ky1%Ayq8u{-bt2W&h5>n5v?TXa}jGx9Agcb2r*
ZxUF_eJH<V)ZUgN1w<(`e=hEMI{x|SEhpPYp

literal 0
HcmV?d00001

diff --git a/www/request_account/fonts/font_03.ttf b/www/request_account/fonts/font_03.ttf
new file mode 100644
index 0000000000000000000000000000000000000000..06486d95b0705c7d7ec9ec733e8ab9f67169546d
GIT binary patch
literal 26592
zcmeHw3w%`7wfEZROlI;TnPf7P5Rzdgj|q^;B$+&hU<j{}00Ke?C}5RG!b=iT3>06~
zA|hJkTI!|LOD#pDNLxgUN_|x=rM{a+Y<-n-z1CXW+xGKX%IzmJ_rLZzCpj}oNc?`^
z*WdkqH#zKe_Ib=+Yp=cb+H0@9&V~dLr2|;V)6md7=ix7JY9U&E3U_lF>!&wRk+2Z8
z9LKe<ao!aRn#L~tfT%T|NO`((!NRF0BPYXn{uZ8>U9q4vc+;B=MMUBVt{1IrTi)^0
z%a>jtira#F-77bDdQzXW<5A*v{GL{ItZoxc`?H8_vvKo>tCwHjK{g!JatPPStJmMK
z%C`8^KM<wV6E!ujX<gn@+hALXvix{ny#_a|kEkbb-Gb|aHEo?+erL;caM?ua=Jgv^
zE>GL`*)LHP@QG*JmT&3E`Wvl6ekWe=v@dUKJ^8aIRue7ThkJkS*l>NPWk#!yXa$}t
z*&Q2OJ5mel9wb6_N!dostN0IB-E!+|o3Bl+{VR>O;70G?+wZ)$GjcfMRPVBYM*N7$
z;6MCM-5S{n_$ZzqR_~G}Y0otHYkB7^HK85&k1-Kt5P><U5B`KQUfe@*6tBo)MTdSq
zNtFWRDM?oO8quvprO3|GFR6L?b*(g+Jb5E^8n)85$p!{4>m`0uECjfKbAbHf0UD$H
zk^IViNVv^OxM++xfoCVEKwQB60`k*&O4iSQa8yxt;dfayPT7q!r=3WAkJDX9d$qhs
zq-rFWEF0y>^IrYDh1@;AF@9^DQ3lf?pWlHq%2zw|YvUb0--&b=6)4-0_!?!Zhfwal
z$Zy7(Y0>M|b7nfW&?<iSABA7|sH_J+^BBB0Uq|ITs4nU{mi{etD(X4c#q^Fi8;#5S
z4DG^oclVdnNBif87!~<cCVQkyWJC_j^2}{u%1e3K1D>1i$vn3O)3{G-qyJa<Sw@vh
z;Wy|o@k`2y`MQ(Zl}@_G;2UIL%0Kr3(Mka%J|`Q``#pb1>3m=RQ*q{$qxbe#amD>U
z2ReZD?HKYP7f)L$A{L0{VvE=+_9&;7_dFS%Y>(TM=ka;UJQF<M_vYn|j70DY4;>Iq
zVj14NMSs)b$@1iQJo3#N<ITvwMP7(>L|P(qBeNo*u;t>P&;97!<L4ebcjDY5=Z>5^
zaIW+>Po6!cQ-xv&{}WI?n##i2sJi)Qc&J+9thV@s#H8dADXI3fbVr8Mm6<g%dsI%Y
zd$h-!mtRomD;hI)T(Q3-P+C?Vtf;K24vnvwa9Qodx=E9#Or3_&sBy;3S(neAGxv&l
z^P3hlFI;rxRg0G_z4{B+T)S*J?YQI4uYP^s{SO>GbojyVKJ>k#-~YkG$BsYp!^ciM
ze)5T@pL*umGaFl4*Zy+LcRH?nZ}U3Zc^_Smaqdf!$n`hVkte^hvYl07+bzFZvF-M6
zyzrA(U;9P(>p%YyJ%5_sefu4vH*e^A<E`zxZoB)gf4b*uyZ?DF-Mjx=|3WXn@<kMJ
zqb%k)`AaXB92bDKCC3#$;jGFtG8TVnEgr}5371xRM#iRPkc&r-UrCT>+(^_i$R+7H
zWRp3|uZ_?$xRs*kkWDqR$lLt@Y5vmV_HlSU9fTlPa@?Wa;XIubk=u`pyB`r>nO^^h
zvJF7J4ZyM;AntYm>ka_h9RTq=0TS*6NW2Rm>8k+Ay8uSq4Un=MAoZUB?DqhqeGMRe
z4}jzA02%iJIR6>IwHF}s8vt4R07iZjAp1UmQU3yvvmYS$TLA9+0Y-ltz;gh=`yGJ1
zg8=yt02CYoD0~pWcNn1Py8vU30E~SIVBArF;_m_YzYkFI1AxFWfYOHn%8mn+KLQYZ
z6rkdV0F@^IsvZNVejFh51i<){05v}XnD8XPWlsUrJ`FJO8GyQH0Ve$zVDfVSQ=SKy
z`U1eTp8(XK0+{|&fQHimjXwjJ@gl&?mjGtH3~>1?0JC2OnDZLI+}8oF_&LD5E`a&J
z0BGt4Snviw^BI7JZvrg(CBT)x0=ViefW>bEEO`fD>AL_|zX$MzUjtlo7U0_704zHP
zu>4;ER=f|e^4|bjJ^*O_Ex@V|0apJGV9iGWYkv>0?qh)K{s6H4j{t4|4$%H5fDL~J
z==cl37ylQ)#!mpQ{||u9PXRXl6=3sufG_<GV9N!78~zjE#=isH^uGaa{tV!jivU~0
z0AG$wuQ#iS|FL-iBTI$0k0UGW-*`%(L`tG$8bK+PN_I-4bl8Cz<Rlkm!YCX`*)$3x
zMJ~B%H1xig@+hAQsE~YAgpp$`jiX|WP$d+AHCRUF6r>8Oq$;YW5RIoAnn0IPEls34
znnaUn3QeVHR8P~Xff{KB&4m4UInAayG?%WRc{CrE=>lq|g|vvSq^oE#Eup1!HGP4u
zp=)UwEvFT<l3J)0*7a&yLu+XrT}SJwjoN7gb<h`SBlK-2ZKBQeCE7waKxN)UH`6T`
z-M)-gPu7oGymMB}l}EccAkHZ9O0_aqS*L7M4k_=e@oJO$ta`yR*K*KuCax}SPu!Dn
z@5jAwwc}{PaliFXwp!a}+X>r8@ss0kj^7`DCc&OCA>r19lL_Y&D-*XSzL=DkG%IO)
z(#d2?a$WNJ<fA>uspNAbvPY~NadN~bDP<`wDNm<dNX<%}m%1zU@zl@kmG+JH<MzL&
z)u-K`b~>HXE7NaHe=_|ehYv@Cer$1=j{}bAqsyTke{{$rBRT3=mT@fOGv_?#QJ2NF
z%Jp=nJF_G6xhz*!XV#Id_eQ!#F2Zpvo3fj-kB*8TwQAITqyCapm$NJ9T<(P2n{jlz
zJ??h*3!`&JZyx=YC*Zlq^S(Fe-Rb=>FFS8;-p;%i^IpvN<ZsMBRghC~W5HX6>4j?w
zANN^&SNR_Ged_zPsJ`d8w@5o4FFGra3uDs9j2m;+m>pwIL?2_v@qyM8^pdC%A@N<d
zXB<@(&X?LnO?x|J8uK)vs11<iQFvBX9;&Ra2)djZ*8DtQC_f;I)H)HWaEnYeMFeY$
zi)%UERGb?Si6W3&r=3?7Uv^nB(odBVuQ=>2QE(0~@s^<cG0Hk|lez_cWV9^bfg-E)
zBAqG1RuOZ(ZsZst#$-FP<>_$L6@;wB+pZPg_r$7+>!T>osrBeH)3o{o#3bP>s;ZtO
z@~t>!R)l~((=Ad(Z_btJwBouNr=olts4C)L$(*Ail;4@-7j9?#hzg%|hTT3RkfW64
z26Fu(d#RD*r<H{ke(L9YrTB&R^y^Ctms-?P?<Tv)T^+wiOmR;U8@$Efd8v1`k@=G8
zVVnN2l{4b1d(d|N$PuMoy&rv^Tgc%H)hVGK9=erG<|8*1{^cW^ks0T*r6@Mzc2z*>
zVL2MI0`;#fx^9xHHZIIT8{!bT&5f#_jSJ-3aVK3A4En~W{@G=10h?WG5qo?|TUmjY
zuaF|(NcwotH&`|yBlIUJBeH%m5^;S_K<KpL6e|P#dw=8&agTaEbgle7xT7~En32Xc
z)*2RU@T-j-K@T^R)xiShkPYeyb~LKWzOuGjA*SR^5iGqEP!V|{YTL?yqX0N|_TUg{
z;IA%EU}qY0UXw1jg4YH@qU;O1%vi)}6Bd?V)P>#<uPWE;y-~PQg|$@JkbILw5mNPN
z5kkU!v9B`UIU(pT3D&ssD*gVbE3vu1yZSpCo@c}b%)_-_FEkE0UABB*s7kL&l`mA`
zvN^>8=GP=Cxs!Uc;*;1r+C$VKIr0j<OoyRU%o-&{_^SN@uQyP9b*Qj8udFODFI48d
zg6oXg(*^M#`uiF!Udc`kclZNFt0R<H4PGhz;9<=r@h~n8Pg$AdtrGc_*r9HKE@HYe
z1ER{I=>jK|n{8H(|5>eL^Qj2^Q~8@m>!=qKkYSwAX8<kGm#G-dxfG#yIw@x;O|bN#
zPf7uS#EJVLwA`WeQ+PL|qjKRSNE|Yg7FM$8K~+kXxko#TTcwad@WSmzj@t~HTpU#!
zVP{Cb`ijyFp%cId9pL*cQ><WK?U}rQ`*Uf|NS9YxqRDYh@Zx4JU*p}FNJLqMdKAmD
zSPNH&M75zpxG>obwaU0`!W!~Q897{CuV6^XPZg@HR~*o=20>-&7Rky4!bcNEifkrB
zS$yTpYLS*`AI<fv&}vs;RB3*3_-ThKiPLEUZ<(fsD9*;v!deY|+Q}WTuVSm>=3sR%
z)tuN5>e6!qW+LZE)|c7sWwHV0)S&_NIzaW|Wp1e;Qy)ZLZ<<)r>&s@PrOhfEZ&W2p
z?PZ~!h92pWnPsR~BJ4mZGgUrT)Vacy$-`k<FRQh76#LcDwYjB=>(@|yXVH|F8SQmP
zwI&sx9B`^i+sJIYHJrl3twl^IUp0RJ<pO8fz`eX|fvkiyjB=D1h-1Y<XQbA|`Bt0L
zEh@y#Rcob?*3FLQkv+HAB1R@%%dM?0m@MWpv;OY3s3mUki8{WmtS-o!6yj@Q%Q#;)
z#xvaeey~Q<vZ}KQ7J|7?CBypF`&6+239=1U6X|Js=Q2h%ZfuBy6P;{i(rsurCe0Jl
z$(G{Cy=_q}{b=KOZ}A$I$8kPkiK1ET>9<kWp#O2-Ujd%#I#bG;q4hJZHdZ3sl$9Z|
zPxy0RXSSTL?3k{`Wj>ue7M-y~NmiOuMiuuCEHlT3oAbviir<rw!|kR@9PN-5J7x@;
z1yfiZl9;%naxinm-bmAJfS7IpQmVi(u`82BI$M+M?A*-g%joXV9DVti%gfRXIg=;R
z7IWRiEn25_hB||9=Iegj*WnhI38PL9DSOdM(=cvy5vcm)^ER(i*VDY=&!U>QSEHJQ
zv&6fG<*=F#(i!Ct#-U6phh|$i&14r>^T=XOpUTm!tW4ahXSgjD%mlBCD$ijm!zhnO
z#i;UlbX1!3a>A#2$4Rzre}*yp%RTf(jg(S5_cLnduo!A1sIpZKo)UyV>diB)m<K59
zAa`Rh2bFy=G~i&6DvbVDRjrz;BxuhiMumGIgQaZB#Tl~*aeU8!Bg38)P3&CW@Ne|V
zg~n4i=v;z6n5oYvV6{Vwa?kS>srjl^_CO5lnNYE8(~Fd=Yue(c0(l^qk+VG~BgmuG
z)cCeLZ6k6<*wQfGh#KET)&-V;$P1qhSRn1nK3~mu6NE@OCi`S0j4^)(_+EgSx~`!x
z%-Ec4OBVtekND<+$?7XAlmhN_h479v0><a7*8p{Rw^-5m&FF6S&Bhf%Yy^$hsQKe_
z19H$2qwWVGyQ`)tv3*RLR<)VC<Nc#xsj^*Q*d*nWHb?(T(lAg!F;C}=@pH^T3UYwa
zeZA4kqq<L6vs_|_Nw$}C-i<KYi*>fomL~ZEYf0msW={JwYYB{!Y%sG5rV=wr=S<kg
zRriVybna-K8hl|H0Y6~d@Yq+_%MZ=IWfiK8ab8W8$_XD7kmSO7?kTUcnv9oy<^meT
zP~tGsw3_SlgEg}Eu+;QU5;WY9PsZ)O1a4`ofe!;>tw2BN4`28*tyh@Ze7qr#y45rI
zXlV!n51OtCcKZbTkOoX`aOH7RRz1!<&JQqVYEm%{%eBVX*`Qm^Y;UINl9*P}lhX&#
zw0!1}Y2J5?yRRI-a!PUHOYWqGr{ObU(fD#vH>8C{a!SXGxh31{+;5}sM&pPsQ<h}V
z&Gx=#xfS+rbs81mmha!(fJq6$-|4sWD2aNjYO)(vRzlb0^`X~^aUXidraD~kQb60u
z3BHL-FJyWH?!vhEQ>T;s`Qu6*yZzC1dQI3eg;H2*5C1*9adf#N@<n#&3E<Z7a-V6y
zn8kbw88wQUK93QBoC?_tz5U`HB}eD|d7O>Tp!Y*4&lxDQNS5h<p01E}&}S<w1FW!7
z6{ANm+V>{Aw#9FAO<tolcsWj+Q-TG-l+CD4x#kQ|8`MeR$>O<5D&(N2)my^tULm|<
zPk6sZla!DiT4en+FI0~lfTo_Rvh?Y+bZWH>)Orp8sU~{4`jsJhaZ|!4#8kcVEO>EK
z#O(01$nbb-=;VL=Jkh{C17l=?Ns2TROX_`QH_tqz@yufwOA(8%F)y8X3#xq{iRVK+
zYH_9AhV)M6jHZjO*6PoWIp#C#`x_*mQ}vnU!1H5BqYERn)mJKbB6q2Yazmv<8Jp{O
z`;+XcgHD*Q%Wd?Q$64e2c{Mz8>SItV<Zv{soL()^%MYVNNwsq+zD!NJTkBeT3;N+t
zj=>*T!UdM_Z?!H~rZGy_Olveo!Jh<X@m#k?>l@OiXIK$DiO^fe@a6S0)vYXA$sW3X
z^^NYm8{nDr+x3~Dm3Vc3UB6FQM=;IHFt#}*&6@QodBz0mz6eE*oh@Jw8++0j0Sk*q
z&5OFa*8LHtG0ZE=GjwZDe}t97vT0loS-D1OBo<t=es#k(SOUIlb2u*yHR<4n9&o`=
z7}E6<rgB9hrPpw*mBwOikMURon^D;Z*|!8P?qNGoX_t26#WlVfb`%M6M=q*6fJc+K
zC_FkEi85%$m=9`V5i98#%7lzyPB3GFl98^MNXRO0OG#-fH&JpROJpj`0u~T;AX8*<
z7S)$DsWr{bH5|Rb_SkxiFPa`KltT$S7~#$Ig&e96juRKV7~w*7*;M6PP2O8u9i`*)
z{Yj6W(5_dn)~-*?l|ug9bNNCk9}PF&mGb)3DR~`!NYlM+vtI?AS+bqIEG)5zSR;vi
zNX)|;f)y(?1P?=yPzO;Uw#$;=dP^($=J0#0Xf<1Jg*s8U^|V=K&z#(8wP}6?&HUq;
zCcIoRlXGwQ@#xvQS81}EC+Y60%<w0%cesuHkq9DZzNPyu3kR5i?bilH?gIGDDz!yP
zw=B|s0}qh&?G}ZqGsQ~{YJ5)P1qm(olxgmXX;l)kULBtIh~at9@VuwTt{R^Ac*Dc<
z9%-5n&wGaFJy_ryp7#vTdxqydZ1A%uW_aE+Jnu0DzWiUE_moA>(0O%ZZyZIhFBj9e
zn=}`l?lkkWAci%8yr}S;t#8bkd0h;VS=w?AW{D2W{(EE2P^>BBELS<FuM2Ge1`al3
zk(a?|(hpUqZd8Jn`ku8iGmb*jqE+2Qzkebpk!R%8ceOjl^+X<9PN~<66ZmR~*9IMr
zrKc^;OpYt2$DA2UQ&ZxK5tU^s)4XnYsv#I`;50Ma;TSc_;mB71pxtOF)2_3nzaV;E
z=-?P1c8-;b>W42h=ESQF5?bt4X%pSkQY4hWD~mYAF+>*FH6My}?`iX2Ft17+V+YZA
zUe4ecl*DZ5qSDte;<#RY*8OZ&ZUT0^;GcP=2*F3jx~$XckO6{KveIJj=Un&OJCt=l
z;We%MsoMM(^JZT6(_&TzTls@Sr+02W*ec*+)7*QI6+y)vH8ls{<=p&p(WaW(chD8e
z=S>1IC~eX5VbC^P@~u?L$Y6Yvw3*`02Bq({&7Qo?RU&!hw3RETjZ7AU(U>tYAz`9x
zLP2>(FqlzZFadIG&^ceySuu1v^;kF~Ms84Ae>KmYH*+FWS+&69ojSSBWltE4UPKZn
zl$S82uJK8Ufk1X?K?pQk^meb;Wm1o{8Eie;q$kXJXi&<-KR5J|NmE^V?OOakR*@Mr
zuk4}O@mR2YX~@sItg3QpX@GUvpb}!LgIU)NT8E>3mEj;Y_|Lw&627oVM7;}s=n^Ad
zNRL~>;N#R|J)@U*tIUA`)ge7FKq+9oxC?smG-po3)wqi@CwPfrZ*Qc)Q%cH4L<-yi
zIT?8M_eN9Xz`Jgbj2zI`)tquYWU`d$p|8!yC~{+sy1!7Sn3ekZqoQ<v&Z3^R>*$Cq
zjGD2l_I_LR01+S1*H5rE2>n)wuM~LwMAl-E6?L;`bHH`(-qm$+*rb5_Tl$V#YFDeH
zRWQ%}c+LNF(r6xKhd|>llO7%diDpe~&^H@A)MDI*!b3@)NfQr&#%(dWcyK!XvDz3h
zXp)yxWqVH?a*LZSAhTv00@a?rs%=ohl}M~|gHBc=pQ6(hK@L*&6`r1zUKllU*;C`E
zk3H_4QI_h2Spx3&t<x=lY_#gjRdRLNV$Ynw?s#V{;E?c`MtI+*C_JmS!k)8CXDF9d
zqw%oR)H)gRxTr+BP@l<`8K{p(wnS`wfG3D>aB1qWxl<jDZ1-$uo^y7+5|`6Bx2Z8F
zPR<LXFs4++#Z`?9I#4@cbp%O`90tyI*v`yDZSB4f)&WL<Xyjp|S<f4pSibg{+T--b
z<T`6UUdwz~dYUEBgMEP2ddce;OW=|#`283G24w@U>RT-R+W}h4ChHzv>(^~8%wBkL
zy(iWtHY(g~n+_pDTpTg0M}4xRt8Z_A;o>nG^8bWJvv$1H;=B>XzT2!GheV=TL$VDh
zV<s%KB_DMga1cJmYRI9`xjj}z4u#e}TC$hk`I27U`Wp(pF_JnInz!^Pu|uJIT>mm_
z(Rs~%oMrYhsapn))zBix2h#9EsX>9E0(z}iJ+|I3L;9Cv(MQYwqrQ>haqua`#O?%#
zilZ!_5JFD*kV6W82V}#-Js<3|u-eixoDM4j3DVSRIrimPQ`6>*NE9yTc<rN)lsLO%
zc5<S~%*2gzBSmn;jai~BSsU_l(le4qI<jm@ZsYThT!%9y%aIwMj633FCitaV#52|~
zzU>fg;n|qR_vp+;h#D`EZ8=ypg=*43gGE-{Yf?TvA#4LhS%~buwiyUy{Ww(G<QGo5
z_hT^H!c8W%GX&zIb&fIC%m!_mZ95p>jIXbZ8Rww%&4^JqgVSh_wa9vPO}*ry7Be&$
zrDhw<oF9zhiy!svs)G{!+dkbCGAZLeEX|1f(BjYrjQlVeOVtBKfgCioGkf~_j|j17
zt}(+w#&-7$N{7m^+dbcwaQyK=k=xRB#-1})<VIAY)NlQTZ|BHwh-!J#n3BsMS**iH
zQ5^R)NCdYQdheGXRmg}zR0zHH^ZSv8eO%l(G`<b{xb!a?hJ9QZZ<fGUulb5Y@YfIf
zxQ2aPJoUx5r^7xjj8?D1>DljBF2g=9-U5Oh$^CvOG|&ua*vA#^`5E?c$>nJ2I~?|L
zA+~wg$K{@edHS%AOD<O7%TDvxM%peI!#*xO5(V)lD&jIa@vV2aj5pDD8ZmueU>=8z
zFUfh|6Z3v4b>=VBId9%TC49#CWc@wkll5VLm)!XSmeH`ktM{v`VSkr4lE=hU{x|h^
zX}*xFEK{Y=P1~zrK(CuHE#jFSgadit!hh-O7#!FWr@r0SC8+yq{`=A=s9jyISmhd&
zjC6=ut9c;CnQO83_0<ZxMqRA9uzsoS(<IlZV#@hOKkGRItuJD|1ACHutn$7ek|sU$
zu1>hDFSA~kJBFO^-6#Zh2KL}mzC|x%Pc{8FdQ(U3!KM0QfAhKa?NTV9d`B#nbZPsg
zfS@9LMOev{*-Uv+qk7z<y=q~7Y2jCUv&#8`QtTpCm=_8<uP8L-c|8O4i;#Mg9RFmk
z@ns^uNX+0GgiLvVZ+WJoRiCN2=%Tso$SWd55A~F7F3+6rzwG9Liw57*LHx7$?sLA@
zR{ihA(G#U)j#la$aoMvGo4(E0wgJBOb+ZH7twA`U5$S2(@Jeojl*O-PX;2TXh>Zra
zO0Tp}LaPj?jor>8%k&0>3^AvtQDf~d9yQnU0(+yD>UjlwrOwpzD(<)Hc?<Hl>G?SL
zZ(q^#R@@Kkc^f4P-bF)L5+p9Ria5_a=C5}-uVD98UJc>Aiu=rU&RdY*py%VTi|XBa
z-irGl>v<bxh<NO!x&eEjF2~-fyeDcqQR9ZT<qOuVMXm{tHsMwaLNDgYO;V|8!>0BY
z&%6yC{InGtscym+s>`u;DmAsP-n4!>X9oGzrOI4{GB;vF*m7Vr2-^s<R^q+~+oEj%
zHJ!)><%Y2}U~@TgrMN~w;-c1#fpQO%zj5u#R!_r*_D)Z*th}bQysR{c=e>ko8&#ca
zWp$ddckFajbuADWh^V=Fddu2QE(t9lH;yBUbO2?4e`ld~IJ*1)>s@k%N)OO>x}Bb(
zz4Q_7pxyLUeBt{L9TFD0i{63MeqF=~D<tY0w3B{<y>M-GKOLpN(x=#I{viDTTa^Ed
zj>+A2?*TtwLDRj6T?&6ruhMJuI{hB|@4i7@^b2|z;`0~!8vT;a(3_CHKhVF^o!FIk
zEq0A+gIKlG0W|m*u{SU8%)1Hg!aMVRjJ<hp#O}N|VQ1c(=_GvzyYp_PTj?wGNBR>z
ziGArGp%3V{^b~zazr!AkZ_(TIDE*KgrzhwXouJ3)r?ib;pgZV$=)KR<kI@Hqi3BVD
zE02yf<+e@jYs<=}l<DVs?L0N8pDXlpjb-|#jT`tP7%Z=m!l3Z~rhz@~(f@FrjO0SU
z<}b7b@&BD+!5x+$e#%LMiJ0dENU3j_-ApO#mv^?qZs9jc?v~%1>wUir`yrd(&+d7j
zOErEWv0T@>u^m(yI4wH<c!+6GzUhXfZvl5c5N_<rzf2sAy%rycFb+V)W6moc#e+JA
zBHdII`H&_c)gn^sN?b2SehJdmxc)ZMkCC27I*pWqT}0oZdZcYgw;^pux*cf;(oUp<
zNDm+#LV6JCFwzku#<d=}x`C@3xH^DqJ#cjcS2u8V09OZabpTffaCPXoN|0lGb8zkt
zXMgzYpt75^Uv}%i>;|>nptc*-c7xh(P}>b^yFqO?sO<)|-JrG`)OKTBC;$gakm`}<
zAZ<gs4QV^l?MOS2b|M`_dI0GV(t}8ck&Ym730)|m6D4$^gie&ug%Y|@LKjNtLJ3_c
zp$jE+p@c4!(1jAZP(l|<=)x}D=9V$HO8lVhX6b_+`#E3@dn{CK1yn8X&0UMVxMyPL
y?FHCvoA=tj8olZ^sX2Dgx1k3fphNT^`rnV~dGs?~=HEQD?_CyU<B$J8n*RcY8EKdR

literal 0
HcmV?d00001

diff --git a/www/request_account/fonts/font_04.ttf b/www/request_account/fonts/font_04.ttf
new file mode 100644
index 0000000000000000000000000000000000000000..c9bf25d28bbf173bb344a7d47a280939c179d744
GIT binary patch
literal 40376
zcmd?SdAwxTRo}bMsj4&2b?Tg|Q}b}^&O_g^=Wa=@u_a5^fYg>{TUe4U+wzRCY%m54
z1jWp;A<PL7215{2klhYA1PC!h1R*5xb8J5bn<*gy6B~oo@4HS_wIqMu=aYZlfA8L^
zUAxY_*Is)KzqR%*r75NA6jilz;~lr(^`C#{(~m3leO0#p@QrufbFFGAkMBRm_vqHU
z@4D&YU%i8B<u@qac>7)3yI=a$7hbEB_B7vL@g)~-yYKaX{`fa>vExeBKKaVW9(?21
zz3v~MQ7YZxoS%5*<8K{kVeJb_wSJZ3i$~u0s>h5=-+QD~{xPocmRG&*iANs#3;%uW
z|D;myc=f9vdhBhV{n$M>DdjZf{pyDwd?<haCw`A(Pjmj^tJz?DP2~>0zm@NkS3maF
zw|(dx?nR|^j@O=g?Za<={gsCljeFmO{jYf48(#U~AN|3vey>vR<(lfFk3IOdH|lTK
zPjc*c@qO_62OoPlI`hY`;rMs+{O@?<8{YEPAN{3gep4w<QCjtlZ+`fVe|YaF0-le1
zsyEA(<^9+HclSqM9-jVN)vEj{ThvE?_;;-N=ZaES-d8!OO!;mrUAFSaIhCa=->uq}
zYm}?3%0YRh*}hr%x^m0w)UT^bxk2s(31}H~D(e;PSF~?cHC5F=q(8})_sl-E|E6};
z=gTAJ#k;r})y2Kl9hdIBOPyD0@RR!Q@(c%+CG`mV%R6YF(LY3epmc4WPyXbyeE+P9
zv=6DCenNG0Q?)cxHT6vu@x7saok}X9>gw-NZ9QZA%Q<eD`WvY?IrgI}(Z7TJz8cWt
zSo<vXujPGKW!fLBp7#4H(cY_a?Q^QHy;K$2?{Ur_^ZqlHslQYm?fr1*kE%j_O7)=R
zSZ{OB-&X}aH`M++$6w(Zzr-=Wpz69y{hL)mle^lFt5o|i`+r3R+Hdpyglcl_w)UIK
z)&2wD|D0?83j4p4ZSUure>A(F`cBo?4XE%L+Im?n>F-t}+TPczYDqg)w!5eOB+vR|
zYFT?qP3VV0`=nZB+erI<HP*gYZE81j?RTgF?OIlUrPdVtb%$$yObzuu_xcpi_AJM|
zR}J)#XZ}kylw&x@<GO2{-{Lw$E#f}&w>($*Y;Wf|KdF|XLtB3}ZT1<ZO1(~-{T*qi
zG;NRit-O!s8|7n9yY+&0>H;-+%by&vD9fs*P3NCiKNiPc-Jr?!g*8;U3Hk6j>x#0J
zdF2W`Zc#eQzVa-bEv2U%N?*B@f$}Ir<x@sw8LNPLqC(2LiYQYRU-^P+lx3z8>ba^@
zHdRX5QVq(YEZZuh-cdPaS2Zbns&(ZbppldVRZtF9n{uQ&lw;MUoRsB~>QSGnKIO6+
zP_C%qmA_Z3YDBqKmg{OveM3zsH`Nm5mYPy-m*tLHrhZJVQ0}VLE1y?;YK?NgEDzK=
z^+UBmd89TekE<=p6J>c)ZBsv`cCP%LI<1aTo>9A$XUp=O+M|A6?NeT(4k)ixhm_Zq
z<pp&_{d#r$%IDM#>ICJD>Lle&WqGqYMg10an)0GLLwTz@OL<#azDS*;e!Dt<<+JJz
zbq(c<)wPs&s_Q84D$Bdo1?u;x>nXoP-9UM-x{>m}vb>~jy7Ir(OVrJj_p4hdU#c!r
zK2Vk~Q@2uoxw?(=73xKl531WKzqBl0sqVP)x9TDFV#<fros^HLyC`2(makTKQ-4(5
zL-`u@C6upK_fo!&@-yl&bsy#H)g{U|sFzT_QQc4Zrm}pqdMWj{s0S$Ds$NF<W$NXW
zk5m4Q`f~LO%D1TpDW6bZO8Iv6O3HVrhbX_IEWc7cO#Pke5z4PpucCaHdi9mRR$pC~
zU!xwS{<Z2gl<!urrTjYeI?Asv%WqJRQU6Ek^_1VJ-az@JdgGP<rT%eQzDK=@`ZuXJ
zQ+~603+1<{w^Dv<S$>=PGV0&19;f^c_2rcRM7{0G|5WcS%lD}#sDGz=JLPw&cToOQ
z^%a!gU6$XYzLNU)s&`U;pZcmRf2F=(y^Hb(%JK)*S5yCI>T4+fx%yhlA5!n8{9*NV
zls{6I|3ZB|^&eH=aOHofA5;H`^2gOTQvO6)zF$2_{U_Bwru-@O9?E~IzKQau%knAp
z&D4KJean^qu6|a1E9K9rZ=?MAvit@0?bQF3`VPupRR4tXY4u*p50vEx)%&PlR^NH$
zFV%<CcTxUp^-n2(sVsk4eK++FtM8%wH|l#Se?@&C<-aY<Usc~v{nykFT=@&M;}25)
zJN3^ff1@n_z53_WKcaq!@;B8FQ~s9v5z60I|AO*&DF0mj2lb<r&!``x{9X0ql)tBb
zg7QC><?pNaQ~yuuCn^6x{S@VYR{xUnzfk^}`mgGzDL<;7qWr(q&rp6${Ve5wE6b0o
zpQHW>_4AaURKGy^f2)5*`G=H$s{Tm*BIO^erz!tLeSq>)>VuS@F3Uevm#P1m`Vi%x
ztA9=T7wVTNp~{s{tN*Tkneu<A4^#e?`ZtvSQ~e6%|5E>!@~_MCZ`7|+|BU)I%D+{=
zPWivpzq|4&_1Uugocaywf2aOE<>%E$DF0slCgner<rma%QGZtbHsuxdJ6HY$`JVHB
zqit1GrBbcdYI?0!HH})$Fltq!X4Uv$bER6Vvb$o|sIY}&*esi5ceSc(HQg{cZuV7n
zRjRtq)ym`b3Ww^tu4x8`)i81F+5HToVj5M;<aXTCl>6~1*D>T;6`Kd)I~TEdHa5v0
zU**!AXjBZjyWEsVVWS)%jgaq^N=4TV4&#2VBlnY5$^C58Fio~whHXe&t30{fuU2u4
z*^}^0a$`B8ykJE)D)N*SzRC?KxCI+I9y00D%JP1u&V`looT}ovYNlB+&6;f)rezw2
zWjKa>$~im<w{#31fNL5xn|HZc?qHPnvubA5lzYu@TB*p>%M<ck^ZQvm7WeaAxgQrZ
z<uM)0v@EvUrd!?@!g3pSS6o^ycjOqJKsL=UsGAjeO1i$h!K~30o}NQZ?gxcvv95DJ
z%Ty}#<$k7VTUE<8T*tC)+cF)?w;US+@Z^?UtLj;%P1UpvPe=|u_`*%Ax>a=?)1nLb
zo8Por;c6UenU#`8azCfSg>g#!ni6VqKU?l+%fB_d9}N}yT0BnGx3Auh+m-j@hNdO=
zbLD<K9f!*<S`Sm%7WcEN(#o=ZPStj}UmTS8qc!rFfonUCYg?Wj*tC^48J5kno7F%b
zf|lE+FC?$=W;ge%*j3N9?DBrn=CaXMoBQ#EazE|}e^p!_%f>Z}3<ZB!u2XYeGxQwK
z^&H!CA}SETF`+LPuZ0c|z!NxDC?q#{v)i((6{qHVmSec`0BjM8)T&MuI!Pmhs^$H>
zDi>C&k;wgQ+w%<9v!cNDJ>PYFH*o{c;U1>rI5ln=yN*Z8ZP$vpkt3TOsnjZNEezP;
z$^B)MNn>kn&E;qsA+4liD;2-Sg_UZirZP>(4SXXA>?HC-{@ut=y)f{&hvo7lj$_n)
z9)JzLlQ^#HTD<w@cyN*thdin;PrxHWb;hbsqdmv>YSK!GT&;#RF052Lvy^3dT-^*q
zH%)>li~~OovLKFp?qU1BZ@8|}kmulzf!p8-xV-22klr_{fmx3|-wyc(aa=gSHH^UE
zXlaDBvb<kxL@}OXw`nVzi^ic9#%@**lPHOTde{u>aS(W+69j=l6SF9YgV6UwFY|Z=
zJMjI0dj@7TG}F2t*pWN{4+Pac(+tfh2&EBpnn$NrtBDyUA+B57Q4SYPA}db3RwJ$_
zX&k0;J8C3h=tpiCMy4N_t(Yf?f*|%=JVEG$VGsp=5L&g^${IoBBy9FW9)m_(W^Be$
z<j0W-L3}#3R!dDTtkiIJzp$Rz^}1hVNt!g0D2v;1qaKBR?1oWf1%cI0XmA{s_X|V0
zU&QVplKbV2FrM9y2jcp2KP!o1xt~zAykBE>zoovbTsMjubti2Eoo1S)d73oq{d%*J
z#9`f!lf>ed-860_^*E}BohXW9FOFk&M~Q9J?V=eaUL)cGk|+$lAhfNzl_vEtO{^fI
zPvAErw;Fj}skO1Md_So-GdFKW!**8WMV@xDaiiT#xks3$4JS$LVV*YAMm@>mL6Sg;
zw9dCUNgX3|y6t-A=Sh;pX%fdl6gzfi=V>F(8g`TfF}!RTZ96M6rM9Ml3W78(nqI3&
zCcRdt=(e(6bDH;xEUV{HBg@@--I=y{l4c`qCgZfxXav0TMm^13v*`|cX)`F&G)=O!
zUJv8C>olEKme-rP6Q|I~_f50w6dh2K-L+7KVU~5;ez#L!8Mb?!e!Dp=)>?yZGf!J_
z-fDVT!&`0V-4;(!q|-*8=MnD~O=x;n;f)7b5p^1kEN$`_Q9bqC!fQ8+v}n2YM%18F
zEo<O*`URlPW~8DhZ}z)Euisc3cZa=Ew-|Re+v9%G%G&i-QTTc8Z**II9<bSItme&T
zD{i$~MKj9_-|G0&akCTmcmha}!Eu@Ib-ZrTp%Gr1CmH-@StGAI>?n0|CsuLXDu%sq
zILtSv{qbPZZ%=zW-KAlNHl^)OCup^T?S6aM?G>$FzR44`lXkn^DVnWLVE2O6rJ|P%
zc!IpsYBuXx9{4?f(COv<uAjB)O*qN6m;Aw`r_^=FQ<bLO-gKNSO^f}F$?DSDWUw(l
zK3bm+`t4EP9}J^TCp?(+r-M<iJ8tiFdQhU@?+<(J?jUl;(e`?8+*s;%y6r)?)5%)x
zC>#fq;ix?xhAmnNCppeqI9VMlb@6PbvTQh9UryK7yQhw=Y^`mtOpYy|o$jnp#=U7V
zo-D<KL40~;yuLIY4wri;2gA`gACE>$qyAu$xXa1@&TzT8HW&<glR>}V>hzL$IbNMi
zdn-$EXVB`yNv^vSuWT)25zf#g;1&H>XP6NlctvX3$CUw^B7Yy7?<v2Og?1Hxx{5<R
zxAO%xK^Ej5*Wfi?r!L^>-l)#0oAD}dQZK?sy+z%P=ee&A@UD;Ws!ynsc+#iwpdV1L
z#-F`Sy$tX5T0F_u;6c6$T(hPOWr9!G;1Vu)gbxl8f<MII4t4N`253qSzR<!mekmU7
z4S3FH!5G@KtP7^l2TK@&A&kKemcR^_!3tKv2-d*{Ho*k8)ebnoF8===c+9U5Z0-M(
zzn9>1|DXOY{htna-hTS*1%I!^7k?NZ{MM^m?}b{Q;@gN8SIZvrY268W;U%=|?fAz(
zgy;C5)n^Athrv&R^vEBm9uzo9Pu&mo-hsC{JEl44l*edz@q#a_E5FS919HlhpTF{s
zEBAczwol&piTBTWg|WjmRQWV_bH5k<{h#>Z|Gn>@-=B-V5vu<Gqm{VaYUAS5%D&^i
zpV72$zVx(q<?EhS7rGx{BvfAhvdyQJwlNr7|LBFMv{&#&-(bVqkXmJ9aKlrTr5o<N
zZ+vO+<lxDhA9`|d!{F5qKJ-*|sr+Qe!%tq?9z3P)y6;iSyYCx5b^cQOYW3kumrin>
zs$7RtIQ+>=T;VnIEAUxv+WrCu)iy2;o~lgmxbMaHJ@u{&?WfLPxYQmF2iHIK;XCeo
z>cbb>!%LSq%DDQZJn>gP+MGYL$uk>k?6+oDx$C~C&bOaZm!5o5u6fse<Ka{9dh*Hk
zleA<0{b}{#FWR7~FWzu|z5z;b4JdK_)7rc4;9`7?hi%y~9*&1R=cNnW+upc%*L~OX
zq{B;_Li2U?L3mnM`nvW(1X)@6Whz5tNfW7qm94DxUxo|89G|yE{W7O5f6+lYLhy)7
z_7PQb8rKH%SLQl5no)wyDag`Y>iz0H)Z1YCO23o$f8m>;w9%DkwC~cN0Ta7X9`E}5
zo>q@+w?DwhubsU#-|(nxcvLoAX0+=vM!3U;=xKH1GrYH-R`*fAllq<8JI9XBYUi}G
z8Xqrs9m==8!z|}N#g7RzUgOccVy3eDFz;#Q_T?>Yc{F8jBhd16?<Bjjqg~FNohD~a
z#TnvYV@p4yjiXAf0!X0iIDfow;dxnRu#~Pftnqb2jAz$R4Bu?5HO!g@0HEobjpwn|
z_3<A9x9MZc0}tRV8yY@-wLVRq#6ICwBG<qj=tuE5PC~2hBuo9ecD8$>dyZ?xgDC1p
zK{udMpTtwov~?rI%L$h;rFjUvaI1f&Z$*})b4zOwj0PQi$r2r}Rr2lJ)T)|Rtz;+t
zx>+?i0Z;_L%&OGvY?QX>qu!OzYCod?yn3bj#>*%+5!KQG3ZhpadW8;<x=H<z&pkf(
z*e3N`soy%U-%kDZ`LVBf2869nU#^yys&i<@ZuxBS+2XKO>Qm~|vi<?Ip7xoi)p52Q
zr<d#d)8&K1{aF|1+2PUQ?%r-jH_?UC#dOW`)Zk@~OhdNu>MZ(_LwkBdxL{-~kLcq?
zx9U^r`7Q0>aC$JJ4>e8K&9!dakMWe_L7c9nxUe~>j)l>@ohOsnshTBX1VL+tTZ>0=
z(8+^sJe#GuCsft}2u!Ej>pDRwkdvl8EnU`F%jlGD*A!0Rucm8&H61UEJpc^Z1PlaE
z(8&NHRlVwE{p6tOXr}J=&-TM!=+^Bp)NLmi)Z<Aqy$u6MBbM+-`ilNL^p&blp~`#=
z2xmhS;n?M={4e-kIJg`Wc{V@vU>~ZCM?#5mOk_EXFK2gUY|OZRMy2KHVNYwMao6ic
z%l97JSjm^74MTIR9{z5lXl-WG17CO$M#POvY^UCin^@gIOR+`U(tfqF)Rd-VZh$#n
zwVdoIA5Lyv-oCz-W(+57viIQj<|OX=y*1Y|s#&~s9{)&y0bkbxw|-&`j3yo@-Qz_U
zdpLHjEXWVKE)1?$>AHL@0A59}cy1%Nmu{ZialVsgwIDvbHoS4_;?!tFWd20^tp4NJ
zWS@Roy%u)6i}!0`zei!VN2x3M<okl#AB{eM5m1303-%No@e=lSsdwk~0rkPWKBhk2
zzNUg^yGv;gaCr`1W#cLb+{L9Xs4AB_%a*fj5xI5^^=sz!8>rtfuir%drt++()g9FD
znAh*2eh+ndjF(Y=8FhK!hp0a^uRlUvuKl`?AtUz>r3?3`2Mi<F<gAPt`dGR-ZKPR)
zp)`}9R~bl-=}G^WqXl=Wk(LZ)2%{XpEBms?=xXUqEOOn0>ERh|6ZY0?aINOX*<rB^
z>PU~sIM6k}<=b^9(A;jL<^d$RZTww!1`W4@kgOWcayAB@;(Q}T9_kfqz1!Zh5m>)9
zx^C1t-a+gl3A2?btET<Ed_5};+sRTLh!bqr1Mk(V{^_@#2s!~!m}wYAP>&8CJ(Tfs
zaT-UB*3_z|k(>LiotCA$b+_i<X(x7PsOf`tm=3NPl)-WhO}M8%r+*!`^!1l9(JL6=
z)ph#R;EVKW0A+0`Y(s6SyVPCkUFtdYd|sb14DzcaV@WcRKSDD)WQyQ9I@~{aq3)XX
z%;y+MrdO+oz(6$R!P3&mbA`6LYt>wVRDomTX(P@pu-&nfI?$*%EUFG98aG3)n$_!R
z>sSi_ar3^7{^_3Iat#lRqgKsBPolJ<kN-vwiP_(#e)?(kA|Cq0jB`)WO0kZG=@-M`
zMYOF!+Zr5J=d;dd1Ad;u&n0Q5C23A@*de<Q<!aPVQ$IbgpQC<mUSBZ1=#q<UzsPo}
z-~O?MW#Eb-;6BeX2xLPb8+MLq#zH%n42S?LSr8F;C<<Z0xM?Zv4)=B!48DJK$bpAP
ze2V&*j{`k~K`XZFFZXtDL0WCTc(Rq7_JtrFj_MVyVzS!>lJ$pnY^Q*N;N7AxL}uwV
zyBY7`cY8>`s`jn*rDS|zuyRvx*MjNu_V{?@zwJvAf0++_;nJ_ss2;R~Hs>edFi9qL
zda1e7WPGqabSj=7rR#a`G#x-6HLiS8AM5`Cn@JsIhL|(LL1laAg1KZR3i*_FKG!bc
zB|xdY-NnF`z2*MJ&=wIt<G6X5rE+<wIlo|6`*=+PC-zFKzhP5F(#mj_w$c{iPF-K^
zdAZvU_+BCGQ7!lBgR|YB8zT5Y*a|nZtvp&1hOBWEhEHp^l}%$T55uYZVc2T|r;cu3
zHb2rn)k8@%d%8YM9k<;cUl^xrDQ1mcZ60f(m;GR{Au*s}B0BX%w|&&MMTurRh1YcH
zJ{pC>>2{h)FG!XWo{3xP(AVw8HP>)++Njsu7*ngc6lk@v&^ZA!c$5BL@#9T6a93<g
z<mOd6h;}UrJ7*feKCvtp^oERM2saY@P!b+2xusdHXtm@p?)kaRaD`=rSXJG#0;_Z2
z`lE4HFOC)YN+<e<_CfpjaZCjyAFbc5>6nPaPXG83ZO^xxG~X4n*NXo1B;8=>*?6Pz
z6+CxW`TFOu0lrOr{Au;=j3QAD-_A(-7Dm;#$f)8|@%b%mTMTBY8*De`+ZV#@TNu#q
zX4sbl`rYM#7E3LgiG_R04fk-&b){%H&#v=a;U2CwGsr&(IC77=E>2E7t=`Sn$2sD0
zj*$A>slR<*{|f3~F|WUq`a9?KucrRh)aCi!L;XF}ucQ7QsIj_qN6E<a#B=7~T#=O{
z{CR9X8waAp8t5pI2Yfcf`r+H6S5ai;DX7M|#E`*NzRJ-=v8~}6?37pG)R__#StBa7
zFUA}lTB}%bp8#EoB@$TulU-B`b~fet`;pS7Q>*a`;8lkRRmC!zAsSC3xYO?xr$g*;
z2_vEB5bFjP#OiEJW5Z@F=~g|c_k&KuuG@xKj=}@*x))8B`V%S~u6<eWM7Ocph$pch
zw%L+IUen)u^+7UDbR8S@(R)z>Mqt^IW%;$F(f8ZLMc}lXZfCDw_%L60&vohrBO)5a
z*?PW<dd=n9Iy$?1df?`6#nc0<QjNmVay*P}c2=^r#`gVNonqp7t@aK=ZU2!{X0?^6
zzmxo}C)DUNO0$CTFFu4pPtG{)gCs%Jl>wj7uR_*R2&JV=NBC@udR)8?N?E=80x4CR
zF0y4N(8^IrA)BxEpolhrdFjuq*P2(RqvaIi<)h;L2t_Gst4r(c2&){oj6aFq23GEG
zMNwVcCq1y!)f9qih(d=AL`F@k5t?zhx;i4zgIsBiy-G!{pjo!JngtEZZ+TX1N4*ed
zk-O;H>x+|Jr|vN54c{1S=#}NXcwl(#09PYjP9gp3C<}?v3=mqCAb07Q;-KJEE2$wL
zw*XY97bk>KT)W$9BVU94$4&(OaR1P6`d-8Kv5C7;Yqv;7aj{?EOO&l^;CnUIzV-$E
z-+~j~jJE*YO45~|FCgu#4}^H4W6Dlg+TYTpHZ5se5d|w}pVeCW!ErYyTod*~f|D@7
z=vbQO#A2anwP<hMw6fPd0H|*C2<>U_M0ZrJR#N14WJg6(s}YQ8d%3eb(Qf#Xe|jBa
z(!mZC9|;v<F1Op~hEboG$l*iVFFG0^!oknmr-$k4O9@d0UcMd|1>{T)&zvh(in?9%
z?BQLs6(3f=PX9dk>FbnQl7=+0Mky%p1826^RhHP+rWmwy$s#lnYLx9;2>hA&sH9n6
zOMCi^SPSaSNHm8B@=QDAc^!r*?%W_854%n%Ve+aa3Wy;C8%T%L%tk!!0SFL=jqUZ_
z$ql0iX+~@HLi^;`YMQMP=tgANshciE{e-x!Il!t-my$;0q6ePUswQDs(19f1$X5wP
z7;(^OcaFM)^Mh<Xdqvfx_wlp5rWfUg+r&CHabs)912<TH)$aWpH?78XZO@La2P7&f
zcm^2@)hK9>J12U5jA?YVVMKNw2m%02+gCnCv;Kk%tv9Qamodz$I5;w@T}HKqthS!-
z^~lDzmZlsM{1)D~@xBA4s+IJG#P}T|ip3!nf>X#qz3Qrhv|!E91q)d{T|WH+j3?hc
z+&io79q!gk?`FZCr5rD%NhW90Pulf2PQ|gnFV$>6-!L@`DV@eHkWC?;Iiy0m+Kn`*
zz@T{Fww>BdqBeX3$QkG1AWf#3IOYVz?N?Sjs~MSuxobq6yNMr46uPLl`gt^pTu=Wq
z{nYS=X};BTQg`)^>4iOup${9x?h=<PjQ}4n2NrkJph~3JCJVzc<L%<y4FExdGu_E`
zy<|uT7;d4ne`0O5*d#tj4hYZLTPhAZd%ML-oH?f7n|4mj`lqQj^gH$cN#p>YpF8hq
zUqoUFb0Jk1LwEs!fPcs~Nc2T62xA}<%FS4v5+eySvD{WN{{C$A&|&nUey7&Tme08M
ziJDy{xuTOVjR*?ey=Drcg2_Y3xHlSte37JqSb(+2bznfS*AMd!M)BbM@S4Xqq87vE
z*&ozuRn5k&0|F~1kgl3|lRMS})T3@quj%d<B--qe`x31z4=k@?SW7o888-5=KCQR5
z8(~!OLeEc@QY6XnnqlvBFF%%JLZwR~8jUDDU9hv8tTw%TYjAb|pu>nXO?T2E^(Dyc
zwrA<p*ov^NT37yFxAe~ti|Jq!ZotCZyi43ti8DfKwm2g-VZLS5RLRQ1%|fNKFH}1a
zTWHE_ujF^ZXN<B-1bm#C9ng4A^Kv|t!$Vu!yQ|yQb4Ih})Ig@vZq%`{7tDSh^ulZ-
zEmr(MtM<FY`wlTVrZ@DvG34$AVLI{s9DB3a3~J=71Vq4xaXPK<_4B-1J17P#HGOqs
zb-(aHGi%^1iIrC?erOR&?c1gUy9M!jx7*vjcX{)eO^+e@yT^~32y-)y6TJ3D(@N~f
zB_#$S6}!D-<6GBnSkFS@@uf{Y)jq8MC~>G8FB6!l0PBgwIE!#tSfx@wh4eVJ4Mx~R
z&McRQG}*lHHkYZdambn=fe`T!sCGO;I+TV1Lf{BdaJUP9ie@SeJP{=$NZE)><F7RM
z4yOCq=I_%G1TOkEaC!!iTh#;`00h8~Kq`1<LkH6G8}%gs2n;);x!2#cL~3gv>7D92
zS}o|AR*0YwTYlyV*|`%KHi(|?wGTVb{v29=Thk^zGqiAbFq#EE(BGv0JMuz5j97$)
z?&tkhnzf*U*yRely1%f!`=zPfVRJ_gXV-0|$-Qu!Z{y?(?7hHVsV}f`so%o(Qsh!!
z;70dTznAUzmREaPJwW||dHv<oUp}utNc}<T;)=hC`kScBHNQ+``J*!^78ZUEa~FP{
z`J@N~@bj_<W_<p|B}V&#yJtrE%#|(0J_F&5wvVA*ZWD1MpyW(s?e|4~N+MkaksWV#
znoD9Jh)$JFrWxD585l{|4=^ASl4NwG3?n^VU2l+R#~+1sA!l{7y}WCej#w~ggp+K#
zoUf<bxf@h#+KtE@Jn=nzE;n<ExK>*&yq1SXb#rgy-p$FV$UVt}i>GO}nddus`$P{|
zn7dDKMs1u^xQVmDV(OFnw3+A;gRt<=iHzx=DAJ)v`cP-D*l%}BxvdegOu!@mRHBV|
zIHI#klFliW?j1fSoaZtbf_>3zCXVN2NwmYg5jH_@JxA}iQBYM2l&y+QkxX(Yb4kC;
z$@M^pRMKf23{sN7jKGOT>0s&+kMLS}GNxV8N)G=QZelmJ%9Npg{jK?CzIo3E1Pr^;
znI}%S_lv+I38$8M_y{+?=cePYKf()lBGSBS)@qleo}CAFCO0i@9m6!zL|17<o{Y+Y
z{$YGpaBJA46o?ehf9>WA(54ici$k(}E=7gAN`k;~UqlZ1Ds}*3`S~y0zZV>ccr9tQ
zIHvSEru%ihA56x5lFMX_1M$#zAqWtE_;i_T#}0%rNP!_Q&TYr^tY)<W>~6t2;_O7;
zLbDUj2{Ip%0$4}Np%FXeOLe*}(`(u_-vFhM>xt(`=36xYkF4s^&gjs!puaD{9GF({
zB~3rG+V-7ViYMZNr%&rx{q#U7d;l`j^)%{5u3g~?hRe4u3A?Y|u{ybaM93l!8kHpN
z_FLInHoj?s7Q}T!w?=3OQs%1lq<3nNj1o*B;ZVjB5ePf6hS!Zv&)lr&lWw|}O>dhr
zFmO;#&>o9aGU>zal}~H`O@Eqv_$5Tc7wN?LhS!ObeBE40j;?mb_AKr;>n04n1Ngq|
z<axR1kmYF!j-pl<YO%L40U0LG^}CTi$2nO*uv2^YR?8&OFLNPs+YhX$%NQUV(Mcmj
zxanKza>g!;5$@IC+qi+DF)Sq96DNJ2PN|XUND7)$b3!*UeU~)fxEC5#`nW!f%WTzb
z)Tp&q+@=QrMQ<G1oj^><$RJ{*yCmWy;s6fLbs?==_q^Q8HnPzT6Z*awgIHJGJl}0Y
zSyyxIlsrY#$4Ybvg)mHsJq1>VasT2qPK=iNjgsb{(_e`m`5Lu3)2CN)>77zv>>#Pv
zk=pA>ZK=<Ka~R!FcmGi0Tt;}6_A}{<{WrI(E2Z24(-JYh7>O_F7a4Ig0Z-R0tjJOp
zm6nRgYfSd}xtWNv#URyw2m-;&Nb$ycnjY(R&kgHg5MoCVjfC-%_N397Ah)s509<if
zwHhG4Z-(6vE5`~=%*5{AF!J>(IEa{!L@&waY6gB|`w%zjbi-_OJU$gDh3VUF=(;ro
zeNFo+u>~<XWh~i%{Qdnj#a2m^<pv%TafNg#jr$F<sn>f*d%ZHec38rO6)+Doaq^7}
zbj3|w#QUmk^qQUZZFB&F5J!9YMbmtP<jtW;aBg}-#|PlSO!G_}*q~ky2Jvu|0*#Z|
z!)Vg~fLx*j887sZgi=KZzhe6`*+M!QD`FhIn0|W^eJF6e)bFN#x1f>F7gh^Xa^5{q
zn!z=mjT<`Q;JI#?he`G4L|+JY4txeEEQYAaReEo<t{r>`(-8Zz=2V<IS?3ao24L-<
z8MIFhKs%sptvJ>KTB<n>Ee+FrD{mcZBCL{e+@Rquf$rUVRzNXsqJQFk)L3sIv0{Qe
zc>uxQR26kXKh&ydg~l=-ufy2edHK%z-OHpWi;AY3zz(W*-gK-=1r)V}xX6U=jF%G}
z*b{F*&pqED&I3$PA)&9$Y2u&u)cx8oX`d(iij1Ao|CyT?(2f66A<P1ukm@R1&nZyy
z=~XdfriOs#^Mm$x5B8TA7J8s*za)Ib?W@LCy6SnPZJRzE-IzvMx5Pc_^>}*_F0ZYG
zgdz>e@{hN1_+ay@_8HEjiAJR{h~*k$)dwWHYu6x{`GS|f<r-0#MkJpHNlM=8ddJQD
z$%TG*2l!5R91-wbR}W0!0UZ2f`Y=Wgqrs|lPj?w(70n6_(y-%+&?UL@d)fz>J9ts%
zRxTL}`$|;gbgmAKQWTUZ2rZqv({qw61OfhfIiMFN9PWDB(-v|Y2HfA8TP5(5_5mP}
zVVduC8Mw$X=ul1K&9$LuQ|dCjA)?MRWJz{BaZBn5weY<M%g09yTq`gP{nHxR(=IV9
z+&#cL+a&mh7pZGsKn{1;<9a6Un;3(E6_ZEWYc7*Kaps9L-ID^ZV2Gsajdb7z;26CK
zZHb3YFH|dmz72aP!#EmN0*|iIFo5h@qabD6(#$L&p}vBq)5yoWU3&-fOV5>Y0VO7I
zNdqxDM5E1#n9uN~g~&T3b9pWqh0-N{R#Non@Z-CiNgKq_EJAsNG%1*5q17T=4{Hud
z?2bnkEKM>K*A0SkeRTTRl8cE&f_%{5(KmYTAZ_N6!~72d?L<>?W~#|JA~qx0_%?Y6
zjSzYSZ7(6hS~1+tMtg8>#Bkl7oJV)-xEV*<C(t7|k$3l8=76|RbDo!e70DnBG7Ira
zD?~ALX00lf`IKynv4JO6(qVsw;x4WrX6xZq4jbxOTr71?4X}%xN)65GTVCiBqJeFZ
z=osh-20=;TjY<-xM-4ZTIV-x>I#w(-(~hBkCml@!Hv&QoD&ZeAe8)y-)U>_+LB3Rw
zYyf}x&FwrWaAPgaN&U_UrJM{R<WbxYs^;jL0oZFgjOs}Cfa6I-AHu0_vWDbKD<Z(%
zy5snwzL~F5q%dD;^XOz^zFxbipCc{i#u?p8jkq8bVif#JVhplncg_l8rXYL)TT1bK
zB(g}T3a!i0)2$4~_4VTTCax-xT%*=FYGpppMe9Xix+D&n!2p@z_Wi+d;1?6-cYI7E
z-5=pY?oTXusdnShy-R7Y77XE-JSRcuFp`;15m7I)g1C%l_>7X+_tv_ur;(j;tWzAk
ziAhzq+X;~#Xw#aj!yfQ_>&oY~kLZ7|F7X9BYu>;ax6>A3fkt*plW~B<X0T&Co$<dY
z6KU(hu->1G+<D+;?#oESwId#~HI_%(DxBCQX9>?r#-?>P_54ul)pJ7i=+TN1q81!y
zI2rpb%Zg-^ZHEL)Dn$F}OaiUCku}K#zeWGN#tf!mu`$IWuM&G9=UhzYX27(jEbRK0
zAmUa~1e2R4@e+CP44Q1XdiyGpS5mTS)wmA`jg`UU?Y(llTeQgCX3Vs%{F?Uf^&cR-
z^;&i2GI?+nveZOjucM@wP}1_b!siN#Tk2cXw`Q2=qos8w8y_Q(wIpd6Vlg2=sF64^
z8#5)Hk)*RYqlB)WFRbUz3Wx7YM5H|U>Ub58oamTba()%zOoXylCm#k!Mr-Z2?;N?h
z=>|Ka;zW;ONT$Ej%a?*&pg80*BBu&<gYIGbMA6?MgDlG#olwF_AdC~SUw1TP?fL+O
zPK*4Y<$HApIQlPVysA|qvliZ-Hrq$V<W!nC5;#WG_7i5$q=R(1zIoqf=cqF{(+8*9
zB821y8zUTwPLMg6;(-}3K>&3bjq5?j{X4Uo6?+(eAp-+zJhR<o)GGNiBbM<8`tM^)
z-F%tU=L*2lJU?RtN`H_f0npGg2pMdDfZdYEuz*?wSxV`ely0g}pCKODSD;10ywWG+
zxSZzma9MOBFG<rV`$!iXp&Ssi6vC@xgY)Q6840}P&{B)iyK`hO&<Hna6)mXer}CDl
z!76wWij09Sl!x`(y}lorbz-{}(@vb_n+CucT>(JF+ejwcdAF30k`TiQoGBo(8*s5d
zOh<8ZHBM>4h)fV%3M>JqbG!=(U9;n1<ffJ%gNr8h!xI3ar2dh-<`j(l%@Zh0x~2ed
zHu||!cgd@XVz<r=H%X;(GLI=*TOt>9P|!E2-zHzAOU^mznJq{gm1Cd<Ar}Oe`Yg^&
z6xrqg$(V`Q=sd$4s!QFc?o*e87but1Hzd$Iqb0<fxhCQsmQtueJa1efn-5Zt1UL9i
zNM|4B8})`56Inew9R-P|-R={Z(`pB;fu{Gg3=`l~XyR=3nwvQp7K5W!QEN4}3qT$1
zq7ygl<N8u7#afa!)~|f8_Raclp&MVK?zv1#zNGz>++|adwirC;qOnq61l1eVlV^C-
zF4?}o<fJY+TeAP9(!S~b^33C%$yOMz41Nd?!F~&tn;$|m;kbno7WSKqi{%66f6PKC
z3m5v6SXH%J9Hkqv;Z?}B5;bCZHypMB!AH!*g4slC8t_BnCUh`3y4bSaY=F~>@1@<o
z5xGox3xZxNh8^45VKPbTlQb$27!d{wxL5B?fAz&HXYcJ2y)e3I<5)2qW5aS_5i<$X
z!iz94X9<5aof<QQ>V&b<d$jiw?c4~N&{Rt#+X{S1bWOo(8{ek?B4hb60e~5-B}d87
zoDsRqMQE0ke?BTK^)^&(Lv5+|sQ2deSu(<G`yyLTj=7Ix<ian1X4VU{beS1*%>`=O
zki=04o|OZBHkM_W&w58n)S+m^(mI;=mdFS+e~R*#BMf8+`KmnzD(<B2j>C>eh{CjV
zY!akERYw6ibsL1C-m`68oUL$Jx9T<Qw)!+-@?>mhbdzZSRbbwg@RRQP)7@PRpZ!z!
zt{(1T0gnmm37X_KgYgtI1y42X26Qp<gNcBcRu+@=2BGB}q~I{)kp!@ylh|RAILHp>
z4l|Ln8zO}a&qNF-19vH^A7#g0Dr13MVDjKTf}9<zjms1j1gmH~NqJig<}vjFWR?6!
zsV~9cM+?w>3Z{Gb9J<3Wo(a#)X#9p=sh{YqyNpwe9#oJXt@WEBAvdxI-;4M;s_5+^
zjH8S1yVyPIHdfGu#(K5dNtkOFo_psxdA_mAQEq2QCV1P^>It6UX5LTm6p!;nl6N8;
z^f=!aL-cWg^w%#i_SerO(=#xbO;B8h_RZ|yE!D*~XG*Z=X3oBWx+G=3p89L4OV;Qv
z^|wn~k@d5e49j`*7VQ)^xq85CpXAVrmYKbTZ|1`pRkPSCnuPrT;4@iJmNUeqJh!wN
zCgM!XXs(chaFBFx5Ww#`;|6JtVL7whB>7-xKu*!MJ84QPQc2}XoYdE+9m2cl5Yar@
za9U?Bu=r&jY%nBrWE1)je5zV$<V1{hQYTMlV?5uzSM8I`5On-j6xO2F1mm)*r<(4B
zD>)N~D^<T4bXQ@#s<)AB6{I=PZ}3%PLN;_bXkdfG%}(r`IiVllC%Hj#*@K$JY|OxE
zxa7O9-?viqDyv%noQ+W!YjJluT`hUBq1Ls3(6^b{bKPYoD^!?hHP`vWvg?L)$b`<B
z&^f26A5cG-*H2JCvHd}0`e_CJNz#c{s`^r8OB|`}!O{VqcTE{Vp8GoUUXUDg>94Dp
zBssAQi~vDCvkD}rt^GYL40*lXmBAPoD<QjH^MZa6b{s;Cq%xz^ooREwi@h(ABzbB2
zxHCL*B}naeLc8v+y|`O<?3jMjv=O)q==t&3YjxI&&gMOvKGrG#Lg+RlV#1B?`1-M*
zyG2_!c908Xdx8m*fj7YR?{1mqup1Nm)cnjs@z+x_{qyw}xU-~0qw@-NN_#(R0UeVl
z#5||>IcA)<f5E6itcBtdL5OIS1mhB6BAYnx>2r=gI@I2ejm}yIL=);>>!^47n84ye
z#pn&)qK*Wrk0slUsAbxB1+>s_!#HpD$4MAt9i>GZ2(Jof)wP?8tp>m;DG+XAz!=)Z
zN}Oo9asKfWNG&L862O6NnIzw>$3%}uOoK2xD^7E%ccDRMiU(%TOmb70OxirW@;<$;
z-@w3st@_%_EG<)ktL7YaFC6tjl+jS#TUwD#tVpjE3yY*V4-Q)-&534N#44q}&`QFQ
z3$65g?z|Tvb4z)(dpTkjiNh-}FnA2{qULE(FBtuESZ3}<&CJdj*Oom{Dx^|qz`tdR
zYv~N=<ZYM9RV6@v^(<U3#=IzghW&Kd+a=e!lqJHL7*hNRPG|Mn`6Q6+G%^n=t&?X?
zwR$V04|9?+PEU=){&CH!)eq_e<|*S=;fD&i7uF>$lS#*Kl~8Ndc2lRhn|C*i+Nh1f
zo7^}7Hf`><NIfH;3Rt%}COIxFmv7(#QKZ+?=D8_i!warE)n9gN`k#>swOP?zd^l#(
z!#89*b#hrl!$kfYS-L0s3O>H_J=$-9)!YcKao1&1IV(&BoZD{Kmr~+-C_XbQo>o#{
zD2C(IXJKe&oKSz{Y8vu+iD8^qrUd%uvV6ak8*@9q91bP@=X*sKh#l}eF)#Jfmm@!v
zo~%eR(#-pxtBxtytw<gO|No*BFcAns-*#?5DwS!izlwmx>I&i*5sy-Dgw18KBXE`R
z*+q63bfjsnx592SqU-L|^vpML@2WxWm6y|rY?Fo>TX-2{lH#>tg$)kc*RSFnd?_Zg
zRuvPP2q96ENUP)pQ^p6eS9pUm_pg1t-Pp{LHbY|P?Jy{`2_TMV>V&sy%zdFtbdY><
zJ#0T|l=7O{s@kXZE(5E~Hk+I9Gl4Ou)J%}f*s}DzuBt<TquFFF**rUEW^TP;P>>>A
zu{W76Vh2R(#jL_ZMf}Cf#B1I4MgoiYjc7G%c4TD<0h1tCtrGPES>Zy&1sIEw`qRb^
zStUR$Sj#NhqWu&N-}0)SV=+fSFe1^8<VyM2R@G`SY8~{7W6UJ5j9#7$LSjf*&Vbhm
z=2T-n$NwT`Gwr8j3vLo^%{Ck38^)>3S=R6`KB)bOejjqjoyP%mFvWZZs67`yxtcv9
zZqS@d7RJ-e&zuJHT(pw;W}ZNxeYDqIIRa3%@S#Cbz5QbYquK+jZ;T_dpc<}UMEi#u
zgPN_^{1ofaHPTT-_eg9<11}$^PisYv54d){>FzESgC#6UvXfe^>e4iyM9E4%-Mp6R
zV=nkyY8!onz*S$eCXu~vd(3hP7S|fwwwD#F*AIqdoyyphcK@aJUi}Zr3H_$aOdPDB
zYQ&bTG1x?q-pc1fWlMcF^=r2McJ|-Cy@)cd$$(swpdv$ArVwt*hE3UUnOQwLt8B@I
zznqK6NS99;<*(uM7Ct32Lh6rDe+0^7W-)6_pv@OpYsAa2;!0^eg9R9yR}C`ygvl-#
z1Z#75tpsh37S@39HGPFGP>yL3GQhHv+G1+eOimk9?HIngWCWs^14E1iBx}iPamV-Z
z#%gt^S?>+wL0Bxa-iSoAfN1z9ENQvA(ZpLI7gbC-yuNs8D|IE)6!}44RI{KL0FEJ=
z38bJiEhp7pg{&~hCGVbUlfFg*TiwEvAmCpZdh8(qmT#S;Lm!i_W)1RmBiq}9pL>=-
zjP!A46@U+#MbaUm<i-+-19qCXM%{1_M*Wz15)47iN4qZIfexA|KE#W)Pw7>##K~of
znM9rm-)rfDYw3<lbjQq1!z~jFVs19i?TEdyA7*+E=WNy|A}r~KWze(bnW+L4T|zhH
z3C@jbIlnwjv})rctms3`H3)L2+aNAc$&mxlPC7u0EcxuDUS?->1Xi^GSN+u+&*ZGh
z!$IT=63a1y;h;dP(K^lba-YS97;8zev=Me$KSS%%H4p=PLnJAKgt*~=P@tLg@xNr%
zq@?F%)oqsOC=>lB7e<)rhQ++kET#rL#!@sww?bLk6Z+k(A5i9noCSKCk$|$SLa4dn
zTB;KE3b!p@Gg2)42SN<yU^2l8C0CKTp0%oAouaUTmI89a?1H5@pn_iSML3k+L4PYF
z6Coh<B6$$npJ4Z=O@ja{4(f7Bp3}-Yik%afnAh?p(r5cD`vlr-*Y+OSt1s0Dq$6)c
zg9y+MOFtx|3Eb$k{)hT;*0r0pX(8HY4a@T9<+_w2ujGVzYjYx&WlUk#spZg;#u8>N
z6Fn+orjms>I^h2W&}p#1RA$te?sqX#b_a2j6^L+xDpiLBubL$PO%gIOu_-W97)Lqd
zLTdDNO5}(&Nk+{|)y8cSL@jO<NwPdDj0y|wXe=efgqV_%nA_+yefTHbE(U8pD<Y8`
zR%S&1eAM>3E!^~gNFTBN&ha)XTr}43Opn=KHHXEn#4I!NhNN$!&GZwG9gbp0i-ygD
zoN;UE;<UN5y`DslnMEjbVqSX%fLUpMY2B0kVz&k7<$>j{_XxF<o<rIK$&4jWrRomt
zefoseDO6p|lsQLbFVx3Zd5FqvGz!aMnmkYW68c$iT4@X|bd-p`=e*YGS^aH6LGA;=
zJdj{iCpdha^{PlUWCbZ$1<VL~vI<ufxZS~6Ng9pyI$4-3D<u*K{8`g5-RUONVL=~<
zMY3=j$!cQlCYEC&7l$cTZgZfIF%M(Xwg8Z^SFs*Rslfi^3gE|H6$FYdrN?cvd%P1*
z>iM$oS3^4^cRj$gBCZMqF=l=clM`9asAGCYzLxQoMSx-(FU4!e>9|$K1PfM+{Q>=E
z@<Ok<EOSFq=Av?5f*hL}moI=6o&yl%fJGLb)L#aGF!%Zw<ef^E+ydgGUnEc<a!#1L
z93CRn%AS+VX`)E<;a+wK+B6#+bZa@9#1l&m?R&7n-R*H_+&wH>?OLUgG;=_E2*SW+
zZM7t3p2vjASp+^vyfvI~wYe3`bW9oA<cYC97HPT>lYU9BBbgoc)R~mF)>uB<s*{iB
z*h7YfU1fc<&;d=1BQzT7$m@CSU~;@2l4%s>%nsOzn3Awl7*$_nEs0N&we=;Fu49rY
zR>;~<R_yHDJ>%0roh4&r$SNyhBS}D|%>5KLEbYjvgC8Y;Y9*x>n$6U-;O%JYE&X{s
zO~7PbW6sBv`QM@%m_2?{dunjafC(}EEwaMBUZZo^;)!5{DS(M@6<Xla_n??NJI#ZY
zx{Ju~o*HA>Y1J06haK|ohLWUXMS3|A2<Ua#PwMTx=HQx1(2{&Yas--QU7~mpPIKEE
zLsENo9#{ti5!+K#kLHDwimcJlW#!&q&_BRR46Hp;XXHo&7QH#^(==eDJU6<ww56?5
z02*Z=z5=u~J?N#&&E`rBQJH@NnOUZ*Ice_Q+}qC?I(b2^zjlqgnnvvg%B#J#7ghtr
z_}=P+54^Y?=JbY`jkT1tD06t}!G~XZTkFWFwk4Umeym#@e6;07-ocqu$qf$<Hg9g;
zd>eihp7K=d>EBNliz=U5SW%L5`B)wuj7RArznO<$^h@Px<K}>vgqKCAEGF&D<jozB
zNV2vy&By(bFHDX=XQ3`7%?hjCtR|D`w9%a4nu<EYL>ELwY<>A!?X<dwkzM;H1W(P9
z1eWUI5uhg*LY4zBxS^G~=s`q(vavQ~R!<B@z+|eZ7dMHYnB>ky!w6x8$J$!5oTMEz
zXMEaLW9=99A7pJGnKO7%vUK3Za(s%s#5|-CyvFm&^SKh*NC%fA8+|4JQeTh<mcA;U
zpTi4F`kc}l|ASdCEH+`+vP$9yfGn(q1#Vn6v64)?KybblGNWi1F%yVI0L5?gOox@`
zSSYVyI)qS}ie^@e<Nd};95j84v0e#S+mP0Fw{sciM)L_FAdr-|Qckg#fR(7HYS>$E
z#-n6#u9vSj$Sbg$t_cQHWmXicSej_V2D4YNcB-JY9(DqLRR44z+d(EL-!iQQhRK@E
zjP6i-3Z8$2Rgh-jt>i^LBy^nlLo;f?{c~+YrXOkx#u9B$4!B6gs}$oKR4kdO+|EEh
zLN3g*7)r*HVZ`^6*c|x#*X(yDwQ$c00iSF?!i&=_JY(I+SzaSrCvSvFtBn-Mq0%u~
zm!soZOdiRCW<#=}SXQm(vclZX!O3ZhB|pS>WQ9j7%!!riEX`NnykMu{G(8yIehw6n
zERRYHLd!xA7>F55i8{{q(GfF90;?5HTL=dy3s|p^%r({xbn#Jj*DZ?7>*#C!!F0r2
zJp480>ja~uKiax`t*GzCh-0xAyI^=frT+}P_@<dox(S^mv)8NaUZD2wGqZ{6g5by0
zW5_M_ML<+?(2H_`f}FiFja?GKuST*Bl%2rjvhiUKkW(KO9ahGwO6rQK&1+$&mn#HZ
z_3h_tcpOSpv=r1O<CjC=d7NL4i-j7K&dSOh|1-LFJ)TY*$iEtckieU~H4wjw7fi{(
z2L=&Co=#*m7rO;fk2LHaa}mVC?D+7GBg=QDQ8LCfK#<799W!NyouxMr>PbUfusG|T
z>|&^(4uF}+<a<{<iddUZ3z$L)EYfGPGHw>9m%f`7XBjzg`AS9<b$as>W6)1P!Xqnm
z;F4>fI9@los_p;8OlEY{Q2S5%KO>TQQ9N2mEO~%35m#0dkW~cUKtA9)J$irHZPFzj
zr4zx<pm@gq4pd*Pn<72&Mu}#T=T}aM5{_RutWy~bBV%2gVJT(E8sSt90x6!8E3<*L
ze^xK;365ZZ;og=8b9oW*c;^G{@aUBGF+?FE2q9^jxgHU{XZ2JQ^q>66TS#8P0yEvr
z3wv>AuQ|$CgM)ca@jm*q4otoKqT$4FqLk$$ktgxW@}y0Upk_=9a*Uy0-sejd-<1_g
zt@hfE{ynqKuG&m2DSfX}b86Kf97Lp!$y&2u;X!jexM6~IH$9m-tiA##Y)rOKGuIF+
z5D8x$)V<Nhb^<0|Ft<yvAgxtI?Vxpxg$&&scU3S%wW9qjc^)U}pE5UUE~v#^7G|7N
zMTE`51~xL$W&D@o2V<=i<iX5iV;_Xu(mHyl9WNKzvF_kxYt7SRmH{gB01z3>{7>Ln
z$E$(qt-Yw|F?&5dHn?%}((Qn#&41~n8eH5<!=Ua))yAfFbmEbn?rx*r#P83Sj>pWL
zGCiFLW61KX{ICV9unuEf3wzw39=q%A;{z<F!F~N<I=QJb+}Mt?Hmd^Jjn?^tzQ~TY
zI<9@K{!^gR4S3Rm$C^Y-&ZE~^x>Kg;&N2PxEs9j~4rUgqrVCAm!YkS2kj$V3v+OS;
zrHxT(y<&I0tg*edP8xfVFXI$jo%-}-0hBRqM!g*42J2ni1i;b=OtND8;n>3>FUUBh
zgEh_B+*vg|OiWjQ4<pcG;aRe_8?DvbrZ;`tt+AhxzLj-D76~}h$BcIo7ba$Df;Hsh
z2@!}ESc1t9F;hw~+Z+7q!Ta=oO+MF))GMy$_Z@-rl&zY3GFKUZF@q*5fm|42k#xQo
zMiSQN#DKIJ8C-L+oYgAQco{@SPi(p^?YFnjWQSp`NO4r`Y9|WUdaaXvgiLokumkcs
zS$$S=!GanoVOAq^GQV}=L7mw}<HHt9P@n`zlB$G~v;H>37GWGPN-rNKv9EcZcKe#U
z`bP!o*QpI|yLc^YVG6eCjyv^9qu=zKZkDm|G0M2HRjgds3s{z-t`~%cGo#YkJjh9{
zVu+aJpyx*T?C+wj@DnCXe$H7pxHA}t9Mj2X_OxHue*%2sK3Hf$gtDD8xgn((+hWKF
z;4M6%Pv-+@#wd`Zq$vcGDTYF$8S%;?Q_(KF$bmG(CjkN9IBaet%)AIAJe3+TrHIZf
zrfUR+2rtD%ypEa&EQ%YfoNt~u+DlWkwfF4*PTN=}*ydKS(vCsIpj2~7dwS)?tNjz5
z&anmou^s`Yx()QRTLjGZ3COQIvAxvxcD7iuh`HBAefzq6y?)fk%IP%oJ;c<Ttabzt
z=jB%3$80bw{ngDOi{7#(lYUHnjF@?W^tfuleQ~b9;jJMH`PS;dqbx^ZVLr*aMzQ5p
z>_Y#KShb`ac4HPVtph|bnsFy&I{Jj`_w|>muh9QS)<mz9l>~uB@XV<PSs^>_h|zI6
zHKr4on8-E1Uxo|xA9CtekL+$M$s$l|t19aYGZ^SkO%2pnY9H6$z?|tadm07(JW&S&
z!}0Xatbb)<?tD}Tug_j3$IrKyea^}uYa3qMPliF<ax9MtT)>J>WliSK>yg(X>|FE0
zr6wZ3=!9(+AOJHnOk9_$D<LO?R21gpX=}%BZ?n`H>qHl_0GjF2iPdU%8|A^wN4@a8
zcB8cxvRbyNe4mgKmK1+v2MPjexw2HY@N9>ar9Y_fTN~)t<CkUW8k#M((Ev5N2n$Jl
zwz?Buyum@*158aELn2we3}INJZqU8dm2<)iTMOx#V^J?>c;eJZPZ(quC#*_KGQGnR
zG8I;lN#j)(T6QFlRa+nQmN!QICH)Q4<#ZBvDtgNg#;<+TYsZ4!_>RtU&CJI>`}ni_
z{Uwg>FKhbRZ2T=<c~<{!)`fWuzYL+uWL^3}Mo{@ES5=cd)=Ze8h{`9P^NJX1lB0UK
zMd-Ag`_ZdNr@nxp<a!daI$N!C_zQAkW+F}dA^d=g>-}zRItij;AFNwuGBK#qt#Du%
zCs@irW>@x@@g&O`%@X>the#X>&%I)A{Zvm6m@wgO>>XfNyM9z3S1PP2ZRPtNujTJN
z^d;xL$XL4WrEjj|eaNCvI)<5y=rSVH(tigKGdR8W;Dh&10*H#><T#jzOzPpztp^ga
zf!$)lnOU8v3@XMI<I(UB??1sx)EDl$w9Ew?;|v&(+1phMYX!u|WYrDWtk&GWb?3}i
ze%Zqp*Pea6Do{GtuKES$1T|oiY6xGA)Uy7i`dj#gieIBIFb6Qj%3y#D2M9MCHtB4f
zl+H{k9OnX$$iQ=IWyVi)uA1`{wlNuFi!m-S-SW)Y-ZNU6V<_B4UZ`{+cdkg%O?igs
zGP+bSkJ*TwP2QA;${VH}N~A;lb%3V1nYgE&*J=$&$m%?ezz&09kL-?80kc*+T7|`I
zDlu*hF$-*rYK<TQd8Hb-NC1Y6^9{bt;w3Cbu~8?1SKKO%3Bp)vn(!xU6*t`$W)Gst
zsbN}sIp!HvGJrXRwcc%pz0OkV5?N!=0Ath|o@aOZT^k8Wem1g%US-}LZW}WIn6s;W
zTynqD;#gh}eA8*NTrej)PC3(DH&fPs7d{}3m}CQ4WF=u$1UVC_;}9vqA#+0$m1}3{
z7yufuEj(Hs%oX-*tfK9SEm}<57$%m<tu=55uLZJ;MFA_Y5In1k<76-~%FXaLa7<X{
z&dXQpM8`>?X?NSKeTsuD$qL}1cqO9f`Q-p)x~gbD2nxh+ht2ii)qxClRSFimx9r?<
z2$N$0GAKMGI(FW{pnxzPNMJe6#Z-k$=I+>BZkI<(o>7^nF%#U_QLjq3+b*`JQH5^I
zRx=&DSn`-(tC^&W<r3O-Ceu-XAvTQjm3mu#hakUkv_zlDXfuLtlhezv6Y`c}oC4Rl
z{g{@Li8h^f>`MQ50S+)2=$&_^ZIgH-2a<r;O8NZ<ho82Hx4J}?Y|`Co)q+kR46SIe
z)g}Pp_v2#9gvA%HU=x}wm2PLcp2>PRK)dq$6Rbee8GC8P%J2l}98(WN=<f~cK#INF
z@0MRkt1wIPr1o+B38tZ6U~S}wXH%iiW9mv0#`VweCdor4S(j4(w$jg?WpkEb?)h@V
zd7LrU#Kal9?_(&1WAxoAl)_~)i!@fo5LI%D%gx;Bt64@b7}L^av((PTc$9vfg?A*k
zRYo_HpOLz_W8zqs+X7uSX}?Y%5tnD;RKkojg8LOcWR*KHYFV*hl(W(SsJO6g*2<Ak
zXX8PWW$arM*4K(O7S($8U+#=qusrbdew+?ig!GOuwTI`2F#PhZQx^WgO=<#!GkwI!
zx3aZ6mpAU&B$&=-2ji0H&a>aixk=Rb3b)a(r-R(rwnjUeTrlb9e$>LFKnU{tX8%Sj
z^iQxV^=vlQOj<4Pv!GHr2a#4Tup4sMv0)ZwM9OKhl09s}?={GL5SH#DYDt93%f~r5
zjGk=8ChK?Mz%dU0E^CzO5-vU|dDNQT+Uc}(oi+2vw~m<~rMGLT8}+Xl@yij!A%z!u
z{0dxC|2SC5SMuveC1yG6j1rD}&bXNwqvb#<C9XVTwwtqH1}pc?du?HRErh#xfwK{d
zM4iiVI&(`ygO=wYp_gSs*;G_@j<q0LXX)Z{Jj={f_`!jGOo$E>0UN2(@K-wdZV`{8
zVl!TH!W-+WDao}Yhca7HKnVE*&aY<;lZ+9<Sr}R-lek0I(T%j|))6!;zafh>q&uD7
zsl!d+l3!$WlNxRKwV+btnMbJ^>AP5rGT%z9QD%fh+Te2kR68BV2y`GR0(rY@-SsFS
zQp1uNqkQkorBiW-026s$LTgE{Kq`;`OvWF6T#pnV>|~}YVSCm>w+K^q0T(bg0PH-$
zfwfz!9dD`)(5*o~V(5p7{FqDPC7t23--U2Bn2pN>CsN`3ULzyhkIa(q(7u8BDPMlo
zXRDX_;713gRU*Q(l#0)zZ7C~-(pO>CbYa7mN6mFKf^ptSyEAW|P8#t;2W9U{ht0co
z(X;<N%t4?<1~PkvWT>fRk>Gj~IwvxfGJ%v|A*obJ458Vqp*4#VvRWk|qwW+iwj{q+
zHMAoxPUxc_n0FLHNW>Z#BU2}F13c2^K&k@y@gYb1jusRD$cmEeCroNL$()!UN~wiS
z;)iGyxW;bqQz^(}rk&3igeR0_O`_FRGw5@A)scKHNjT67)-#l(0;IZu8e|4qUSom{
zQ-lDp!cKscE$2V6B=nWv(!O5*bCNA)5sGryN>m~s_%NqY@Ws*A6>aIlgQrMeY-@y<
z?8&)}dU&|c@&fJHvUYpqi*)z$Vu_y=!5}_;`s?5J01J!QQHNinu+8?JuXxqV?=1NJ
zqWG}rjsR^c{xB;}jeF+?v-Mmj>aVqL(4GMQTtXtZ;SQ^m!)@g7!laja6A|B(e2+PZ
z@!V|LS)_s$L|8CdyQYJQJz<Xj-ph8d6~VZCFCtqTfM|M)_V~EHl9G4E3z2IFn*qKE
z)`T{bc?G}9_!cr;+Q<}AL$JNj+A}tjnImOB$d>k1c+?~_2eDp3C%XBKx15hNEelUw
zdv2X!TnU*AMd%kCo!^Y9hfG;2#TIgFReg<inctY)0-d@+9m)dP)%lt#ve@e^XSq~Y
zte-4i%W;g;-BLkaLrqkbfH{(hGLOE@5G`V3Vj7Ibyvm234V>A)NYO?j?Kp`RQNg)`
z{r{ACBR+J=-L#|WD}82J!NH{d&?FYj2$;ajN=pVg4Xh1W?A_PTv!SLB^1QpB70k+S
zWGq$J*1nMzOQZGLG#Rc@pBZ)<Q{v5rOnbn>!p5jPllO*MyR8j=m)}$A4WmZ8w7Y*=
z`$zo#<^*aSfm{iK>hTVFC#ds5xr(%UMpoSw1a%1>SYn?LYqpZgj2{;91=jh73gD&E
zapk&mwDx3WS&VC53$;xILev0s6kRPO(~jfArr0ITl<WyyBIb`@MB+u!*dhHZ@2>W;
zf6@YDG58r9zrNfE$?=VC%*tY@bqXZr(M9bLkvL83qcVd>B&pqrr;#MBY?c{*Mk8mn
zBSeFcjJMv);yxzzjQ7Us`?M$c?am9OOxzMqpD7?75n(8k|M%zlN~LT(oTVe}mGTao
z@#<voJe~0dZDTBJ>r4)$d#qMA6wI735jG(yA2#a=F-^#2hBphF(Q8#_5M~GzQASoW
zBJRVl1~rkzdM#ok6&A7fSe5{0#u&#}Sa!sb^%?jR)ouG74co5na1P6w;|pZX3=c!%
zM4RM}y;J`zYg>`xCG)*rxF)%P;09f5$ZR`<10+VV!Nx^CxYVZ{Fs1LMzDj+Sx}10$
z_1mD<3znA@9e{A7hv!;AREo(Aj~Qr=CtON9efN~OcO|7nBS7eqQLxCjXcj_(2v}=)
znpM4UG2)giEk+(ez)G+z^D44e$R%M+6fnPXRU}=l!!HfhKslDK&q0V-g9QWVElgY@
zAB06z*H@1*|4XoIy%qCISVlQDgsVtmQ}<Nw;8h14h)k7?T+;rq=3y0pk!%taVRNUo
zc|Y{zH%PU0{U2DYGnE*GB+*@xB)Utpr8?#skeM5$wu9~EpNzy=NT7@al(e~O;LJz`
zg|KMSU7U`R8qXPZY$%VN$(fr8v!fVUH3hY1+x*xRY1#NjFp(ZMlI?ENb=)e@jTHm;
z6ZAy@nyk5mamUIVqR=q!AsH3~VMmr)A<i%c53B{>ND!150{Ki@CA9f{Bs-{9K?hwH
zB_PqQcf8fe@htfj8+=1z3-xrI2yY(C=mQ>Mcq70I%Tp6DmA)}aZ46kex~B1~MZpNR
z6P)Z9w1>36<#%5e`J1v<ELvsOLg9jvH$)#kpCwAhSWtHMsjYPTG{Wt%1}DGL#sbZx
ztfNo(`Ky*6_V^J1(xaV_pJB_yKixgXe0HAlZ<kx17Z(@>j#(v~SmS568X2ieK<7Bo
z0d}DikzJO{{GxuFAk;!XEvui?-k^Pg$j0K?CHHh`F5Uq7cwl*ExOnlT3x>w2gwxB{
zVi)Ri*5(BiPMWjEW8vAs;KZ4M^Bgm2AO>YgAyE7(tj%huL6(gIR%VJZQ~~h~rsng5
zUn#Sm5SwHa<4o4H#xDRPkbR4!!H|+FD~zp5nmB$BSv?WD#_4x5yTVU{#W?pmHVjs=
zt#v}CJ9R_iDH8hz{wE<><F{}>&hK{qJ~{motG8+Q(E_wymUNL)P0ttn6~v^ce^>+U
zU>12JaANXhP(yfD7;_=%R&kJQEamTRuBTzaLVcR^|Fn0uv2C5#9l!VToxG&T%geXR
z7hQ=GDasN>y~nn!*m3P7wVN)fo1{Trrr4}yNVXhFj_n}ry0+W8VaU)8%ZCB$vV16p
zVoQgi$(Fb%GPFR}EZBgdEB2*BhaufibX$hC!LSYGe&@NDmgG1NTBQ3l*}8g2UXu4d
zFXx=+od5Zs0kXwa%$t>&aI<#R9MJQld~b{1eu-+G1DbnH<Q7FY{44{mN_2FRlPIKt
zW?qE6Mz(o4Z;-|>>IvIPQavlts#f;>rZi03Nma&m5@HN01^4tfjemlQ_ahn`P!LFn
zNB@&0naNj&YH^>G#eLFS+`^!y6ua`#vhDJFL2z{aH1+-|oakpIc|k=b-?DU#Ks8X3
z>`;gFQm%Bco|`P%Bi6|wz&$Y;sp8W9X%H|#Dq!5iNdP)1HRh1?n<GhW{vgmcR(ok6
zS7jscY|_b^#(1^d(z!t+Sih}QnLr=Jqa&vVhjJ}8yU}W=vruO`<GiD;o)vSKs+Bgi
z<Uk^h=gql!%#2VZ3vEJiAfEg2=XEpZq^b?Q30GcLs+{QLd;Ev?6}bFb+Pq|SdQowu
zFJRU|Ur2W50J=bI2hj^n+D+Q>{60za;%4!#c#5Gf@4WTm9s9z62)|EM59KohCA{xA
zw3HJbzy<OiCU=m35LC0R{r2%+c<RdSY_dpZF*Au|cEtMlA3s<<P=%j~^)rw|FD3}0
zj($j8e@<J*{rN{!wN*YMkK$4mq*CB&L>aD~@$^?Rx?Ywru_-S@N4)y|;bp;xiNMP#
z-cxF3?4sH9m%N%IeIe0LQ?tdND0MiP8hr&=$AcJ-<Rs7x!m58Q66tU1Ra85-t;8H0
zN_Y||TgeVS5G*Dw0#u+(s1F%RjZ@ZcZfZ1#<VNr#(S&y<SqKIpRH8;7cr>yWfwu&U
z&_u$330WaKC}R6j>-ape8R*!o3N#o{tg>ohJ!L!9XpSV(P@xgHXMYqA!3|)<f=W7I
zq$aZ1^w9vUT`+;bKw?E9%H<=&V*i_>f0KL-tZv90C>O#&dgD+`V8s{8Lfug%wYCi6
zLyyMs2%|PASXkjI14c?^Zy}n9R%NM>Dn=WTyGS6v&z`#r026jqj37^O&~}0W6L12t
zH#3aBvc^k_4+k9;hu}eUIF??_g4zy)p_IzY_wbcW4d%A3#mRg5GwoB%Ze}m|fhUj<
zR2;(}b(Z<-0XV$&H1m2|G?o(RviOZY-?EbCu=y2)=GHTCy`dNU61(7CnhkZ}`4qj`
z6~>!!eHD1F5hjPg?qu#EO$iA@T(E1J>7z>%3E<br^R&hG6`vJ_7acBvsbEBsDj^{o
z!;ynuHj5TW&_6MS4*<Owabtkm@oNyyoGPLl3KqHSLb%uo$LmBN(j~N`o6J%|HJ%1(
zz*NF$pggLR>liN?Z4+84h(6;1!r+kL;ZKefsV0HyNhE!biV=2Vc)|7fz7{|_23pzW
zx*H|f$lf~;VHJZqAgM<3Mk>X287&ugQiH=LnYxKGk$8N~0G{lIHC&`3CUzHir|%eV
zQoF1wx*$M7?OnRSlRLjJXb#y|cx&4i)*`a$a<9|rX$6+^6tav1TM#@-R4}q<88=Ro
zdN;!iTl0D#$Y1B`w20F1>Z6Gk2yuj3xd;j+M`m$4ilCcQ7@Y{1NzV#UW}vzX5GG%h
zHOsuzqiNHb$g&pzDg!Dh29_6;xrYr8rz6bg3`8|R&oJq6G!fR0C9`FW1opsQ009?n
z4k{($xzO;yHE5?u`=gjB%RLf;sT5cg&^G)>p=6u|LP;Z8@OVGUwJeknX%Qc~ZZo*e
z;gt9b&yo3viR5OG9jWq?YmJhSlPCv*BWWQ4>O3-qP{wzR$q8dcKE|qI5~!4_SiZtS
zi&DIa{TaZuST<LLngn!Ug2Ivba%9!vD4`L`P!BaNa-BQo9`U<adN}IZ(@tgHSw2`y
z4@SbHiFBeUYt+>;_)g9eEf@RaI4cn9Lw|I=b)g2_ANM}g#GscXIJax~;qT&A4=gF;
zE-TC%AC8Oj^*}a1H87e-776aOK#5mO7s#Xvrc3#cv`Kb(d9XstIk2Q~zA~6fWlM-z
zlyJ~e18RgU)6A(G<=Z1}n{qz7-k6&^G!C-KpoB7!4wA;Ll%0dD5NKaBQ<klbWd|tN
zGcq=2)$)NHJiA7b!lrfHPC3LE!)*?vO$4w66!h?D)w!)|EBRIH{Yd{e__|5VEcA7e
znu#*)<<_w{`hHeV%*Ya0pR(a_W_Hx?Zj|QB$zeN4{?%}qL4a$y@xhVuOo6HkoKT7f
zV6DUrk+|!bW7CgyiWBT3f-%Dy$`^};ar@XWAM2c+iQ5>=p{lYK-qK$S1ldV?y7qea
zdJRG>JHQ2BM~Wi0_1APOJ5h&SfsAKXe%2**O0P%w7Bc!HsVbqaL}j5$T_odPry0-J
z5>CoJT)+Lw?c)zjW`?uvN*Ie6{%PPULf)}_Ww~*0E0RK*x3s6Vm-KIAM-B@A_B$*|
zPkN-0?r|i(BPF-`mgO~^V_>##Vq-RMVR2%9?6N<<zT5u%^6m$Gw5h#JYSF(E578F;
zTL&SeQF|V24;eybGWilqtOQ?OM8eAzF#9p8d00ynQx;Nde8NDT3MPIAFt`Z|pGRU~
z808JoVxf|_7Mdhr7-GXvhQ}mL;k8&SZ$lk`i!@E)53;5qMa!yG6nrqa&t(0L_x@V{
zRpVd8cd2vNo;VbnZdm|2>OZ5pGn(Fje(omD%f;DuabA96=~u2ie53R7UM}+H&P(B0
z`X7CaeYl4`dPrn~-z`#aiEHr;E9orX<)Dmpx!S%B=Oc(k$4Xpbm=txjV#KJseqTz=
zc&ugry?5_TTG;!x`8GD*vHK3gB=CN2zt!6OzP@Sv$nyn>4xLbDj+pF{<|lu{{8hf7
z*iY#TqTl^(kv~&C+y1(|mcE|%tC93^k_LW5I=t^A+?ntY0z84dd*7Tv7v5KA5P}3g
zI50(TDNNDSyQ7L0e=@Yu)=vmRioPp2>Hn`!9E9%$;(GV~``KZ}el}P%!4?*chmEh{
z%U;tu*Ej?u(!pj%9QXZ{{WaRhS?R*eBJEY$t0F>Sqrg$w@W3#>K+lU%+^vTCz8}#;
zY6r~Pm8O!di}M8puxJ1e#iO3=A3O=|<qHpC#}NC2Qe$i+k|69ZUZPOIIp}siN+2N>
z7YM3&ffH__e56&svz~;>mU159p$W$!a`b{(=#&6WHx`As3O8<^f}Um9YBh&Q$Hmtn
z=B7RkMBP2&0+7g7qnR23RE!!yClM$&0)v&}9Svu(f`vmsczC&7YewO?XYWe^s${5=
zi8q~E`LnSP17-&jNWw#7cAgOISOe9X1A}eCQx1?|Fgtp8L&<|CtX;1vTVq=K|0cGE
z*cjt<__(BHm)LOjZ4LT=k4@2cFR>H3sgrH5mn-s~E;s!*cH16rzo!FE-A}pq9k^q@
zk0<V;_KZhrf6`;-JBjb-WpK_?ld;d?@dWpFf_syabSG(h>E}EK{NWXXe1unpxmVae
zHU$XMMTpL;89L8X9bWG6vb1MuOMTQX?Z;>f(Y~}Fr~SChR)1cKO1W-)00OvfAE`;%
zH;T!eAXbOZMomtvD8;_%Yx>2}ez6p9BQHc&oQEqBS09ixZwXY4)Ig>|9f#IpeWcV#
z7ps^}Og&~X&XtH0A{(eslBvk90UQ9kVkQ#vI%4Xfwh$-Uuy0aNijCH~Bub}J87DiI
z8({v%NzEjG2nPrLEnGXC^K||2;K)(8R;=UPh*a&$;X28K<pqZ<^g^e2^!B7p${E>c
zEjXAnkeG5QkcXvf)%h&7I_kwLq}h<_pL3@1Fs7}5y>FrQkx8ItF<CGCP*1I7mgmJ3
z$o76n4V35DV_nvMTXHiW<;nZixZF>l_rt-`_6Ak?{~lHTzejoU3WIWm0h0D_DUL8P
zt9DYa{ju^aDP_X;ef@|N?{VMiYTy);Jz7|tYr-4Ee?=c8R<TGIagxcP`+t1ryFuYq
z@xat@6nf*uQQkY8Vhd!Gm=BgBT6U?>!|0GRkO-AX;hM}fKM;dzh0RzbYP$p3N;HwK
zW-GPB^&;t6mZ0_s8%<JGcoeb<_I47$7SW;`Uxvgb9-3vpAwKp{auO`<9VKyWQEyVu
z7W2WOVaNet9E7FT9IHkq+9SLdfJi!%wm{bkb^xZ-Xvi*7A18Wn)^1v6j@U$^lF4-{
z<0sr)nhXW;<Ryt$K{5h_vJRRlnrT`Ywn@k}06Hp2I5#zfvzW{@qZHI_9DSxWgY!Sq
z7zWpsi06L~-!F{zR-lNFA0i<<2eFdSPvGd2#CdFLZGn0UuS+hXM7qU__BvS&o_g%9
zE$P+k|CP^5#zHMD4zjj96S{%RwC=l6-UzXQg*tp7581!;V>n}0=*mE{HI$#J0nZp&
za$vwBN(Ga)Q=C0TskQ3C%7g;~I9$)>(oiwRAvZE3wM--d99Tc)E;_j!?}%Bc!7SYq
zm82Jd2V+M|X;t+m-l)`$Nm}YXcaPmUc*Mk2#u_e;Ru8##a>QUNE|~a`3y?+)AEOU;
ze*Q-P1LKasslZ<Ze<yTL=u6=rM!puEi~fD=h4_Q<|4ck>{#r7a{9fw0flsE}=~prj
zWxiqky!EZ@qxOjX-Q0cT9sFHktXM0)Q94fI?%U;0mw#OOuj;ckt@i5R8P|57aepwh
zIvgE-q5kQS`$pcN4A1u(n~moif7LwP{NmVp>(|GZ$KT%ffr*ic?@o?SUYvZcJ=T6<
zsxtMB&f}d|r<bRnn*QR<^2`@z|8VY8^PgNW7fvmFVc`dh%Zs18ZTPk~_E+|=@Bixl
ze?DLz_}0OtrOu(5LwLUV5trw~9FwY`OpVY<z4tottZeTy9CN*IvO})-)+jIM^uENg
z&N0VM>zf>%-k)%+_x_yYSnnU$Njtq)IM#d5^J(>-RP-6tpHkl;-!;dta<Otu@yKf%
zcyR9U+X3E9v_(!Pq>v)B-fM@rz9;>*RE_<N-;Tgs@_D}<1*vk)Z^vkV-EYVFroZ&t
z2{dufZ<`trKEIvRMs#6Rke{@c(vSLWi}t+;J#t%lWmSL7Z{vH^U-R1r=lrAJrX-L4
z?|wT-?!uJc4rz{Y!f%IpzU#Lm+9~4~{dQDK8-MG!;rYa`>3wfpTV;RdwG)~fc*Jj;
zv_IjuliFQ@-}T#RtrB?i=*GpXo9E81Zo6ZrTkcF}rsF<-)jhF#X>(<3<wDy%vcB%B
z*SFlw?pAm6$?lo<11npr?#DJRZMt`@TsU)I_w1$hmCgQJ4!C<?b`Pje-TUPI-Oa6Y
z8yDQ^cBj+X`_kS=?zt^@#ogXqInzDAvbpANe0=BH`rp|9`_tUY<;$1bYyF$O(A~cA
z@#&2V+bgHH-Sb^{W!vqaxqbCw_wd>CE9chRr#H^;z2d!(2or8#{9L7Y+c^RQt3Zui
zQq51}R&qfIb=0p53FlQFpWyXNoVh~5q80cO+dOxKIv(r%-Fg3(der5dF3&#6@eF4^
zpx(90Yainq<x^b1vGOTr0LXUv?n`{m3eVs8EeAOBR_}HJJ?&iUt<D7A%ja)#ryG2)
zi(9JA9m>C3z3W!5xqOz~?+U-$eD(@=)1~x@+{YTvZIHrzvwpkr9&dd7e>EzXF^DeH
z3v2Hf*$dpqwtDqeub);uxy}8aRx{^3?~>k-S#;xPZZn52^7>)MT6*Xl<K5<c8$7yI
zA7etRpWcg1#+&^}T|0xb0!-W%a&#Zwok>1=ih-TxJ+sKodEnWLz~1&VSq{SXc!-VT
zG0<UmG70Y{zwrcN@DGvg_hIelun_Jec76&*@B6v12br)Bk#qa7_6S<TMnmMuu_|Iu
zIN<pzETA|y6V&P;j3P+uBantB(Ku;z0SQFN_+`w^LG3N{Plk+;$Mk^qOWL!P)3vA_
zPz85j;^#YzzWR#xB8Y%LrP5gq<l3m#2;TG2lP816E^TfoDIVu}Fih(!+ZP1OC|%L>
zbb!9r-IV7%t)%ms^qC+Yb*^2`jBv#@`ln4Fe2{z7(Q2=AmS{)Ojq-Sn$D$iWGX|Ar
q6ul@~QFNlb_6m=lSLeRWF~T*IsZX!uxIZe*@I7(vMu9>#?SBChn>SMc

literal 0
HcmV?d00001

diff --git a/www/request_account/human.php b/www/request_account/human.php
new file mode 100644
index 0000000..c0793ad
--- /dev/null
+++ b/www/request_account/human.php
@@ -0,0 +1,76 @@
+<?php
+
+session_start();
+
+$image_width=180;
+$image_height=60;
+
+##
+
+function random_string($length = 6) {
+
+   $charset = str_split('ABCDEFGHKLMNPQRSTVWXYZ@$3456789');
+   $randomstr = "";
+   for($i = 0; $i < $length; $i++) {
+     $randomstr .= $charset[array_rand($charset, 1)];
+   }
+   return $randomstr;
+
+}
+
+##
+
+$image = imagecreatetruecolor($image_width, $image_height);
+imageantialias($image, true);
+
+$cols = [];
+
+$r = rand(100, 200);
+$g = rand(100, 200);
+$b = rand(100, 200);
+ 
+for($i = 0; $i < 5; $i++) {
+  $cols[] = imagecolorallocate($image, $r - 20*$i, $g - 20*$i, $b - 20*$i);
+}
+ 
+imagefill($image, 0, 0, $cols[0]);
+
+$thickness = rand(2, 10);
+
+for($i = 0; $i < 10; $i++) {
+  imagesetthickness($image, $thickness);
+  $line_col = $cols[rand(1,4)];
+  imagerectangle($image, rand(-$thickness, ($image_width - $thickness)),
+                         rand(-$thickness, $thickness),
+                         rand(-$thickness, ($image_width - $thickness)),
+                         rand(($image_height - $thickness), ($image_width / 2)),
+                 $line_col);
+}
+ 
+$black = imagecolorallocate($image, 0, 0, 0);
+$white = imagecolorallocate($image, 255, 255, 255);
+$textcols = [$black, $white];
+
+$fonts = glob(dirname(__FILE__).'/fonts/*.ttf');
+$num_chars = 6;
+$human_proof = random_string($num_chars);
+
+$_SESSION['proof_of_humanity'] = $human_proof;
+ 
+for($i = 0; $i < $num_chars; $i++) {
+  $gap = ($image_width-15)/$num_chars;
+  $size = rand(20,30);
+  $angle = rand(-30,30);
+  $txt_x = 10 + ($i * $gap);
+  $txt_y = rand(30, ($image_height-15));
+  $txt_col = $textcols[rand(0,1)];
+  $txt_font =  $fonts[array_rand($fonts)];
+  $txt = $human_proof[$i];
+  imagettftext($image, $size, $angle, $txt_x, $txt_y, $txt_col, $txt_font, $txt);
+# print "imagettftext( $size, $angle, $txt_x, $txt_y, $txt_col, $txt_font, $txt);<p>";
+}
+
+header('Content-type: image/png');
+imagepng($image);
+imagedestroy($image);
+?>
diff --git a/www/request_account/index.php b/www/request_account/index.php
new file mode 100644
index 0000000..5c9dfdc
--- /dev/null
+++ b/www/request_account/index.php
@@ -0,0 +1,176 @@
+<?php
+
+set_include_path( ".:" . __DIR__ . "/../includes/");
+session_start();
+
+include "web_functions.inc.php";
+
+render_header("Request an account");
+
+if ($ACCOUNT_REQUESTS_ENABLED == FALSE) {
+
+?><div class='alert alert-warning'><p class='text-center'>Account requesting is disabled.</p></div><?php
+
+render_footer();
+exit(0);
+
+}
+
+if($_POST) {
+
+  $error_messages = array();
+
+  if(! isset($_POST['validate']) or strcasecmp($_POST['validate'], $_SESSION['proof_of_humanity']) != 0) {
+    array_push($error_messages, "The validation text didn't match the image.");
+  }
+
+  if (! isset($_POST['firstname']) or $_POST['firstname'] == "") {
+    array_push($error_messages, "You didn't enter your first name.");
+  }
+  else {
+    $firstname=filter_var($_POST['firstname'], FILTER_SANITIZE_STRING);
+  }
+
+  if (! isset($_POST['lastname']) or $_POST['lastname'] == "") {
+    array_push($error_messages, "You didn't enter your first name.");
+  }
+  else {
+    $lastname=filter_var($_POST['lastname'], FILTER_SANITIZE_STRING);
+  }
+
+  if (isset($_POST['email']) and $_POST['email'] != "") {
+    $email=filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
+  }
+
+  if (isset($_POST['notes']) and $_POST['notes'] != "") {
+    $notes=filter_var($_POST['notes'], FILTER_SANITIZE_STRING);
+  }
+
+
+  if (count($error_messages) > 0) { ?>
+    <div class="alert alert-danger" role="alert">
+    The request couldn't be sent because:
+    <p>
+    <ul>
+      <?php
+       foreach($error_messages as $message) {
+         print "<li>$message</li>\n";
+       }
+      ?>
+    </ul>
+    </div>
+  <?php
+  }
+  else {
+
+    $mail_subject = "$firstname $lastname has requested an account for $ORGANISATION_NAME.";
+
+$link_url="${SITE_PROTOCOL}${SERVER_HOSTNAME}/account_manager/new_user.php?account_request&first_name=$firstname&last_name=$lastname&email=$email";
+
+if (!isset($email)) { $email = "n/a"; }
+if (!isset($notes)) { $notes = "n/a"; }
+
+    $mail_body = <<<EoT
+A request for an $ORGANISATION_NAME account has been sent:
+
+First name: $firstname
+Last name: $lastname
+Email: $email
+Notes: $notes
+
+You can create the account at $link_url
+
+EoT;
+
+     include_once "mail_functions.inc.php";
+     $sent_email = send_email($ACCOUNT_REQUESTS_EMAIL,"$ORGANISATION_NAME account requests",$mail_subject,$mail_body);
+     if ($sent_email) {
+       $sent_email_message .= "  Thank you. The request was sent and the administrator will process it as soon as possible.";
+     }
+     else {
+       $sent_email_message .= "  Unfortunately the request wasn't sent because of a technical problem.";
+     }
+     ?>
+      <div class="container">
+       <div class="col-sm-8">
+        <div class="panel panel-default">
+         <div class="panel-body"><?php print $sent_email_message; ?></div>
+        </div>
+       </div>
+      </div>
+    <?php
+
+   render_footer();
+   exit(0);
+
+  }
+}
+?>
+<div class="container">
+ <div class="col-sm-8">
+
+  <div class="panel panel-default">
+    <div class="panel-body">
+    Use this form to send a request for an account to an administrator at <?php print $ORGANISATION_NAME; ?>.
+    If the administrator approves your request they'll get in touch with you to give you your new credentials.
+    </div>
+  </div>
+
+  <div class="panel panel-default"> 
+   <div class="panel-heading text-center">Request an account for <?php print $ORGANISATION_NAME; ?></div>
+   <div class="panel-body text-center">
+
+   <form class="form-horizontal" action='' method='post'>
+
+    <div class="form-group">
+     <label for="firstname" class="col-sm-4 control-label">First name</label>
+     <div class="col-sm-6">
+      <input type="text" class="form-control" id="firstname" name="firstname" placeholder="Required" <?php if (isset($firstname)) { print "value='$firstname'"; } ?>>
+     </div>
+    </div>
+
+    <div class="form-group">
+     <label for="lastname" class="col-sm-4 control-label">Last name</label>
+     <div class="col-sm-6">
+      <input type="text" class="form-control" id="lastname" name="lastname" placeholder="Required" <?php if (isset($lastname)) { print "value='$lastname'"; } ?>>
+     </div>
+    </div>
+
+    <div class="form-group">
+     <label for="email" class="col-sm-4 control-label">Email</label>
+     <div class="col-sm-6">
+      <input type="text" class="form-control" id="email" name="email" <?php if (isset($email)) { print "value='$email'"; } ?>>
+     </div>
+    </div>
+
+    <div class="form-group">
+     <label for="Notes" class="col-sm-4 control-label">Notes</label>
+     <div class="col-sm-6">
+      <textarea class="form-control" id="notes" name="notes" placeholder="Enter any extra information you think the administrator might need to know."><?php if (isset($notes)) { print $notes; } ?></textarea>
+     </div>
+    </div>
+
+    <div class="form-group">
+     <label for="validate" class="col-sm-4 control-label">Validation</label>
+     <div class="col-sm-6">
+      <span class="center-block">
+        <img src="human.php" class="human-check" alt="Non-human detection">
+        <button type="button" class="btn btn-default btn-sm" onclick="document.querySelector('.human-check').src = 'human.php?' + Date.now()">
+         <span class="glyphicon glyphicon-refresh"></span> Refresh
+        </button>
+      </span>
+      <input type="text" class="form-control center-block" id="validate" name="validate" placeholder="Enter the characters from the image">
+     </div>
+    </div>
+
+    <div class="form-group">
+     <button type="submit" class="btn btn-default">Send request</button>
+    </div>
+   
+   </form>
+  </div>
+ </div>
+</div>
+<?php
+render_footer();
+?>
diff --git a/www/setup/run_checks.php b/www/setup/run_checks.php
index 7d18b68..a17ff1b 100644
--- a/www/setup/run_checks.php
+++ b/www/setup/run_checks.php
@@ -1,4 +1,4 @@
-<?php 
+<?php
 
 set_include_path( ".:" . __DIR__ . "/../includes/");
 
@@ -18,7 +18,7 @@
 ?>
 <script>
     $(document).ready(function(){
-     $('[data-toggle="popover"]').popover(); 
+     $('[data-toggle="popover"]').popover();
     });
 </script>
 <div class="form-group">
@@ -49,6 +49,44 @@
 }
 
 
+?>
+       </ul>
+      </div>
+     </div>
+
+     <div class="panel panel-default">
+      <div class="panel-heading">LDAP RFC2307BIS schema check</div>
+      <div class="panel-body">
+       <ul class="list-group">
+<?php
+
+$bis_detected = ldap_detect_rfc2307bis($ldap_connection);
+
+if ($bis_detected == TRUE) {
+
+ if ($LDAP['forced_rfc2307bis'] == TRUE) {
+  print "$li_warn FORCE_RFC2307BIS is set to TRUE which means the user manager skipped auto-detecting the RFC2307BIS schema. This could result in errors when creating groups if your LDAP server hasn't actually got the RFC2307BIS schema available. ";
+ }
+ else {
+  print "$li_good The RFC2307BIS schema appears to be available. ";
+ }
+ print "<a href='#' data-toggle='popover' title='RFC2307BIS schema' data-content='";
+ print "The RFC2307BIS schema enhances posixGroups, allowing you to use \"memberOf\" in LDAP searches.";
+ print "'>What's this?</a>";
+ print "</li>\n";
+
+}
+else {
+
+ print "$li_warn The RFC2307BIS schema doesn't appear to be available.<br>\nIf this is incorrect, set FORCE_RFC2307BIS to TRUE, restart the user manager and run the setup again. ";
+ print "<a href='#' data-toggle='popover' title='RFC2307BIS' data-content='";
+ print "The RFC2307BIS schema enhances posixGroups, allowing for memberOf LDAP searches.";
+ print "'>What's this?</a>";
+ print "</li>\n";
+
+}
+
+
 ?>
        </ul>
       </div>
@@ -73,7 +111,7 @@
  print "<label class='pull-right'><input type='checkbox' name='setup_group_ou' class='pull-right' checked>Create?&nbsp;</label>";
  print "</li>\n";
  $show_finish_button = FALSE;
- 
+
 }
 else {
  print "$li_good The group OU (<strong>${LDAP['group_dn']}</strong>) is present.</li>";
@@ -92,7 +130,7 @@
  print "<label class='pull-right'><input type='checkbox' name='setup_user_ou' class='pull-right' checked>Create?&nbsp;</label>";
  print "</li>\n";
  $show_finish_button = FALSE;
- 
+
 }
 else {
  print "$li_good The user OU (<strong>${LDAP['user_dn']}</strong>) is present.</li>";
@@ -122,7 +160,7 @@
  print "<label class='pull-right'><input type='checkbox' name='setup_last_gid' class='pull-right' checked>Create?&nbsp;</label>";
  print "</li>\n";
  $show_finish_button = FALSE;
- 
+
 }
 else {
  print "$li_good The <strong>lastGID</strong> entry is present.</li>";
@@ -142,7 +180,7 @@
  print "<label class='pull-right'><input type='checkbox' name='setup_last_uid' class='pull-right' checked>Create?&nbsp;</label>";
  print "</li>\n";
  $show_finish_button = FALSE;
- 
+
 }
 else {
  print "$li_good The <strong>lastUID</strong> entry is present.</li>";
@@ -162,7 +200,7 @@
  print "<label class='pull-right'><input type='checkbox' name='setup_default_group' class='pull-right' checked>Create?&nbsp;</label>";
  print "</li>\n";
  $show_finish_button = FALSE;
- 
+
 }
 else {
  print "$li_good The default user group (<strong>$DEFAULT_USER_GROUP</strong>) is present.</li>";
@@ -182,13 +220,13 @@
  print "<label class='pull-right'><input type='checkbox' name='setup_admins_group' class='pull-right' checked>Create?&nbsp;</label>";
  print "</li>\n";
  $show_finish_button = FALSE;
- 
+
 }
 else {
  print "$li_good The LDAP account administrators group (<strong>${LDAP['admins_group']}</strong>) is present.</li>";
 
  $admins = ldap_get_group_members($ldap_connection,$LDAP['admins_group']);
- 
+
  if (count($admins) < 1) {
   print "$li_fail The LDAP administration group is empty. You can add an admin account in the next section.</li>";
   $show_finish_button = FALSE;