• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 322
  • Last Modified:

password protection

I need to have some sort of way to put password protection on my page.  Right now i have the index, and there are a couple links that I want to add passwords for.  Could someone tell me how to make it so a window will prompt for a password when the user clicks on the link, and how to make the password not viewable in the source code.

Thanks....

Randy
0
randyw
Asked:
randyw
1 Solution
 
edlCommented:
I think you are looking for something like experts-exchange when you log in.  It asks you for a password and userid.

To do this you need access to the webserver, and files such as htpasswd and .htaccess.  This is setup in the servers conf files. And really the only way to do it.

I don't know of anyway to do this securly with javascript
0
 
viroCommented:
In JavaScript it is not possible ...

You can do a CGI program that you pass values to him, like this:

- link = "somepage.html"
  (do not show to user)

- pass = "somepassword"
  (when user click on link, you ask for password and fill
   the pass variable with it.)

Then you call the CGI:

CGI?link=somepage.html&pass=somepassword

The CGI return:

- A ERROR default page, if the pass was incorrect.
- The right page, if the pass was correct


*** Hope it's help! ***


 Vitor Rodrigues
viro@pluriproj.pt
   Portugal
0
 
randywAuthor Commented:
Well...nobody answered my question well enough to get any puntos....so I went to the local library and learned java real fast, here's what I came up with.  As you can see, I've come up with an encryption method so that they don't even know what page it is they -might- goto, depending on whether or not their password is correct....

<script>

      var key1 = encode("66",7)
      var key2 = encode("98",key1)
      var key3 = encode("jg",key2)
      var key4 = encode("HA",key3)
      var key5 = encode("gg",key4)


      var password = window.prompt("Enter your Password.")
            if (password == null)
                  history.back()
            else (gopage())

function gopage() {
      var runone = encode(password,key5)
      var runtwo = encode(runone, key4)
      var newpword = encode(runtwo,key3)
      var page1 = encode("50ap21t50M6a12",key2)

      if (newpword == "QPxJXMJ~")
            {
            location.href = page1
            history.back()
            }
}


function encode (OrigString, CipherVal) {
      Ref="0123456789abcdefghijklmnopqrstuvwxyz._~ABCDEFGHIJKLMNOPQRSTUVWXYZ"
      CipherVal = parseInt(CipherVal)
      var Temp=""
      for (Count=0; Count < OrigString.length; Count++) {
            var TempChar = OrigString.substring(Count, Count+1)
            var Conv = cton(TempChar)
            var Cipher=Conv^CipherVal
            Cipher=ntoc(Cipher)
            Temp += Cipher
      }
      return (Temp)
}

function cton (Char) {
      return (Ref.indexOf(Char));
}

function ntoc (Val) {
      return (Ref.substring(Val, Val+1))
}

</script>

0
 
SmallfriXCommented:
All Those Answers Went Right Through Me IE:"Je Ne Comprends Pas!" Here Try This It's The Simpleist Password Protection Thing I Know Here Are The Steps...
1)Make A Incorrect Password Page
2)Make A Correct Password Page
3)Make A Page That Lonks To The Long-In Page Via A Form Button
4)Make A Page That Look's Like This:

<HTML>
<!-- Password Log-in JavaScript Copyright 1996-1997, Smallfri Inc. -->
<!--                        http://www.nsis.com/~coadydk/            -->
<HEAD>
<TITLE>Password Log-in</TITLE>
<!-- Log-in Scrip Start -->
<SCRIPT language="JavaScript"><!-- Script Segment
// Autho Long-In(Main)JavaScript, Copyright 1996-1997 Smallfri Inc.
        password = "correct-password";        // Password Needed To Enter
The Web Page
        relocateloc = "http://www.url.com/myname/wrongpasswodpage.html"  //
Location You'll Be Pushed To If Your Password Is Inncorrect
        if (prompt("What Message I Want To Be Displayed When Someone Try's
To Log-in ie, Please Enter Your Correct Password", "") != password) {
location.href=relocateloc}
// End Script -->
</SCRIPT>
<!-- Log-in Script End -->
</HEAD>
<BODY BGCOLOR=#FFFFFF>
<!-- Begin Axcess Granted Push -->
<!-- This "Push" Is Extreamly Important
     For The Password Log-in To Work The
     Page Called "axcess_granted_page.html'
     Is The Page That They Goto If The
     Password Is Correct Make The Page Name
     Complacated So It Won't Be An Easey Guess! -->
<META HTTP-EQUIV=REFRESH CONTENT="1; URL=axcess_granted_page.html">
<!--  End Axcess Granted Push  -->
</BODY>
</HTML>

You Can Edit Almost Anything But Don't Add Things To The Body Section Execept What's Allready There, Ie:Text, Images, Extra HTML, Ext.

This One Also Has A Couple Of Comments So You Can Easly Understand Where Your Adding This Service.



                                                 Hope It Works,
                                                            SmallfriX
0
 
randywAuthor Commented:
uhhh....thats so gay.  the whole idea of password protection is to have a *secure* page.  with what you just showed me they can just view the source and see the password in clear text.  at least encrypt it...


Randy
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now