randyw
asked on
password protection
I need to have some sort of way to put password protection on my page. Right now i have the index, and there are a couple links that I want to add passwords for. Could someone tell me how to make it so a window will prompt for a password when the user clicks on the link, and how to make the password not viewable in the source code.
Thanks....
Randy
Thanks....
Randy
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well...nobody answered my question well enough to get any puntos....so I went to the local library and learned java real fast, here's what I came up with. As you can see, I've come up with an encryption method so that they don't even know what page it is they -might- goto, depending on whether or not their password is correct....
<script>
var key1 = encode("66",7)
var key2 = encode("98",key1)
var key3 = encode("jg",key2)
var key4 = encode("HA",key3)
var key5 = encode("gg",key4)
var password = window.prompt("Enter your Password.")
if (password == null)
history.back()
else (gopage())
function gopage() {
var runone = encode(password,key5)
var runtwo = encode(runone, key4)
var newpword = encode(runtwo,key3)
var page1 = encode("50ap21t50M6a12",ke y2)
if (newpword == "QPxJXMJ~")
{
location.href = page1
history.back()
}
}
function encode (OrigString, CipherVal) {
Ref="0123456789abcdefghijk lmnopqrstu vwxyz._~AB CDEFGHIJKL MNOPQRSTUV WXYZ"
CipherVal = parseInt(CipherVal)
var Temp=""
for (Count=0; Count < OrigString.length; Count++) {
var TempChar = OrigString.substring(Count , Count+1)
var Conv = cton(TempChar)
var Cipher=Conv^CipherVal
Cipher=ntoc(Cipher)
Temp += Cipher
}
return (Temp)
}
function cton (Char) {
return (Ref.indexOf(Char));
}
function ntoc (Val) {
return (Ref.substring(Val, Val+1))
}
</script>
<script>
var key1 = encode("66",7)
var key2 = encode("98",key1)
var key3 = encode("jg",key2)
var key4 = encode("HA",key3)
var key5 = encode("gg",key4)
var password = window.prompt("Enter your Password.")
if (password == null)
history.back()
else (gopage())
function gopage() {
var runone = encode(password,key5)
var runtwo = encode(runone, key4)
var newpword = encode(runtwo,key3)
var page1 = encode("50ap21t50M6a12",ke
if (newpword == "QPxJXMJ~")
{
location.href = page1
history.back()
}
}
function encode (OrigString, CipherVal) {
Ref="0123456789abcdefghijk
CipherVal = parseInt(CipherVal)
var Temp=""
for (Count=0; Count < OrigString.length; Count++) {
var TempChar = OrigString.substring(Count
var Conv = cton(TempChar)
var Cipher=Conv^CipherVal
Cipher=ntoc(Cipher)
Temp += Cipher
}
return (Temp)
}
function cton (Char) {
return (Ref.indexOf(Char));
}
function ntoc (Val) {
return (Ref.substring(Val, Val+1))
}
</script>
All Those Answers Went Right Through Me IE:"Je Ne Comprends Pas!" Here Try This It's The Simpleist Password Protection Thing I Know Here Are The Steps...
1)Make A Incorrect Password Page
2)Make A Correct Password Page
3)Make A Page That Lonks To The Long-In Page Via A Form Button
4)Make A Page That Look's Like This:
<HTML>
<!-- Password Log-in JavaScript Copyright 1996-1997, Smallfri Inc. -->
<!-- http://www.nsis.com/~coadydk/ -->
<HEAD>
<TITLE>Password Log-in</TITLE>
<!-- Log-in Scrip Start -->
<SCRIPT language="JavaScript"><!-- Script Segment
// Autho Long-In(Main)JavaScript, Copyright 1996-1997 Smallfri Inc.
password = "correct-password"; // Password Needed To Enter
The Web Page
relocateloc = "http://www.url.com/myname/wrongpasswodpage.html" //
Location You'll Be Pushed To If Your Password Is Inncorrect
if (prompt("What Message I Want To Be Displayed When Someone Try's
To Log-in ie, Please Enter Your Correct Password", "") != password) {
location.href=relocateloc}
// End Script -->
</SCRIPT>
<!-- Log-in Script End -->
</HEAD>
<BODY BGCOLOR=#FFFFFF>
<!-- Begin Axcess Granted Push -->
<!-- This "Push" Is Extreamly Important
For The Password Log-in To Work The
Page Called "axcess_granted_page.html'
Is The Page That They Goto If The
Password Is Correct Make The Page Name
Complacated So It Won't Be An Easey Guess! -->
<META HTTP-EQUIV=REFRESH CONTENT="1; URL=axcess_granted_page.ht ml">
<!-- End Axcess Granted Push -->
</BODY>
</HTML>
You Can Edit Almost Anything But Don't Add Things To The Body Section Execept What's Allready There, Ie:Text, Images, Extra HTML, Ext.
This One Also Has A Couple Of Comments So You Can Easly Understand Where Your Adding This Service.
Hope It Works,
SmallfriX
1)Make A Incorrect Password Page
2)Make A Correct Password Page
3)Make A Page That Lonks To The Long-In Page Via A Form Button
4)Make A Page That Look's Like This:
<HTML>
<!-- Password Log-in JavaScript Copyright 1996-1997, Smallfri Inc. -->
<!-- http://www.nsis.com/~coadydk/ -->
<HEAD>
<TITLE>Password Log-in</TITLE>
<!-- Log-in Scrip Start -->
<SCRIPT language="JavaScript"><!--
// Autho Long-In(Main)JavaScript, Copyright 1996-1997 Smallfri Inc.
password = "correct-password"; // Password Needed To Enter
The Web Page
relocateloc = "http://www.url.com/myname/wrongpasswodpage.html" //
Location You'll Be Pushed To If Your Password Is Inncorrect
if (prompt("What Message I Want To Be Displayed When Someone Try's
To Log-in ie, Please Enter Your Correct Password", "") != password) {
location.href=relocateloc}
// End Script -->
</SCRIPT>
<!-- Log-in Script End -->
</HEAD>
<BODY BGCOLOR=#FFFFFF>
<!-- Begin Axcess Granted Push -->
<!-- This "Push" Is Extreamly Important
For The Password Log-in To Work The
Page Called "axcess_granted_page.html'
Is The Page That They Goto If The
Password Is Correct Make The Page Name
Complacated So It Won't Be An Easey Guess! -->
<META HTTP-EQUIV=REFRESH CONTENT="1; URL=axcess_granted_page.ht
<!-- End Axcess Granted Push -->
</BODY>
</HTML>
You Can Edit Almost Anything But Don't Add Things To The Body Section Execept What's Allready There, Ie:Text, Images, Extra HTML, Ext.
This One Also Has A Couple Of Comments So You Can Easly Understand Where Your Adding This Service.
Hope It Works,
SmallfriX
ASKER
uhhh....thats so gay. the whole idea of password protection is to have a *secure* page. with what you just showed me they can just view the source and see the password in clear text. at least encrypt it...
Randy
Randy
To do this you need access to the webserver, and files such as htpasswd and .htaccess. This is setup in the servers conf files. And really the only way to do it.
I don't know of anyway to do this securly with javascript