Solved

Password protected HTML page

Posted on 1998-11-01
9
140 Views
Last Modified: 2010-04-09
I want to restrict some pages on my web-site to users with a login and a password (much like the way I need to punch in my login name and password to use my Expert-Exchange account). How can I do this? Which tools do I need? Can this be done by HTML only?
0
Comment
Question by:shlomoy
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 4

Expert Comment

by:rafistern
ID: 1839334
You can do this by restricting access to the page on the server.

However what you can do with HTML only is:

<form name="theForm">
<input type="password" name="pwd">
<input type="button" value="Enter" onclick="location.href='document.theForm.pwd.value'+'.html'">
</form>

The name of the page is the password. Only someone who knows the password can find the page. Alternatively use the password as the name of the folder.
0
 
LVL 8

Author Comment

by:shlomoy
ID: 1839335
thing is - viewing the source code of the page reveiles the password and all...
0
 
LVL 4

Expert Comment

by:rafistern
ID: 1839336
No it doesn't.

The page contains the above script only. The name of the page is not included in the page at all.
0
 
LVL 84

Expert Comment

by:ozo
ID: 1839337
No, it doesn't.  the source code doesn't show what you input in the fform.
On the other hand, knowing the password, you could go directly to the document, making the form superfluous.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 4

Expert Comment

by:rafistern
ID: 1839338
OK here is something even smarter:
Have the form take you to a page that contains a meta-refresh / location.href= or even better a location.replace that will take you to your off-bounds page.

Thus the new page:

<head>
<script>
if(location.replace)
  location.replace("theRealPage.html);
else
  location.href=("theRealPage.html);
</script>
</head>

 The advantages now are:
1. you can change the name of this page whenever you like without upsetting links or anything else.
2. a casual passer-by cannot see the password by reading the URL.

The location.replace is the best but not supported by all browsers (javascript 1.1 supported by NS3+, IE4+).


0
 
LVL 1

Expert Comment

by:rajgn
ID: 1839339
shlomoy:

Do you want to use Javascript where when a link to password protected file is clicked, a small new window pops up asking for password/username. If only when they are correct, it'll load the new page in the main window. By the way, where are yoou storing user anme and  passwords(I mean are you using any database?)
0
 
LVL 1

Expert Comment

by:Jason_G
ID: 1839340
Hi shlomoy,
Here are various sites that detail how to password protect your pages.
http://www.wsabstract.com/script/cut34.htm
http://www.5k.com/support/password.html 
http://lonestar.texas.net/~krigoni/frames/passw.html 
http://ag.arizona.edu/ecat/web/password-protect.html 
http://www.oz.net/jbrady/thegenie/java/cgpwdexample1.html 
http://www.irn.pdx.edu/~kerlinb/spin/passprotect.html 

I hope this helps.

Enjoy, and happy programming!

Sincerely,
Jason

Jason Gorman (jason_gorman@scholars.com)
Learning Advisor, http://scholars.com 
Microsoft Authorized Technical Education Center
Novell Authorized Online Training Provider
0
 
LVL 8

Author Comment

by:shlomoy
ID: 1839341
Jason_G - Thanks for your help (big help) if you will address your comment as an answer - I'll grant you the points. :-)

The rest of you guys - 10x for the tips, but Jason_G here offered some sites with some variety of solutions and/or implementations.
0
 
LVL 1

Accepted Solution

by:
Jason_G earned 100 total points
ID: 1839342
Hi Shlomoy,
Thanks, I'm glad they helped you!<grin>

Sincerely,
Jason

Jason Gorman (jason_gorman@scholars.com)
Learning Advisor, http://scholars.com
Microsoft Authorized Technical Education Center
Novell Authorized Online Training Provider
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses how to create an extensible mechanism for linked drop downs.
This article demonstrates how to create a simple responsive confirmation dialog with Ok and Cancel buttons using HTML, CSS, jQuery and Promises
In this tutorial viewers will learn how to position overlapping items using z-index in CSS. They will also learn the restrictions on the z-index property.  Create a new HTML document with an internal stylesheet.: Create a div in CSS and name it Red.…
The viewer will learn the benefit of using external CSS files and the relationship between class and ID selectors. Create your external css file by saving it as style.css then set up your style tags: (CODE) Reference the nav tag and set your prop…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now