Jump to content
xisto Community
peterspliid

Simple Javascript And Password System How to protect your pages with password

Recommended Posts

The quickest way to get a password protection system up and running is to use a Prompt box in JavaScript that has a title like "Enter your Email Address". Only you and the relevant users know what the password should be, could even be one each, that can be sorted out at the next page

then pass the "input" directly through the url by changing the .href, like http://forums.xisto.com/no_longer_exists/=
The page that then processes this should also check for the referring page, and three fails from an IP if you like

the php (the next page):

<?php// processdownloads.phpif (!isset($_POST['leTmeIn'])) {?><script language=JavaScript>location.href=document.referrer;</script><?php} else {?>put all your download stuff here<?php}?>

the javascript (the first page):
<a href="" onclick="return(doOpen());" >downloads</a><script language=JavaScript>function doOpen(){	pw = prompt('Enter your Email Address','');	if (pw){		location.href='processdownloads.php?'+pw+'='		return(false);		}	}else{		return(false);	}</script>

This is a cheats way of dealing with hackers, crackers or anyone else who shouldn't be where you dont want them to be. leTmeIn is the password here

This is quick and simple, but leaves an ugly url and therefore would not be ideal for anywhere that someone could look over your shoulder, or go through you history, but can be hidden in frames

a simple PHP only version would be:
<?phpif (!isset($_POST['submit'])) {?><form action="" method="post"><input type="password" name="email"><input type="submit" name="submit" value="Submit"></form><?php} else {  $pass = $_POST['email'];  if ($pass!="leTmeIn") {?><script language=JavaScript>location.href=document.referrer;</script><?php  }else {?>put the rest of the page here<?php  }}?>

I hope it helps someone.

PS: This is my first post ^_^

Share this post


Link to post
Share on other sites

the javascript (the first page):CODE
<a href="" onclick="return(doOpen());" >downloads</a>

<script language=JavaScript>
function doOpen(){
pw = prompt('Enter your Email Address','');
if (pw){
location.href='processdownloads.php?'+pw+'='
return(false);
}
}else{
return(false);
}
</script>


ya this is not a secure way of stopping hackers, crackers, etc. go to any legal hack site, like hackthissite.org for example and the number one noob test for hackers would be something like what you just posted. all someone has to do is view the source code and they would get the password.

go to this website here
http://www.codingforums.com/post-a-javascript/10114-secure-login-javascript.html

this is a way more secure javascript password and username login.

Notice from rvalkass:

Corrected BBCode.

Share this post


Link to post
Share on other sites

It is indeed a good method for beginners (like me).And I would also like to say that your first post was very good as well.But if you ask me, I would say that using a simple MySql database along with php or asp would do the work and offer more security. In this way viewing the source to find the password will also be in vain.

Share this post


Link to post
Share on other sites

Creating password submit forms through Javascript is an extermely low-security method of keeping documents private, and should not be used for anything TOO important. The reason for this is that JavaScript code can be seen in the source of the page, which can give away the password, and even if you put the code as a seperate .js file and jst embed it into the actual login page, the source will still reveal where this .js file is.

Share this post


Link to post
Share on other sites

The easiest way to make a basic password protection script, is just to create a HTML page with two fields (username and password) that refers to a .js file (this makes it so that you cant find the passwords in the source code) then use a javascript script file with arrays (one for usernames, one for passwords) then a part saying goto a URL "if document.username.value == username[1] && document.password.value == password[1]"using a line like that for each set of usernames and passwords.however that does not encrypt it in any way, or make it so you cant go back to it just by bookmarking it.One way to stop people just glancing at the url. is to make the index.html page, a frameset, with one frame, that takes up the whole page, then even when you click on links, the url will always just be "http://forums.xisto.com/no_longer_exists/; as long as you dont have any links targeted to "_top"thats just an easier way to make a simple login without PHP ;)

Share this post


Link to post
Share on other sites

The quickest way to get a password protection system up and running is to use a Prompt box in JavaScript that has a title like "Enter your Email Address". Only you and the relevant users know what the password should be, could even be one each, that can be sorted out at the next page
then pass the "input" directly through the url by changing the .href, like http://forums.xisto.com/no_longer_exists/=
The page that then processes this should also check for the referring page, and three fails from an IP if you like

the php (the next page):

<?php// processdownloads.phpif (!isset($_POST['leTmeIn'])) {?><script language=JavaScript>location.href=document.referrer;</script><?php} else {?>put all your download stuff here<?php}?>

the javascript (the first page):
<a href="" onclick="return(doOpen());" >downloads</a><script language=JavaScript>function doOpen(){	pw = prompt('Enter your Email Address','');	if (pw){		location.href='processdownloads.php?'+pw+'='		return(false);		}	}else{		return(false);	}</script>

This is a cheats way of dealing with hackers, crackers or anyone else who shouldn't be where you dont want them to be. leTmeIn is the password here

This is quick and simple, but leaves an ugly url and therefore would not be ideal for anywhere that someone could look over your shoulder, or go through you history, but can be hidden in frames

a simple PHP only version would be:
<?phpif (!isset($_POST['submit'])) {?><form action="" method="post"><input type="password" name="email"><input type="submit" name="submit" value="Submit"></form><?php} else {  $pass = $_POST['email'];  if ($pass!="leTmeIn") {?><script language=JavaScript>location.href=document.referrer;</script><?php  }else {?>put the rest of the page here<?php  }}?>

I hope it helps someone.

PS: This is my first post :)

Hey,

That is a really great first post! Better than mine. :)

A Javascript login system is better than no seccurity at all.

It will mabey stop 40% off the people who want to get into your site. As I said before its better than nothing but I wouldn't rely on it! :D


Great post!


Jesse

Share this post


Link to post
Share on other sites

this helped me but i need to find a way to create a reegistration form and make it send an activation e-mail, plus if they are 16 or under they must get parent/guardian permission like they do on club-nintendo.

Share this post


Link to post
Share on other sites

i have a form with username textfield , the password textfield and a submit button..when someone enters the username and password ..and if it is correct i want them to go to a certain url ..can u help me ...

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.