Password Protect
Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Password Protect

  1. #1
    Senior Member
    Join Date
    Dec 2002
    Posts
    309

    Password Protect

    How secure is the following password code ? Can any one disabling the javascript access the page ?


    <HEAD>
    <SCRIPT language="JavaScript">
    <!--hide

    var password;

    var pass1="cool";

    password=prompt('Please enter your password to view this page!',' ');

    if (password==pass1)
    alert('Password Correct! Click OK to enter!');
    else
    {
    window.location="http://www.yahoo.com";
    }

    //-->
    </SCRIPT>
    </HEAD>



    Thanks

    Dr_Evil

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    It's NOT secure. Anyone can read it. Heck even some of those hackers challenger sites have something like this in one of the first levels.

    Try using server side scripting (asp, php). That will help protect the script from being read. Clientside scripting is not secure and shouldn't be used for protection. Only use clientside scripting to spice up your site.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    Senior Member
    Join Date
    Dec 2002
    Posts
    309
    What would you recommend ? I am only allowed to use javascript on my site.

    Dr_Evil

  4. #4
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Originally posted here by Dr_Evil
    What would you recommend ? I am only allowed to use javascript on my site.
    Get a provider that does allow you to use serverside scripting.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  5. #5
    Senior Member
    Join Date
    Sep 2003
    Posts
    554
    Here's a good script and you can use it on those free web sites..

    <form action="http://pub8.bravenet.com/passwd/show.php" method="post"
    style="margin: 0px;">
    <div
    style="padding: 3px; background-color: rgb(219,224,245); font-family: arial; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-stretch: normal; font-size-adjust: none; color: black;">Enter
    Password Protected Area
    </div>

    <div
    style="margin: 10px 10px 4px; font-family: arial; font-style: normal; font-variant: normal; font-weight: normal; font-size: 11px; line-height: normal; font-stretch: normal; font-size-adjust: none; color: black; text-align: right;">
    User Name: <input type="text" name="******" size="15"
    maxlength="254"
    style="border: 1px solid rgb(204,204,204); width: 115px;">

    Password: <input type="password" " size="15"
    maxlength="254"
    style="border: 1px solid rgb(204,204,204); width: 115px;"> <input
    type="hidden" style="border: 0px solid black; height: 0px; width: 0px;"
    name="usernum" value="615408226"><input
    style="border: 0px solid black; height: 0px; width: 0px;" type="hidden"
    name="cpv" value="2"></div>

    <div style="margin: 0px 4px 4px 0px; float: right;"><input
    type="submit" name="submit" value="Login" style="width: 50px;"></div>
    </form>
    </div>
    </div>

    Cheers
    Creative

  6. #6
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Great form creative, but it's just a form nothing more.
    The actual password checking is done with a php script.
    So the password checking is done using serverside scripting.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  7. #7
    Senior Member
    Join Date
    Sep 2003
    Posts
    554
    Hey dice, i was simply using it as a sample.
    I know that when you put it into your HTML. That it won't work.
    It's still under construction.
    I'm currently getting it ready to be usable, but that won't be for a couple of days, as i've got a ton of reading to catch up on..
    Anyhow there are heaps of Source codes that you can get, that WILL work on any-site really.
    As long as you can enter the HTML then nothing's really stopping you i guess.

    Cheers
    Kris..

  8. #8
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    You're right about the number of scripts that are available. All the good ones use serverside scripting though. It seems like Dr_Evil is only allowed to use clientside scripting. Clientside scripts are not secure enough to (password) protect a section of the site.

    So his best bet would be to change to a provider that will allow him serverside scripting like php or asp. Once that's done he should have no problems using your script (if done correctly)
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  9. #9
    Senior Member
    Join Date
    Dec 2002
    Posts
    309

    web

    Hey Guys

    Does anyone know a free web provider that allows the usage of serverside scripting like php or asp.

    Dr_Evil

  10. #10
    Senior Member
    Join Date
    Aug 2003
    Posts
    300
    Dr_Evil - With the code you put up their a person simply needs to right click and view source (simplist way). However like reiterated before in this thread. If you can use PHP or ASP or some serverside code you will be able to better protect a page.

    Here is some better hosting -

    Free Web Hosting

    Here is some free webhosting also previously posted in Anti - Web Hosting Thread

    If you go into the Web Dev forum you will find more resources regaurding free or almost free hosting.



    Adiz

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •