SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Wizard dethfire's Avatar
    Join Date
    Aug 2000
    Posts
    2,477
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok, I need to make a password protection javascript. here are the details: When someone enters a the page for the first time I want them to input a password, then have a cookie be stored in on their browser. The next time they want to enter the page I want the script to redirect the user to the page without having to input their password again. any help would be appreciated!!
    Free Science Homework Help
    http://www.physicsforums.com

  2. #2
    Irritability Defined
    Join Date
    Jul 2000
    Location
    80,000 feet below the surface
    Posts
    1,442
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Uhm, you *are* aware that anyone can get past that by disabling JScript?

    That said, have a look at http://www.javascript-page.com/passwords/ - there should be one for you down near the bottom.
    My 2 Cents (or is that 2.2 Cents including GST?)

  3. #3
    SitePoint Addict
    Join Date
    Oct 2000
    Posts
    304
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    As BC pointed up... beware the use of JavaScript password schemes of any kind.

    No matter what you've heard elsewhere, there is no possible way -- none, nada, zip, no-how -- that you can protect that script from the eyes of others.

    Anyone with even a bit of JavaScript know-how will walk through such a script in seconds.

  4. #4
    SitePoint Guru Vincent Puglia's Avatar
    Join Date
    Feb 2000
    Location
    where the World once stood
    Posts
    700
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi,

    With the above caveats in mind:

    Instead of simply storing the password in the cookie, you can also store the redirect url -- this implies that you need to store the url in a js file (which makes it more difficult, but not impossible for users to find). Then when a user appears at the site, the code should first look for the cookie, extract both password and url, check the password and simply redirect with a window.location.

    Again, if this is a sensitive page, you need cgi, which also isn't absolutely secure, but it does stop an Ivory Soap number of people (99.99%).

    Vinny
    Where the World Once Stood
    the blades of grass
    cut me still


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •