SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Enthusiast
    Join Date
    Jun 2000
    Location
    Peterborough, England
    Posts
    50
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I knew i would have to use a Java-Script based password system as i want to host my site for free with a cloaked web redirection for a .com domain and no free ISPs support anything else.

    But i also didn't want the password to be written in the HTML coding of the site, for all to see, as you can imagine.

    So, after searching far and wide i found a password system whereby the password was the file name you were trying to access (so, in theory there is a password for each page, but i thought that visitors would not know this and so this would be the best system to use.

    The only problem is, as i am hosting it on a free ISP and have got Cloaked web redirection on a .com domain name if people type the wrong password they are taken to the standard internet page saying "page cannot be found..................please try (and then the free ISP is displayed)" I do not want visitors visiting the site on the Free ISP.

    Does anyone know if i can set the script so that if the password is incorrect (ie. doesn't match any of the file names witin my site) they are taken to a page i have created, explaining that they should contact me for instructions.


    The script i have at present (with some instructions from the person who wrote the script) is:

    Step 1: Save this image onto your harddrive:
    Step 2: Copy the below into the <body> tags of the starting page (The page before the password protected one).
    <SCRIPT LANGUAGE="javascript">
    <!--- Hide from tired old browsers
    var nifty_little_window = null;
    function gateKeeper() {
    nifty_little_window = window.open('gatekeep.html', 'theKeeper',
    'width=350,height=200,resizable=1');
    }
    // End hiding --->
    </SCRIPT>
    <form>
    <input type="button" value="Enter Here" onClick="gateKeeper()"
    </form>

    Step 3: Copy this and save it as a new page. Save it as "gatekeep.html"

    <HTML>
    <HEAD>
    <TITLE>Gate Keeper</TITLE>

    <SCRIPT LANGUAGE="JavaScript">
    <!--- Hide from tired old browsers that should be put to pasture.

    ////////////////////////////////////////////////////////////////////
    /// Get your very own Gate Keeper from Professional Web Design ///
    /// http://junior.apk.net/~jbarta/weblinks/gate_keeper/ ///
    ////////////////////////////////////////////////////////////////////

    function goForit() {
    var location;
    var password;
    password=this.document.testform.inputbox.value
    location=password + ".html"
    fetch(location)
    theKeeper=window.close()
    }

    function fetch(location) {
    var root;
    if (opener.closed) {
    root=window.open('','theKeepersGopher','toolbar=yes,location=yes,status=yes,menubar=yes,scrollbars=yes,resizable=yes,copyhistory=no');
    root.location.href = location;
    } else {
    opener.location.href = location;
    }
    }

    // End hiding --->
    </SCRIPT>

    </HEAD>

    <BODY BACKGROUND="keeper.gif">

    <TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
    <TR>
    <TD ROWSPAN=2 WIDTH=50%>
      

    <TD WIDTH=50% ALIGN=CENTER VALIGN=MIDDLE>
    <FONT FACE="ARIAL" SIZE=2><B>Hold on there buddy. You'll need a password to get in here. We're tryin' to keep out the riff-raff.</B></FONT><BR>
     

    <TR>
    <TD WIDTH=50% ALIGN=CENTER VALIGN=BOTTOM>
    <CENTER>
    <FORM NAME="testform">
    <INPUT TYPE="text" NAME="inputbox" VALUE="" size=20>
    <INPUT TYPE="button" NAME="button" Value="Submit Password" onClick="goForit(this.form)">

    <!--- You can remove the following link if you want.
    I just added it to satisfy my own selfish interests.
    Just remove the following line and this comment. --->
    <P><FONT SIZE=1 FACE="COMIC SANS MS"><A HREF="http://junior.apk.net/~jbarta/weblinks/gate_keeper/" TARGET="_blank"><B>Gate Keeper</B></A></FONT>

    </FORM>
    </CENTER>


    </TABLE>

    </BODY>

    </HTML>

    Step 4 (final one): You're basically done. The above will password protect any page, the password being the name of the file. For example, say I want to protect mypage.htm. The password would be "mypage". So all you have to do now is rename the page you want to protect to a longer and more complicated file name, and that will be the password that will access that page. No, you don't have to add anything to the protected page. Note: It seems this script can only protect pages that end in ".html", and NOT ".htm", so be sure to rename the extensions too. Please realize again that this script is written by Joe Barta, a talented webmaster.

    I look forward to a response,

    Bye for now....

  2. #2
    Serial Publisher silver trophy aspen's Avatar
    Join Date
    Aug 1999
    Location
    East Lansing, MI USA
    Posts
    12,937
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    That script doesn't password protect squat.

    All it does is get the page that people type in.

    lets say you have a page called secret.html

    Now if you type secret into the password box the script says 'okay I need to find this page named secret.html' and it gets the page, if the page doesn't exist of course you get a 404 error. The script isn't password protecting a thing, all it is doing is taking the browser address form and putting a shortened version on your page. If I wanted to I could just type www.yoursite.com/secret.html and go there just find without the password.

    Using this script would be no different than just not telling people the names of your pages and not putting links to them on your home page.

    If you want real password protection you're going to need a real hosting provider. Most password systems these days are done via a database of some sort and you wont find that on any free providers.

    Chris

  3. #3
    SitePoint Author Kevin Yank's Avatar
    Join Date
    Apr 2000
    Location
    Melbourne, Australia
    Posts
    2,571
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Chris,

    internationally already knows everything you said. He stated as much in his message. All he wanted to know was whether there was a way to redirect to a page of his own choosing if the "secret" filename that ends up getting requested refers to a non-existant file.

    Unfortunately, internationally, the answer is no. Without access to the configuration of the Web server software, there is no way you can set the page that results from a 404 (File Not Found) error.

    I'd suggest you upgrade to a cheap host (e.g. fivedollarhosting.com) that will provide you with the ability to do proper password protection of your pages.

    ------------------
    -Kevin Yank.
    http://www.SitePoint.com/
    Helping Small Business Grow Online!


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •