SitePoint Sponsor

User Tag List

Results 1 to 8 of 8
  1. #1
    SitePoint Member
    Join Date
    Sep 2011
    Posts
    12
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    password protection

    I designed a web page for our Home Owners Association. One requirement was to password protect access. I found a simple script that worked on my computer and a friend's computer. However, it didn't work on my wife's computer (all three PC -no apple). When I tried to click on the button to enter the "protected area" by entering a password, her computer closed the webpage and returned to her homepage. I'm stumped on how to ensure all HOA members will have the ability to get past the login page. Ideas? I'm happy to submit the script if needed.

    thanks
    wormwood

  2. #2
    Non-Member
    Join Date
    Apr 2011
    Location
    no fixed address
    Posts
    851
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    to do this securely you will need a server side language to handle to handle the password protection. What server side language do you have access to on your web server?

  3. #3
    SitePoint Wizard bronze trophy C. Ankerstjerne's Avatar
    Join Date
    Jan 2004
    Location
    The Kingdom of Denmark
    Posts
    2,702
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    We will have to see the script to know what the problem is.
    Christian Ankerstjerne
    <p<strong<abbr/HTML/ 4 teh win</>
    <>In Soviet Russia, website codes you!

  4. #4
    SitePoint Member
    Join Date
    Sep 2011
    Posts
    12
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for the quick reply. I am a newby at web design (dumb as a box of rocks), so I don't know what server side language is available. I use ipage if that helps any. I have copied the password script below

    HTML Code:
    function passWord() {
    var testV = 1;
    var pass1 = prompt('Please Enter Your Password',' ');
    while (testV < 3) {
    if (!pass1)
    history.go(-1);
    if (pass1.toLowerCase() == "letmein") {
    alert('You Got it Right!');
    window.open('protectpage.html');
    break;
    }
    testV+=1;
    var pass1 =
    prompt('Access Denied - Password Incorrect, Please Try Again.','Password');
    }
    if (pass1.toLowerCase()!="password" & testV ==3)
    history.go(-1);
    return " ";
    }
    </script>
    <center>
    <form>
    <input value="Enter Protected Area" onclick="passWord()" type="button">
    </form>
    </center></body></html>
    The security doesn't have to be space-age stuff. We're just trying to keep non-members from snooping.

    thanks again

    wormwood
    Last edited by Mittineague; Sep 3, 2011 at 15:13. Reason: reformatting bbcode tags

  5. #5
    Chive On FFCus's Avatar
    Join Date
    Feb 2006
    Location
    Connecticut
    Posts
    542
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Just an FYI - this is about as secure as leaving a key to your house under the doormat. Any non-member that knows how to view the source of a web page will be able to access the protected area.

    If your web server supports PHP you will be able to find a free script to protect that page and will do much better at keeping the snoopers out.

  6. #6
    Non-Member
    Join Date
    Apr 2011
    Location
    no fixed address
    Posts
    851
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by wormwood View Post
    The security doesn't have to be space-age stuff. We're just trying to keep non-members from snooping.
    Unfortunately that won't keep anyone who wants to snoop around from doing so if they decide to look at your code in their browser which you can't stop anyone from doing.

    If they look at your code they will see the correct password to enter.

    Also, if a user has javascript turned off in their browser your security is totally disabled because it uses javascript.

    This should really be done server side using a language like PHP, ASP, JSP or similar.

  7. #7
    SitePoint Addict
    Join Date
    Apr 2009
    Posts
    358
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Another alternative is to use server file permissions or .htaccess to restrict access to the site.
    Doug G
    =====
    "If you ain't the lead dog, the view is always the same - Anon

  8. #8
    SitePoint Member
    Join Date
    Sep 2011
    Posts
    12
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I did a little online chat with the host and got set up with the server side password protection. Thanks for the prompt and professional advice.

    wormwood


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •