Password Proection in Firefox over IE

Swordfish

Swordfish

Swordfish

Soldato
Joined
17 Jan 2006
Posts
2,890
Location
Dundee
Hi I hope someone out there can answer this, but I have develepoed a very small website for access to online online storage of some data and is password protected but does not work properly with Firefox only IE.

I am using this Javascript :

<script>
// Author: Schubert(16) - [email protected]
// Courtesy of SimplytheBest.net - http://simplythebest.net/scripts/
function ask()
{
pass=prompt("This portal is password protected. Enter the password below. ","");
if(pass=="Password" && pass!=null)
{
alert("Correct password. Access granted");
}
else
{
alert("Incorrect password. Access denied")
history.back(1);
}


}
window.onload=ask
//stop-->
</script>

This work a treat but does not work with Firefox. Even if you enter a wrong password is will display the erro but remain on the page and not go back to the previos one. Is there a command that I can use to redirect it to a particular page instead of back and will work with both browsers.

Dont really wanty to go to the hassle of PHP.

Not really my strong point I concentrate on Networks (3rd Degree Student), but have not done JavaScript or CSS/HTML. I use Frontpage 2003.
 
KingAdora said:
You do realise that even if you get this to work - people can just view the source and see what the password is?
Click to expand...

Thank you for that

Will look at PHP, is that the best way to do it

Cheers
 
KingAdora said:
You do realise that even if you get this to work - people can just view the source and see what the password is?
Click to expand...


UPDATE:

Just tried it and the first thing the page does when it loads is to run the Javascript command and therefore you cannot right click to view the source.
 
I can easily get around that, and so can anyone else. Sending passwords from server to client is a very bad idea. The end.
 
Simple. You don't need a web browser to download and view HTML source code. Unless you're prepared to spend lots of time on encryption and whatever, almost anything you do to stop people viewing the source code from a web browser is futile.
 
Berserker said:
Simple. You don't need a web browser to download and view HTML source code. Unless you're prepared to spend lots of time on encryption and whatever, almost anything you do to stop people viewing the source code from a web browser is futile.
Click to expand...

Cheers

Got a mate with a BSC(Hons) in Software Develpoment. I did his home network, so he can do my Secure Site !!!

I Hope

Cheers to everyone with thier ideas.
 
Also just disable Javascript then visit that page, then view source.

Use htaccess as others have said...assuming it's a *nix hosting environment, else there should be an alternative for Windows Server environments.
 
Found this whilst browsing around on the net :)

Code: 
<?php

// Define your username and password
$username = "Change";
$password = "ME";

if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) {

?>

<h1>Login</h1>

<form name="form" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
    <p><label for="txtUsername">Username:</label>
    <br /><input type="text" title="Enter your Username" name="txtUsername" /></p>

    <p><label for="txtpassword">Password:</label>
    <br /><input type="password" title="Enter your password" name="txtPassword" /></p>

    <p><input type="submit" name="Submit" value="Login" /></p>

</form>

<?php

}
else {

?>
<p>
The page code you want passworded to go here</p>

<?php

}

?>

Maybe that will work better, for your needs ? :)
 
You must log in or register to reply here.
Back
Top Bottom