How can I password protect a page?

[Narlen]

Hi there,

I don't know much about web design but I proudly managed to password protect
a page on my site. Later I realized that everyone looking at the source in
any web browser can see the password. Is there a way to improve this code so
that instead of the password people viewing the page source would only see
bullets instead of the characters of the password (or hide it alltogether?)

Thank you for your help.

Hi there



Here is the code:

<script language="javascript">
<!--//

function pasuser(form) {
if (form.pass.value=="michael2") {
location="index2.html"
} else {
alert("Invalid Password")
}
}
//-->
</script>



<tr><td><h1><i><b>Password:</b></i></h1></td><td><form name="login"><input
name="pass"
type="password"></td></tr>
<tr><td><input type="button" value="Login"
onClick="pasuser(this.form)"></td><td><br>

 

[Dennis Willson]

This is not something you normally do in Javascript. There are a number of ways to do this. I assume you don't have access to the
actual webserver, if you do then you can setup authentication there. Otherwise you need to go to a dynamic content language like JSP
or PHP or something like that.

Dennis

 

[cwdjrxyz]

Hi there,

I don't know much about web design but I proudly managed to password protect
a page on my site. Later I realized that everyone looking at the source in
any web browser can see the password. Is there a way to improve this code so
that instead of the password people viewing the page source would only see
bullets instead of the characters of the password (or hide it alltogether?)

This should be done on the server using htProtect(unless you are on a
Microsoft server using Frontpage and perhaps some other Microsoft
programs.). If your host does not allow basic server side operations
such as this, dump your host and get another one. Good hosts that cater
to small business often are no more, or less, expensive than hosts that
cater mainly to casual users. There is a glut of hosts around the
world, and these days it makes little difference if your host is in
your own country or half-way around the world.

My domain host lets you select a shared Microsoft or Unix(Apache)
server. I use Unix. The control panel has nearly everything you might
want to use such as htProtect, php, perl, shopping carts, secure pages,
and automated domain search and purchase. Here is what my host says to
do to password protect:

"htProtect utility allows you to password-protect any directory on your
site so only authorized visitors can open its content with their
browsers.
To start htProtect, click the WebProtect icon on your home page.

Warning: Don't use this feature if you have Frontpage Extensions
installed. You would need to use Frontpage itself to perform this
function."

It only takes a few very simple inputs to a form and a few key clicks
to password protect any directory you wish. There is really no need to
have to bother to write your own php or other script to password
protect.

 

[wl]

Hi there,

I don't know much about web design but I proudly managed to password
protect
a page on my site. Later I realized that everyone looking at the source in
any web browser can see the password. Is there a way to improve this code
so
that instead of the password people viewing the page source would only see
bullets instead of the characters of the password (or hide it
alltogether?)

Thank you for your help.

Hi there

Indeed the best way to do password protection is serverside. If this is
impossible, please visit Real Gagnon's site:

http://64.18.163.122/rgagnon/jsdetails/js-0022.html

Wim