...

View Full Version : Login script, read & write to txt file?



stuevo
07-22-2012, 03:59 AM
Hi guys,

I need to create a very basic login page, security is not a high priority. It needs to be html and javascript preferably, rather than php.

I have found many scripts that do most of what I need, but not everything, and I just can't work this out! I need to create an input box that posts the data to a text file. Then an input box which checks what is submitted already exists in the text file, and if so sends the user to another page, if not, displays an error.

Basically I need Pages A and B below:

Page A - registration page (which posts to a txt file).
Page B - log in page
Page C - welcome page (shown after successful login)
Page D - unregister page (not essential, but would be useful)

Page A: This just needs to be a form with an input box, which submits.
I need the inputted text to be posted and stored in a text file.

Page B: This page needs an input box which when submitted, checks the text file to see if the word submitted is in the file - if so, send the user to Page C, if not, display a message saying 'invalid login'.

Page C: A basic html page, but only shown after successful login.

Page D: This needs to be an input box which when submitted, removes the text from the text file.

I can use a simple newsletter sign up script which actually takes care of Page A and Page D, as well as writing the submissions to a text file. But I have no idea how to make Page B - a page which checks the text file to see if the user is already registered, or if they're secret word is in the file somewhere. Maybe this is too complicated anyway, perhaps there is a much easier way to do all this?

Any advice or ideas?

RodionGork
07-22-2012, 08:41 AM
It needs to be html and javascript preferably, rather than php.

You need to understand that javascript works at client side and php at server side. So even if you find ability to write into file with javascript in some browsers (which is usually prohibited), it is anyway senseless since that file would be on user's machine, not on server.

Second problem is that all javascript sources are visible to user so it is of no avail to build even simplest security with it.

stuevo
07-22-2012, 02:03 PM
@Rodion - I appreciate your comments, but it's such a shame that your reply is of no help, although i've just joined this forum i'm not unaware of how things work - I just need a little help with this specific problem. I could do this with PHP without any help, but my client wants something simple in javascript (not my forte').

Is there anyway to do this at all?

low tech
07-22-2012, 02:27 PM
Hi

http://www.codingforums.com/showthread.php?t=10114


also good reading on the subject

http://www.codingforums.com/showthread.php?t=177432


Not sure about your requirement for read and write to text file.

I feel sure that is going to be best done server side though I know you're not looking for that.


LT

Philip M
07-22-2012, 05:10 PM
@Rodion - I appreciate your comments, but it's such a shame that your reply is of no help, although i've just joined this forum i'm not unaware of how things work - I just need a little help with this specific problem. I could do this with PHP without any help, but my client wants something simple in javascript (not my forte').

Is there anyway to do this at all?

Rhodion's reply was entirely correct. Your client is asking for something silly, and you are paid to give him sensible advice.

Javascript has no capability to write to a file on the server. Anyone purporting to be a professional coder ought to know that. And client-side logins are mostly highly insecure.

Low Tech has pointed you to the relevant threads.

stuevo
07-23-2012, 01:20 AM
Rhodion's reply was entirely correct. Your client is asking for something silly, and you are paid to give him sensible advice.

Javascript has no capability to write to a file on the server. Anyone purporting to be a professional coder ought to know that. And client-side logins are mostly highly insecure.

Low Tech has pointed you to the relevant threads.

Thanks for pointing out the obvious in such a welcoming manner, you clearly have a way with words. A gentle mix of snobbery, authority and a dash of ridicule... congratulations. Do you treat all new users to this forum is such an inviting way? Or only the ones like me that ask a question that you feel is silly? Never mind, i'll just apologise for asking the question in the first place - sorry.

Lerura
07-23-2012, 02:05 AM
Thanks for pointing out the obvious in such a welcoming manner, you clearly have a way with words. A gentle mix of snobbery, authority and a dash of ridicule... congratulations. Do you treat all new users to this forum is such an inviting way? Or only the ones like me that ask a question that you feel is silly? Never mind, i'll just apologise for asking the question in the first place - sorry.

I see no negatives here.

Your client is asking you to do the impossible.

1) Javascript cannot write to a file, - only read from it.
The only thing that javascript can write to is cookies and the related local/session storage, which all are only saved as temporarily data in the browsers, and can be obstructed if user have disabled cookies.

2) For a login script to be secure you need to prevent the user from accesing any data that can help them.

All javascript is fully accessible to everyone, thus it will never be secure.
There are javascript ways to make it harder to access the data, such as encrypting and encoding.
That way it will take some effort, to get the right data, making users that aren't really interested, skip.
But you cannot prevent any user from cheating unless you use a server-side language for the login.

Philip M
07-23-2012, 09:14 AM
Thanks for pointing out the obvious in such a welcoming manner, you clearly have a way with words. A gentle mix of snobbery, authority and a dash of ridicule... congratulations. Do you treat all new users to this forum is such an inviting way? Or only the ones like me that ask a question that you feel is silly? Never mind, i'll just apologise for asking the question in the first place - sorry.


"I am not bound to please thee with my answer." - Shylock, "The Merchant of Venice Act 1", Shakespeare.

I am always concerned when people who purport to be professional and charge their clients for their coding services seem to lack fairly basic knowledge of the subject. And dismiss those who offer correct advice as being of "no help". Personally I would not employ someone to do work of any kind when it was admittedly not his forte.

One more time:- Javascript cannot write to a file. Secure log-in requires server-side coding. Insecure log-ins are pointless. OK?



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum