I have this JavaScript I got from some site that can redirect someone to a different page automatically based on two criteria: (1) if they're not signed in to the site, and (2) if they're username is a list of usernames to block. I figure that if this "decision" can be made based on their usernames, then can't the code be switched around to (1) block anyone not signed in (which it already does), but also to (2) only allow people who are on a list of usernames to allow? It would redirect anyone not on that list and anyone not signed into the site as well to a different page, to be specified by me. So I have this code, but I don't know how to edit it to make that change. I'm really sorry if I'm being confusing, but if you've followed this so far and you can help me out, I'd really appreciate it. Thanks so much! Here's the code:

This part is in my Custom Header box:
<script LANGUAGE="JavaScript">
function redirect () {
location.href = 'http://www.albinoblacksheep.com/flash/youare.swf';
}
</SCRIPT>

This part is in my Website Stats box:
<script language="javascript">
function getXName() {
for (var i = 0; i < document.links.length; i++) {
if (document.links[i].href.substring(0,38)=="http://www.xanga.com/private/home.aspx") {
var link = document.links[i];
var text = document.all ? link.innerText : link.text ? link.text : '';
return text;
break;
}}
return null;
}

xName = getXName();

if (xName == 'USERNAME' || xName == 'USERNAME' || xName == null) {
redirect();
}

</script>

Thanks so much for the help!

- Jonathan

This will work but you need to be aware that any client-side security is
desperately, well, er, insecure. This sort of script is very easily circumvented and the list of permitted users is easily read. You should
use a server-side angauge such as PERL, PHP etc.

userallowed=0;
function permittedguys(which) {
var ok = new Array ('user1', 'user2', user3');
var username = which.value;
for (i = 0; i < ok.length; i++) {
if (username.indexOf(ok[i]) != -1) {
userallowed=1 // user is a valid name in the list
}
if userallowed==0 {redirect()}
else // whatever
}

That doesn't seem to be working. Do I have to fill in the "whatever" part in the else section of the code at the bottom? If so, what do I put in it if I just want it to redirect someone to a certain page? Also, do I have to customize anything else? Sorry, I can sort of read a bit of Javascript but I can't write it...

As it stands nothing will happen if the user is on the approved list,
that is the redirect only takes place if the user is invalid. So you can cut out the "else" if required.

Naturally you must customise it with the actual names of the permitted users, and call the script when the value of the textbox containing the user name changes:

<input type="text"; name = "username"; onchange="permittedguys(this)";>

But as I say, it is not secure, unauthorised people will easily break into your site if they want. You can perhaps slightly reduce this by placing the script in an external .js file so the names cannot be read simply with View Source.

<script LANGUAGE="JavaScript">
function redirect () {
location.href = 'http://www.albinoblacksheep.com/flash/youare.swf';
}
</SCRIPT>

why are you attempting to redirect them to a site which serves up trojans? do you not realise that you could be held accountable for any dammage to their systems from doing that?

I don't know anything about albino black sheep and trojans. I am directing them there because the swf is damn funny. Buuut, I shall look into what you're talking about. Being held accountable for things sucks. ;)