Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New to the CF scene
    Join Date
    Oct 2013
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Question if statement password popup problems

    Hi everyone, i'm trying to password protect a section of my site which is in html that i'm making for a school sat (school assessed taskwork) so i have put a javascript script into it which looks like this:
    Code:
    <script>
    var user=prompt("Enter Username")
    var password=prompt("Enter Password")
    
    if (user==="Jack",password==="Password")
    { alert("Welcome to the members only area of the Frankston Banshees Website")
    }
    else if (user!="Jack",password="Password")
    {
    window.location = "F:/new sat/redirect.html"
    }
    else 
    {
    window.location = "F:/new sat/redirect.html"
    }

    When the username is incorrect but the password is correct it connects to the website but when the username is correct and the password is incorrect it goes to the redirect page. how do i get it to go to the redirect page when i put in the wrong username and correct password. I hope this makes sense.

  • #2
    Supreme Master coder! Philip M's Avatar
    Join Date
    Jun 2002
    Location
    London, England
    Posts
    17,898
    Thanks
    203
    Thanked 2,530 Times in 2,508 Posts
    Code:
    <script type = "text/javascript">
    
    var user=prompt("Enter Username","");
    var password=prompt("Enter Password","");
    
    if ((user=="Jack") && (password=="Password")) { 
    alert("Welcome to the members only area of the Frankston Banshees Website");
    }
    
    else if ((user!="Jack") && (password=="Password")) {
    window.location = "F:/new sat/redirect.html";
    }
    else {
    window.location = "F:/new sat/redirect.html";
    }
    
    </script>
    Note the changes I have made to your script, position of opening braces, semi-colons etc.

    I expect that you realise that Javascript password scripts are hoplesssly insecure as anyone can se the valid username and password with View Source.

    Quizmaster: A person described as "stentorian" has a powerful what?
    Contestant: Intellect

    All the code given in this post has been tested and is intended to address the question asked.
    Unless stated otherwise it is not just a demonstration.

  • #3
    New to the CF scene
    Join Date
    Oct 2013
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thankyou, as stated earlier it's only for a school task, the task was for a mock up website but I liked making mine functional. I understand that JavaScript is insecure, would you know of any suitable alternatives?

  • #4
    Supreme Master coder! Philip M's Avatar
    Join Date
    Jun 2002
    Location
    London, England
    Posts
    17,898
    Thanks
    203
    Thanked 2,530 Times in 2,508 Posts
    JavaScript form validation only provides convenience for users, not security. This means that JavaScript should be used as an "enhancement", not as a requirement. So your form should not be dependent on JavaScript alone to perform your validation. Instead, whatever server-side language you use to process the form (PERL, ASP, PHP, etc.) should also perform the same validation. Otherwise, people will be able to bypass your validation (and even possibly inject malicious code) simply by disabling Javascript.

    All the code given in this post has been tested and is intended to address the question asked.
    Unless stated otherwise it is not just a demonstration.


  •  

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •