Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 30
  1. #1
    Regular Coder
    Join Date
    May 2005
    Posts
    220
    Thanks
    1
    Thanked 2 Times in 2 Posts

    Exclamation URL not visible to public?

    Alright,

    I really don't have a clue if you would use javascript for this or not. But here we go.

    I have a site where users can login. The problem that I have is that if someone types in the url they can get around the user login. Is it possible to have a user click on a link to the login page, then login and NOT display the url to that site in the address bar? This way, you must login in order to view that page.

    Any ideas?

  • #2
    Banned
    Join Date
    Sep 2003
    Posts
    3,620
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Vapor
    Alright,

    I really don't have a clue if you would use javascript for this or not. But here we go.

    I have a site where users can login. The problem that I have is that if someone types in the url they can get around the user login. Is it possible to have a user click on a link to the login page, then login and NOT display the url to that site in the address bar? This way, you must login in order to view that page.

    Any ideas?
    Yeah... Do it correctly by using severside and sessions...
    Your solution does not lie within javascript...

  • #3
    Regular Coder
    Join Date
    May 2005
    Posts
    220
    Thanks
    1
    Thanked 2 Times in 2 Posts
    Well, this will probably complicate things but my user login is client-side. I am using javascript for that. This is the reason I was asking if I could either not display the url or somehow scramble it so that users can not directly go to it and bypass the login.

    Thanks

  • #4
    Smokes a Lot
    Join Date
    Jul 2003
    Location
    CA, USA
    Posts
    1,594
    Thanks
    5
    Thanked 20 Times in 20 Posts
    Well, if your script uses javascript for the log in, they can just by pass the log in regardless. So you may want to look into a server side language for the log in script as well.

    Basscyst
    Helping to build a bigger box. - Adam Matthews

  • #5
    Regular Coder
    Join Date
    May 2005
    Posts
    220
    Thanks
    1
    Thanked 2 Times in 2 Posts
    So I take it there is no way to hide the url then, correct?
    and also...
    And even though my login uses javascript on client-side how is it possible to get around the login?

  • #6
    Smokes a Lot
    Join Date
    Jul 2003
    Location
    CA, USA
    Posts
    1,594
    Thanks
    5
    Thanked 20 Times in 20 Posts
    There are a number of ways. Most obvious would be to just view the source of the page and or download the js file. There is a fairly secure javascript log in script in the post a javascript section of this forum.

    Basscyst
    Helping to build a bigger box. - Adam Matthews

  • #7
    Senior Coder
    Join Date
    Feb 2004
    Location
    Edinburgh
    Posts
    1,352
    Thanks
    0
    Thanked 0 Times in 0 Posts
    firstly, creating a site which relies on JS is plain wrong. secondly, attempting to hide the URL from users is stupid, since (a) it cannot be done, (b) even if it could be done, it would be highly immoral to screw with people's browsers simply because you were either incapable of creating a secure server-based login or just didn't know how to go about it. regardless of all this, you're wasting/have wasted your time with this already and would be better learning how to do this properly on the server. i know i sound harsh, but take it from me JS was not meant to do what your hacking it to death for.
    *keep it simple (TM)

  • #8
    Senior Coder
    Join Date
    Apr 2005
    Posts
    1,051
    Thanks
    0
    Thanked 0 Times in 0 Posts
    ok, well aside from using JS for site login (and only JS) what I would do is put the entire site in a frameset. then only load the bottom frame. This will not reflect in the parent, thus the url never changes.
    public string ConjunctionJunction(string words, string phrases, string clauses)
    {
    return (String)(words + phrases + clauses);
    }
    <--- Was I Helpfull? Let me know ---<

  • #9
    Regular Coder
    Join Date
    May 2005
    Posts
    220
    Thanks
    1
    Thanked 2 Times in 2 Posts
    rlemon,

    Good thinking, but I have already beat you to that. I do have my site in a frame, thus the parent site will not change and/or display the url. BUT if you look on the bottom of your browser it will say what page is being loaded which gives it away. If I can somehow hide that, I see no other way to get around the login.

    Anyway to do that?

  • #10
    New to the CF scene
    Join Date
    Jun 2005
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    even if you hid that it was loading, they could just right click and get the page info, like everyone is saying here, use a server side scripting language,
    like php.

  • #11
    Regular Coder
    Join Date
    May 2005
    Posts
    220
    Thanks
    1
    Thanked 2 Times in 2 Posts
    I have taken care of the information when you view source. It can not be seen. That is not the problem. The problem is...

    Can you hide the "opening page" at the bottom of the screen when you visit a web site.

  • #12
    Senior Coder
    Join Date
    Apr 2005
    Posts
    1,051
    Thanks
    0
    Thanked 0 Times in 0 Posts
    umm, the status bar is

    in JS

    window.status = "text";
    public string ConjunctionJunction(string words, string phrases, string clauses)
    {
    return (String)(words + phrases + clauses);
    }
    <--- Was I Helpfull? Let me know ---<

  • #13
    Senior Coder
    Join Date
    Apr 2005
    Posts
    1,051
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Vapor
    I have taken care of the information when you view source. It can not be seen. That is not the problem. The problem is...

    Can you hide the "opening page" at the bottom of the screen when you visit a web site.
    and he means page info not source.

    right click and 'view page info' (mozilla)
    or
    right click and 'properties' in IE and you can see the frame src.

    I agree 100% with the other users who posted, you should be using a server side language like asp or php for this.
    public string ConjunctionJunction(string words, string phrases, string clauses)
    {
    return (String)(words + phrases + clauses);
    }
    <--- Was I Helpfull? Let me know ---<

  • #14
    Regular Coder
    Join Date
    May 2005
    Posts
    220
    Thanks
    1
    Thanked 2 Times in 2 Posts
    I agree with all of you as well. Sever-side is absolutaly 110% the way to go in order to create a secure javascript login and all that jazz.
    But
    I am not creating a serverside login, I am creating a client-side login.

    Thanks for the help on the js though.

  • #15
    Regular Coder
    Join Date
    May 2005
    Posts
    220
    Thanks
    1
    Thanked 2 Times in 2 Posts
    Alright new question.

    How do I make it so that when I rest my cursor over a link, it does not display what page it is going to open?


  •  
    Page 1 of 2 12 LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •