Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 2 of 8 FirstFirst 1234 ... LastLast
Results 16 to 30 of 115
  1. #16
    Registered User
    Join Date
    Jan 2003
    Location
    CT
    Posts
    91
    Thanks
    0
    Thanked 0 Times in 0 Posts
    i tried that. it just tells me "unable to find server" when i do it.

  2. #17
    New Coder
    Join Date
    Jan 2003
    Location
    Belgium
    Posts
    34
    Thanks
    0
    Thanked 0 Times in 0 Posts
    is it possible u gave the incorrect or incomplete url he has to get by submitting the login info?
    "Hell, there are no rules here-- we're trying to accomplish something."
    Thomas A. Edison (1847 - 1931)

    "Any fool can make a rule, and any fool will mind it."
    Henry David Thoreau (1817 - 1862)

  3. #18
    Senior Coder
    Join Date
    Jun 2002
    Location
    41 8' 52" N -95 53' 31" W
    Posts
    3,660
    Thanks
    0
    Thanked 0 Times in 0 Posts
    BTW, I meant to comment on this before, but this is a pretty ingenious solution to client-side password protection.
    Former ASP Forum Moderator - I'm back!

    If you can teach yourself how to learn, you can learn anything. ;)

  4. #19
    New Coder
    Join Date
    Nov 2002
    Posts
    21
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Simple, clear your cache before you try to break your site. And then after you "cant" get through you browse your temp internet folders. Nothing in javascript is secure, nothing.
    » ð, Ŵħąŧ¿ Ýőų łįķę¿

  5. #20
    Senior Coder
    Join Date
    Jun 2002
    Location
    41 8' 52" N -95 53' 31" W
    Posts
    3,660
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Apparently, tempest1, you didn't see how the scripts works... if the correct username and password isn't typed in, there's no javascript library to include - therefore, there is nothing in your cache to reveal a username and/or password.

    You can look at the html all you want.

    About as simple and secure as you can get with client-side scripting.
    Former ASP Forum Moderator - I'm back!

    If you can teach yourself how to learn, you can learn anything. ;)

  6. #21
    New Coder
    Join Date
    Nov 2002
    Posts
    21
    Thanks
    0
    Thanked 0 Times in 0 Posts
    if its client side its cached.
    » ð, Ŵħąŧ¿ Ýőų łįķę¿

  7. #22
    Regular Coder
    Join Date
    Aug 2002
    Location
    Spain
    Posts
    420
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Person A wants to access page X and knows the password: the .js is called and cached in his computer, ok

    Person B wants to access the same page X but it doesn't knows the password: The .js is never requested and consequently not cached in his computer

    if person B looks at person A computer, he can discover the password or at least page X name

    so the limitation of the script is that it's not very secure (like all client-side solutions) in a network or a public environment, where more than a person can access the same computer.

    But as a individual user, it doesn't seems very probable that person A allows person B to use his computer to steal the code

    Don't resist to assimilation. Billions of Borgs can't be wrong!

  8. #23
    Senior Coder
    Join Date
    Jun 2002
    Location
    41 8' 52" N -95 53' 31" W
    Posts
    3,660
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Borgtex, I have modified the script to make it XHTML 1.1 compliant, and instead of using the "BadPassword.htm" page, if not authorized, the user is sent back to the login page with an "Authorization Failed!" message.

    With your permission (and credits intact, of course - actually I wouldn't mind if you supplied some better credits!), I would like to post the script on my site, as well.

    Here it is.
    Former ASP Forum Moderator - I'm back!

    If you can teach yourself how to learn, you can learn anything. ;)

  9. #24
    Regular Coder
    Join Date
    Aug 2002
    Location
    Spain
    Posts
    420
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Originally posted by whammy
    Borgtex, I have modified the script to make it XHTML 1.1 compliant, and instead of using the "BadPassword.htm" page, if not authorized, the user is sent back to the login page with an "Authorization Failed!" message.

    With your permission (and credits intact, of course - actually I wouldn't mind if you supplied some better credits!), I would like to post the script on my site, as well.

    Here it is.

    Nice! and of course you can post it in your site.
    I'll PM you the credits
    Don't resist to assimilation. Billions of Borgs can't be wrong!

  10. #25
    Senior Coder
    Join Date
    Jun 2002
    Location
    41 8' 52" N -95 53' 31" W
    Posts
    3,660
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Former ASP Forum Moderator - I'm back!

    If you can teach yourself how to learn, you can learn anything. ;)

  11. #26
    Senior Coder
    Join Date
    Jun 2002
    Location
    41 8' 52" N -95 53' 31" W
    Posts
    3,660
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Borgtex, you have the honor of being the first person besides me to have a script posted on my website!

    http://www.solidscripts.com/displayscript.asp?sid=15

    Last edited by whammy; 02-15-2003 at 11:46 PM.
    Former ASP Forum Moderator - I'm back!

    If you can teach yourself how to learn, you can learn anything. ;)

  12. #27
    Regular Coder
    Join Date
    Dec 2002
    Posts
    169
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Arrow I have had a JavaScript password scheme for years...

    On my resume page, I have had the same password scheme in use for four years.

    Basically, whatever the user types in is taken as the pathless/extensionless filename of an image. If the user-named image loads successfully, then the browser is forwarded to a web page of the same name.
    Code:
    <script language=javascript>
    function imgError() 
    { alert('Sorry, that is not correct.'); 
      document.enter.password.value='';
    }
    function imgLoad() { window.location=this.password+'.html'; }
    function tryit() 
    { var I = new Image(1,1) 
    I.onerror=imgError;
    I.onload= imgLoad;
    I.password=document.enter.password.value;
    I.src='images/'+I.password+'.gif';
    }
    </script>
    <form name=enter><input type=password name=password><input type=submit value=login></form>
    Basically, if you don't know the password, this script doesn't know what page to display!

  13. #28
    Regular Coder
    Join Date
    Nov 2002
    Location
    Carmel California
    Posts
    471
    Thanks
    0
    Thanked 1 Time in 1 Post
    one problem with this script, is that if someone uses this on a computer, anybody can than go onto that computer and look at the history and go to the personal page, wich, if the password was what that person always uses, would let the unwanted know there password. and you could also look at index.dat if the history was simply deleated.
    Kris Hubby
    kwhubby site

  14. #29
    Senior Coder
    Join Date
    Jun 2002
    Location
    41 8' 52" N -95 53' 31" W
    Posts
    3,660
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Well, it's a client-side script. Of course that's a drawback. If you're trying to say it's better to use server-side scripting for logins, of course you're right.



    But like I said, this is the best client-side script I've seen. ca_redwards' script uses the same idea, but it's not as easily modified by newbies, and it also uses the image name as the "redirect" file name, instead of allowing you to modify the URL as Borgtex's script does (which also allows for multiple users very easily)... so Borgtex's script wins handily by it's simplicity and "security" (what there can be in client-side scripting), in my opinion.
    Former ASP Forum Moderator - I'm back!

    If you can teach yourself how to learn, you can learn anything. ;)

  15. #30
    New Coder
    Join Date
    Feb 2003
    Location
    dudley west mids uk
    Posts
    90
    Thanks
    0
    Thanked 0 Times in 0 Posts
    when i enter my username and pass word and click login, the page next page when loading displays http://myweb.tiscali.co.uk/streetracer/chkpwd undefined password. then it wont load the page and a cannot find server error comes up
    whats that about and how do i fix it, joe
    HASAAKI v.2.0 now up come and visit us at http://www.online-addicts.com/~joehall


 
Page 2 of 8 FirstFirst 1234 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •