Here is my "total secure login" script. Description of the contents:
login.htm: First page. It asks login and password, combines it (Login+Password) and sends it to the next page
auth.htm: checks for the existence of a Login+Password.js if yes (authorized user), it reads the private url and opens it, if not, it goes back to the first page, wich shows an error message
CodingForums.js: a Login+Password.js sample. You can have as many users as you want; one .js for every one (i.e. Login: Neo, Pwd: Matrix =NeoMatrix.js). Blocking an user access is as easy as deleting his .js file
page.htm:a sample destination page
PasswordHelper.vbs: a nice script that creates the js files
Of course, server side programming is much better if you have sensitive data to protect
Edited: Due the popularity of this script, I updated the original version with the one with whammy improvements, like the Password Helper
__________________
Don't resist to assimilation. Billions of Borgs can't be wrong!
i've been looking for a good password-gate-like thing for a loooooong time. this is awesome! i was about ready to post that i was having trouble, before i found out what to do. here's how i got it to work...
1) unzipped the files
2) uploaded ALL of them to my site
3) created a new "CoddingForums.js" page and renamed "CoddingForums"
4) in renamed "CoddingForums" page, paste all info from the text in the "CoddingForums.js" into the new, renamed page
5) thank borgtex for the awesome script
also, you've got to make sure the file name is "{Name}{Password}.js" no {}'s, no spaces, first letter of name and password is capitalized (or so i think. but i'm afraid to test). it works fine for me, doing the method above.
hmmm... let's use My Yahoo! for example. does Yahoo! have a drop-down menu listing ALL of their members' usernames? wasnt like that the last time I checked... so i think it would just be more appropriate (in any case) for it to just be a type-in thing. because in my case, i use that script so it's harder for someone to access a certain page. giving them half of the entry information needed to access the page doesnt really help.
but you can do what you want with the script, but i have such little knowledge of javascript that i can't help you. but hey, i know the comment tag: // yay!
Just change the textbox for a dropdown menu, and access the value of the selectedIndex.
If you're not familiar with dropdowns & javascript, post your question in the JavaScript programming forum
__________________
Don't resist to assimilation. Billions of Borgs can't be wrong!
Just a warning: like SYP}{ER said, it is impossible to have a secure system using JavaScript alone.
A good system would be on the server side, or use .htaccess, or both.
But all the same, well done Borgtex for providing something that people want
Merry Christmas Everyone!
::] krycek [::
__________________ ithium | SOAPI | SDP | PTPScript manual "ithium is a non-profit webhost, which is pretty much unique. The mission of ithium is to provide free hosting resources for worthwhile and needy non-profit projects, which otherwise may not be able to obtain such facilities. The money from commercial customers goes to maintain ithium's servers and further development."
Hm, sounds interesting. You have to download the authentication file from the server, or you're going nowhere. In this case, knowing JavaScript may not help very much -- because the password helps define the name of the script to request by HTTP.
Creating a dropdown menu is a security risk: it gives a person who wants in but isn't authorized a much narrower field of possible filenames to search.
Plus, there's always the possibility that a different combination of characters will yield a valid result (taking a letter off the password and sticking it on the username, for instance).
__________________
"The first step to confirming there is a bug in someone else's work is confirming there are no bugs in your own."
June 30, 2001
author, Verbosio prototype XML Editor
author, JavaScript Developer's Dictionary https://alexvincent.us/blog
Before you post, read our: 
