PDA

View Full Version : How do I embed one JavaScript in another...



M-Unit
Sep 19th, 2007, 05:49 PM
Hello,
I'm attempting to achieve two things but my JavaScript knowledge is in it's infancy, so I'm learning by scavenging and disassembling - in other words, I'm clueless.

I want to password protect a web page. It's not big time security I need, so this little chunk of script is fine...


<script type="text/javascript" language="javascript">

var getin = prompt("What is the password?","")
if (getin=="peppermint")
{
alert('Welcome...')
location.href='blah.html'
}
else
{
if (getin=="null")
{location.href='nope2.,html'}
else
if (getin!="peppermint")
{location.href='nope.html'}
}
</script>

This works absolutely fine.

But, I want to use it on a Google API mapping page and Google also wants to run a script...


<script src="http://maps.google.com/maps?file=api&amp;v=2&amp;key=a_lot_of_numbers" type="text/javascript"></script>
(This also works fine on it's own...)

When I tried to combine the two scripts, as they appear here; separated by </SCRIPT><SCRIPT> and both within the <HEADER>, I end up caught in a password loop.

Any help gratefully received!

Tim

Fang
Sep 19th, 2007, 06:10 PM
<script src="http://maps.google.com/maps?file=api&amp;v=2&amp;key=a_lot_of_numbers" type="text/javascript"></script>
<script type="text/javascript">
window.onload=function() {
var getin = prompt("What is the password?","")
if (getin=="peppermint")
{
alert('Welcome...')
location.href='blah.html'
}
else
{
if (getin=="null")
{location.href='nope2.,html'}
else
if (getin!="peppermint")
{location.href='nope.html'}
}
};
</script>

Fumigator
Sep 19th, 2007, 06:16 PM
You may as well not bother with that password script. It's probably worse that you have it there because it gives you a false sense of security and you might put sensitive info behind it.

Try HTTP authentication instead.

M-Unit
Sep 19th, 2007, 07:03 PM
Thanks Fang, that has to be one of the fastest forum replies I've ever had; but...

A couple of things are going wrong...
1) This way round the page loads completely and the map partially, before the password script runs.
2) There's still a password loop going on...Could this be caused by the
<body onunload="GUnload()">
instruction???

Fumigator - I know - this is security-lite; I do have HTTP authentication in place for anything more sensitive.

Thanks again...

Fang
Sep 19th, 2007, 07:11 PM
Yes, remove the body onload to the function:
window.onload=function() {
GUnload();
var getin = prompt("What is the password?","")
.
.
.
{;

M-Unit
Sep 19th, 2007, 07:57 PM
Yes, remove the body onload to the function:

Okay, done it, but not much of an improvement - the map loads after password ok alert, then about fifteen seconds later (+/-) the map unloads and I'm asked for the password again.

I've just removed the next two scripts running within the body; one is a form, the other displays the info resulting from the form input - and there is no change, so it looks like the problem is in here still...


<script src="http://maps.google.com/maps?file=api&amp;v=2&amp;key=lots_of_numbers" type="text/javascript"></script>

<script type="text/javascript">
window.onload=function() {
GUnload();
var getin = prompt("What is the password?","")
if (getin=="peppermint")
{
alert('Welcome...')
location.href='blah.html'
}
else
{
if (getin=="null")
{location.href='nope2.,html'}
else
if (getin!="peppermint")
{location.href='nope.html'}
}
};
</script>
</head>

Fang
Sep 19th, 2007, 08:13 PM
The GUnload(); should fire onunload, not onload.

M-Unit
Sep 19th, 2007, 08:33 PM
Sorry, you've just lost me!!!

You're not saying that

window.onload=function() {
should be

window.onunload=function() {

Fang
Sep 19th, 2007, 08:38 PM
No, GUnload is called onunload (http://www.google.com/apis/maps/documentation/#Memory_Leaks)

felgall
Sep 19th, 2007, 09:43 PM
For effective password protection using JavaScript you need to have the entire page content encrypted (not just obfuscated) where the password is required to decrypt the content. I have only ever seen one script that does this. The original script was 22k but I have a compressed version of the script that is only 6k at http://javascript.about.com/library/blencrypt.htm - note that this is just the decryption script, you would also add to that the JavaScript containing the encrypted version of your page content which would first need to be encrypted using the same script.

M-Unit
Sep 20th, 2007, 01:45 AM
No, GUnload is called onunload (http://www.google.com/apis/maps/documentation/#Memory_Leaks)

Sorry, but I'm just not getting it.
I have the GUnload called as <body onunload="GUnload()"> as I said earlier. I understand the memory leak issue.

But, I have the script inserted as per your instructions - as printed earlier - and I have no idea what you think I'm actually doing wrong.

M-U

Fang
Sep 20th, 2007, 08:18 AM
My mistake, you are calling GUnload correctly.

How and when is the Googlemap load() being called?

M-Unit
Sep 21st, 2007, 01:41 AM
// GUnload(); remove this

Did you try this?
I've just run it in two browsers and GUnload has no effect, at all, there or NOT! The page still loads, then asks for the password, then unloads 15 seconds later and asks for the password again.

And the real problem (apart from the fact that it's not working) is that the whole page has loaded before the password is requested.

I'm about ready to give up on this combo approach - many thanks for your suggestions and persistence.

Fang
Sep 21st, 2007, 09:37 AM
And the real problem (apart from the fact that it's not working) is that the whole page has loaded before the password is requested.
Should have written this earlier.

Just have the password script on the page, which redirects to the page containing the Googlemap.

M-Unit
Sep 22nd, 2007, 12:57 AM
Should have written this earlier.

BTW, I did! Check out the third posting...