I have been able to use, in my application, the basic scheme of the various password scripts posted on this site that use filename as the password and I like that approach. Unfortunately, the ones I like use pop-ups and if the user's browser has pop-ups blocked, then my app no longer is functional.

The scripts that use normal Java Message boxes are OK but I forgo any possibility of customizing the "dialog" boxes by provide more detailed page elements.

My dream script is some code I can adapt that:
1. The start is a page that has a sliced graphic and on a rollover event for one of the slices, the script is invoked.
2. The script opens a new page in the same browser window (no pop-up) and accepts a password from an input box field of a form upon the event of clicking a SUBMIT button on the form. (for demo purposes a page with the an input field and a button is fine - I can add the other page elements as needed.)
3. The script would take the entered password and open the protected page in the same browser window using the password + ".html" technique.
4. If a password is entered that does not have a matching file (bad entry condition) then the script opens an alternative page in the same browser window.

The scheme would involve 4 pages.
1. The START page that has the sliced graphic and the sript to direct teh user to teh password page.
2. The PASSWORD Page
3. The PROTECTED Page
4. The ALTERNATIVE Page for bad entry.

Thanks in advance for the help!

This seems like an awful lot of work for an insecure script that will fail for the 13% or so of web users who have Javascript disabled. You would be much better off with a server-side login script.

If not, here's some JS to get you started:

<img src="slicedgraphic.gif" onmouseover="window.location = 'login.html'"> (move to new page on mouse over image)

<button onclick="window.location = document.formname.inputboxname.value + '.html';">Login</button> (button to go to page name based on the value of an input element)

Step 4 needs to be configured on your server, via ErrorDocument (http://httpd.apache.org/docs-2.0/mod/core.html#errordocument) on Apache or the equivalent for your server.

Adam

adamgundry is right, since 13% is a lot once you consider jist how many people there are on the web....

Thanks to those that have posted. I understand your cautions. This script is employed as part of a puzzle and the site is not sensitive,

Part of the reason for the puzzle is to get folks to stimulate their brain. If they can get to the answer by "hacking", I consider taht part of the puzzle if they want to go that route. If they have java scipt disabled , then they just have another puzzle element to figure out.

Again, thanks for the links and suggestions and I will reply after "playing."

if you still want one go to here

http://www.codingforums.com/showthread.php?s=&threadid=10114

it was created a while ago... but, it is a very effective script.... i use it myself.

enjoy!

That's a pretty good script - one of the best JS client-side protection scripts I've seen. I still think server-side is best in general, but in this case JS may be a viable option.

Good luck!

Adam

Concerning the method, provided by ryan:

http://www.codingforums.com/showthr...&threadid=10114

Before I can start to unravel how to use it, I need to straighten out some type of error on Unzipping. I get 4 files as described in the the referenced forum but.......

The file named chkpwd.htm opens identical to the file labeled BadPassword.htm

I do mean identical....not only is the content identical but when selecting it I get that the file name is identical in the header bar even though the filename are different. In my browser window, I see teh location of the file listed with the address of the Badpassword File. The result is that I can't get to the code in the the file named chkpwd.htm

And yes I have DL again and again with same result.

I'm sure I will have some questions on actaul implementation but I 1st have to get my hands o teh subject file before proceeding.

any tips? Or can someone send me the group of files a different way so I can get on with teh hard part. =)

thanks!

your best off asking the author of the script the questions... he will be able to answer them more fully as he created the scripts....

I don't know what's up with your system - I downloaded and unzipped them fine. I've mirrored them on my site, so you can download them individually:

http://www.agbs.co.uk/dev/login_script/LoginPage.htm
http://www.agbs.co.uk/dev/login_script/BadPassword.htm
http://www.agbs.co.uk/dev/login_script/chkpwd.htm
http://www.agbs.co.uk/dev/login_script/CoddingForums.js

Adam

Thank you adam for mirrowing the files but..

I get the identical same problem.

when I click on your link called
http://www.agbs.co.uk/dev/login_script/chkpwd.htm

I get this page and this address in my browser window

http://www.agbs.co.uk/dev/login_script/BadPassword.htm

arghhhh! I am going to reboot and let you know what happens.

Thanks for hanging in here with me!!

additional info on chkpwd.htm file.

I guess the file is interactive and is functioning. If I watch the browser window, I see that it actually does open the correct file and then immediately goes to the bad page file which is probably how the script is designed. But this keeps me from being able to examine the file and gettting the code from that page.

Help , please. Maybe jsut copy and paste the code tha is that file so I can grab it.

Thank You!

I opened the files in Dreamweaver and am able to get the code that way instead of trying to get source from the browser.

Now I just have to figure out how to use it and I'm sure I'll have some questions.

Thank you!

I finally figured out the implementation method for this script.

1. You can't get the code by loading the pages into a browser and then using the browser to view the source as the page chkpwd.htm will "fail" and the code will send the browser to Badpassword.htm. So you have to load the files if you want to manipulate them into an editor or a program like Dreamweaver.

2. The problem I had was figuring out how to use the file CoddingForums.js.

a.) Name the page you wish to protect anything you like and place it anywhere you like.

b.) Make a copy of the file CoddingForums.js and change the name to UserPassword.js. User will be the word required in the field Login and Password would be the word required in the field Password in the file LoginPage.htm. Of course, you can make this be any 2 words.


c.) Open your new file UserPassword.js and look at the 2nd line of code. It will read:
userurl='http://www.codingforums.com/'

d.) change this line to read:
userurl='http://www.addressofyour protected page/'

3. If you wish to change the names of the other files, be sure to change all the references in the code as well.

I hope this explanation helps others use this nice script!

hi,

i'm glag you got the script(s) to work ok....

Ok I downloaded the file and changed the .js file to my username and password and got it working on my computer, but when I tryed to access it on the net it kept on sending me to the badpassword.htm when i type in my username and password. Can any one help please.