I am trying to put a java script on my website for user name and password to access my website.

Say for instance my website is www.aol.com, and when they go to that site they enter a user name and password, and then if correct, it will go to www.aol.com/page2. What would stop them from just typing in the address www.aol.com/page2 instead and bypassing the username and password screen?

Any suggestions?

Thanks,

Sean

Originally posted by seanrigby
What would stop them from just typing in the address www.aol.com/page2 instead and bypassing the username and password screen?With JavaScript? Nothing would keep them out. You need some sort of server side language, such as PHP or Perl/CGI to make a secure password.

Originally posted by pyro
With JavaScript? Nothing would keep them out. You need some sort of server side language, such as PHP or Perl/CGI to make a secure password. That is something I never heard of. How do I go about doing that?

If you've never heard of it, then I'd recommend using a pre-made script. Loads of scripts can be found at http://php.resourceindex.com/Complete_Scripts/User_Management/Password_Protection/ and http://cgi.resourceindex.com/Programs_and_Scripts/Perl/Password_Protection/ If you use PHP, make sure your server supports PHP...

so if you use PHP script, then it will automatically stop someone from bypassing the user name and password?

Well, no. In the PHP, you will need to use a session or a cookie, to check if the user is logged in. Basically how it works is if the script detects the cookie, it knows that the user is logged in, if it doesn't it knows that they are not. Does that make sense?

yes, cookies makes sense. Is it automatically in the script to check for cookies, or do some PHP scripts not check that?

Also when I went to one of those two sites you gave me, it says PHP 4 is required, or PHP 3/4 is required, and so on. Is that the program I need in order to use this script?

Thanks so much for your help.

Originally posted by seanrigby
Is it automatically in the script to check for cookies, or do some PHP scripts not check that?It all depends on how the script was written. I should think that all scripts would use some method of keeping you logged in while you browser around...

Originally posted by seanrigby
Also when I went to one of those two sites you gave me, it says PHP 4 is required, or PHP 3/4 is required, and so on. Is that the program I need in order to use this script?You don't need anything except a text editor to write PHP. Your server, however, needs the PHP interpreter, which is what the PHP 3/4 is referring to. If your not sure if your server supports PHP, make a file named test.php with this in it.

<?PHP
echo ("I have PHP");
?>Then, run the file and see what you get.

I am not on a perm. website so I am just using a free one for test driving it until I am complete with my website, then I'll transfer it to the one I will use all the time. But the website I tried it on only puts this on the site when I preview it....

PHP:--------------------------------------------------------------------------------

so I am assuming this one does not support PHP. But I will play around with it and see what i can figure out. Not sure what the script would look like when it verifies the user has cookies or not. But I am sure I'll eventually figure it out.

I'll let you know what I find out.

Thanks so much,

Sean

The script I gave you isn't going to verify if the user has a cookie set...It is simply going to print I have PHP to the page if your server has PHP enabled. Also, before you try it, make sure your page has a .php extention.

Cheers. :)

Hey, I found a java script to check for cookies.

<HTML>
<HEAD>
<META NAME="GENERATOR" Content="Microsoft Visual Studio 6.0">
<TITLE></TITLE>
<SCRIPT LANGUAGE=javascript>
<!--
Cenable = navigator.cookieEnabled

if(Cenable){
alert("Cookies Enabled")
}
else{
alert("Cookies Not Enabled")
}
//-->
</SCRIPT>

</HEAD>
<BODY>

<P>&nbsp;</P>

</BODY>
</HTML>


what if I put this on the top of each script. will it do the job for me what I originally asked for?

Thanks

No, you still need PHP. All that checking for cookies helps with is to make it so users don't need to login to veiw each page.

Also, all the code that you posted does is checkes if uses have cookies enabled in there browser, it doesn't check to see if a specific cookie has been set.

darn. was hoping to make things easier on me, since I am sort of aware with java and none with PCP.

Thanks for your help.