BigBen_DK Posted November 30, 2015 Share Posted November 30, 2015 Hi. I maintain a homepage for a fond, and have a question. Hope someone can help me. :-) I have added a link on one of the pages to open a new site - no problem. But only those with a password should be able to open the page. Therefore i have made this HTML in the body: <form action="vedtaegt.html" method="post" autocomplete="off"> <input type="password" name="test" required="required" maxlength="15"></form> If i choose not to write any password i can´t access the page vedtaegt.html - as it should be. But if i enter any text, i can access the page, witch only should be the password "test". What am i doing wrong? Thank you for your help. :-) Link to comment Share on other sites More sharing options...
dsonesuk Posted November 30, 2015 Share Posted November 30, 2015 If a server-side scripting language is not used to process the password value sent using post it won't do anything but take you to the page used in action, using javscript would be piontless for javascript can be read by user to retrieve password required to access page. Link to comment Share on other sites More sharing options...
BigBen_DK Posted November 30, 2015 Author Share Posted November 30, 2015 Thank you. What should i do then? :-) Password and javascript isnt my strongest side. Link to comment Share on other sites More sharing options...
dsonesuk Posted November 30, 2015 Share Posted November 30, 2015 Learn server-side script language such as php, if user have individual passwords, you will have to store password to user in database, compare with what user name and password before sending to specific page. If the page it will go to, is owned accessible by you, the server-side script used on that site must be the server-side language learned to process/validate form data before allowing access. Link to comment Share on other sites More sharing options...
BigBen_DK Posted November 30, 2015 Author Share Posted November 30, 2015 Hum. Thank you. I can see im way out of my league. Think ill just drop it. But thank you. :-) Link to comment Share on other sites More sharing options...
thescientist Posted November 30, 2015 Share Posted November 30, 2015 Why not just share the file via something like Google Drive or Dropbox? 1 Link to comment Share on other sites More sharing options...
typomaniac Posted December 4, 2015 Share Posted December 4, 2015 Seriously, you should give thought to learning a server-side language. Don't be intimidated by it. It might seem a bit uncomfortable at first but once concept starts to fall in place the rest is history. Don't expect to understand everything overnight because it probably won't happen. Don't be afraid to ask questions--the dumbest question is the one that isn't asked and besides, that's what places like this are for. If it weren't for forums I'd be lost. PHP would probably be the easiest for openers and believe me, alot can/has been done with php. Link to comment Share on other sites More sharing options...
Rebecca Posted December 5, 2015 Share Posted December 5, 2015 IF you do not know any server side language like PHP, then do not worry, you can validate this password in Javascript too. Link to comment Share on other sites More sharing options...
dsonesuk Posted December 5, 2015 Share Posted December 5, 2015 IF you do not know any server side language like PHP, then do not worry, you can validate this password in Javascript too. NO! not a good idea as you might as well NOT have a password using JavaScript, its insecure, and relies on JavaScript being enabled. Link to comment Share on other sites More sharing options...
davej Posted December 5, 2015 Share Posted December 5, 2015 I have added a link on one of the pages to open a new site - no problem. But only those with a password should be able to open the page. How do they get this password? If you only need a simple protection scheme where only a few passwords are used (which perhaps you e-mail to users) the code could be a simple Php wrapper. Link to comment Share on other sites More sharing options...
Ingolme Posted December 5, 2015 Share Posted December 5, 2015 The simplest password protection scheme is just an if() statement. It's effective, but not flexible. <?php $username = 'Person'; $password = 'Password'; if(isset($_POST) && $_POST['username'] == $username && $_POST['password'] == $password) { ?> Protected content goes here <?php } else { ?> <form method="POST"> <fieldset> <legend>Please log in to view content</legend> <label>Username: <input type="text" name="username"></label> <label>Password: <input type="password" name="password"></label> <input type="submit" value="Log In"> </fieldset> </form> <?php } ?> If you use Javascript for password protection I will personally break into your site. Javascript is 100% ineffective at password protection and what's worse, if you have one of your own passwords as the login, the person breaking in now also knows your password and if you use that password on other sites you're going to get hacked. Link to comment Share on other sites More sharing options...
davej Posted December 5, 2015 Share Posted December 5, 2015 If this is a website with several pages or pages that need to reload... <?php session_start(); $u1 = 'ernie';$p1 = '123'; $u2 = 'bert';$p2 = '321'; $u3 = 'grouch';$p3 = '111'; if (!isset($_SESSION["loggedin"])) { if (isset($_POST["username"]) && isset($_POST["password"])) { $usr = $_POST["username"]; $pwd = $_POST["password"]; if (($usr == $u1 && $pwd == $p1)||($usr == $u2 && $pwd == $p2)||($usr == $u3 && $pwd == $p3)) { $_SESSION["loggedin"] = time(); }else{ $msg = "<h3>Login attempt failed.</h3>"; } } } if (!isset($_SESSION["loggedin"])) { ?> <!DOCTYPE html> <html> <head><title>LOGIN</title></head> <body> <?php echo $msg; ?> <h1>LOGIN</h1> <form method="POST"> Username:<br/> <input type="username" name="username"/><br/><br/> Password:<br/> <input type="password" name="password"/><br/><br/> <input type="submit" value="Submit"/> </form> </body> </html> <?php }else{ ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>my web page</title> <style> h1{color:red;} </style> </head> <body> <h1>This is the protected content</h1> </body> </html> <?php } ?> Link to comment Share on other sites More sharing options...
dsonesuk Posted December 6, 2015 Share Posted December 6, 2015 Small point, opening body tag, and there's more, required title element. Link to comment Share on other sites More sharing options...
davej Posted December 6, 2015 Share Posted December 6, 2015 Oops.... fixed now.... Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now