Jump to content

Safe javascript login?

lifeseries

By lifeseries
in JavaScript

 Share

Recommended Posts

lifeseries Newbie

lifeseries

Posted
Posted

hi, i'm a newbie here, can somebody help me with this question?i'm doing a javascript that is for login purpose, but the password can be seen in the browser>view coding. Can you guys help me?is there any way to prevent the password to be seen?thank guys...

Link to comment
Share on other sites
lifeseries Newbie

lifeseries

Posted
  • Author
Posted (edited)

thank for the help, i have 1 coding that will encrypt the password which mean that when user view the source code, they will the the encrypted password and not the original.

<html>	<head>  <meta http-equiv="content-type" content="text/html;charset=iso-8859-1">  <meta name="generator" content="Adobe GoLive">  <title>Untitled Page</title>  <csactions>  	<csaction name="C05064EC0" class="Password Plus" type="onevent" val0="42732" val1="Please Proceed"></csaction>  </csactions>  <csscriptdict>  	<script type="text/javascript"><!--function CSClickReturn () {	var bAgent = window.navigator.userAgent; 	var bAppName = window.navigator.appName;	if ((bAppName.indexOf("Explorer") >= 0) && (bAgent.indexOf("Mozilla/3") >= 0) && (bAgent.indexOf("Mac") >= 0))  return true; /* dont follow link */	else return false; /* dont follow link */}CSStopExecution=false;function CSAction(array) {return CSAction2(CSAct, array);}function CSAction2(fct, array) { 	var result;	for (var i=0;i<array.length;i++) {  if(CSStopExecution) return false;   var aa = fct[array[i]];  if (aa == null) return false;  var ta = new Array;  for(var j=1;j<aa.length;j++) {  	if((aa[j]!=null)&&(typeof(aa[j])=="object")&&(aa[j].length==2)){    if(aa[j][0]=="VAR"){ta[j]=CSStateArray[aa[j][1]];}    else{if(aa[j][0]=="ACT"){ta[j]=CSAction(new Array(new String(aa[j][1])));}    else ta[j]=aa[j];}  	} else ta[j]=aa[j];  }  	  result=aa[0](ta);	}	return result;}CSAct = new Object;var actn1 = "";var actn2 = "";var pass=""var z=23;var y=28;iCounter = 3;if (Array) {	var f= new Array();	var K= new Array();	var base= new Array("0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z","a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z")} function inc(){iCounter--if (iCounter > 0)	{	if (confirm("\nPassword is incorrect.\n\n\n\nRetry?"))  Check()	} 	else  alert('Access Denied');} function Check(){pass = prompt("Enter your password.","")if(pass==null || pass==""){	alert("You did not enter a password!");	if(pass==""){  Check()	} } else{	var lpass=(pass.length)+1	for (l=1; l<lpass; l++){  K[l]=pass.charAt(l)	} 	var transmit=0;	for (y=1; y<lpass; y++){  for(x=0; x<62; x++){  	if (K[y]==base[x]){    transmit+=f[x]    transmit*=y  	}   } 	} 	if (transmit==parseInt(actn1))    go()	else  inc()} } function go(){alert(actn2);location.href=pass+".html";} function PVpassword(action) { if (Array) { 	actn1 = action[1];	actn2 = action[2];	z=23;	y=28;	for (x=0; x<10; x++){  f[x]=x<<9  f[x]+=23	} 	for (x=10; x<36; x++){  y=y<<1  v= Math.sqrt(y)  v = parseInt(v,16)  v+=5  f[x]=v  y++	} 	for (x=36; x<62; x++){  z=z<<1  v= Math.sqrt(z)  v = parseInt(v,16)  v+=74  f[x]=v  z++	} 	iCounter = 3;	Check();} }// --></script>  </csscriptdict>  <csactiondict>  	<script type="text/javascript"><!--CSAct[/*CMP*/ 'C05064EC0'] = new Array(PVpassword,'42732','Please Proceed');// --></script>  </csactiondict>	</head>	<body bgcolor="#ffffff">  <p><a onclick="CSAction(new Array(/*CMP*/'C05064EC0'));return CSClickReturn()" href="nextpage.html" csclick="C05064EC0">Please click to enter your password</a></p>	</body></html>

Edited by Jonas
Link to comment
Share on other sites
scott100 Dedicated Member

scott100

Posted
Posted
hi, i'm a newbie here, can somebody help me with this question?i'm doing a javascript that is for login purpose, but the password can be seen in the browser>view coding. Can you guys help me?is there any way to prevent the password to be seen?thank guys...

With javascript - no. It's client side and therefore the client can see it.You could try encrypting and setting up various wild goose chases but you could never guarantee that they are secure. Some brainiac would eventually figure it out. :)
Link to comment
Share on other sites
lifeseries Newbie

lifeseries

Posted
  • Author
Posted

i see, do you have any encrypted coding for javascript as my website is not that important as for example google..at the moment i had the above coding but that will prompt a box and what i type in is not asterisk...can you guys help me on this. what i want is a password field and a submit button and not prompt box...thank...

Link to comment
Share on other sites
scott100 Dedicated Member

scott100

Posted
Posted

Is this what you want, will use a password field and a button? :)

<html><head> <meta http-equiv="content-type" content="text/html;charset=iso-8859-1"> <meta name="generator" content="Adobe GoLive"> <title>Untitled Page</title> <csactions>  <csaction name="C05064EC0" class="Password Plus" type="onevent" val0="42732" val1="Please Proceed"></csaction> </csactions> <csscriptdict>  <script type="text/javascript"><!--function CSClickReturn () {var bAgent = window.navigator.userAgent; var bAppName = window.navigator.appName;if ((bAppName.indexOf("Explorer") >= 0) && (bAgent.indexOf("Mozilla/3") >= 0) && (bAgent.indexOf("Mac") >= 0)) return true; /* dont follow link */else return false; /* dont follow link */}CSStopExecution=false;function CSAction(array) {return CSAction2(CSAct, array);}function CSAction2(fct, array) { var result;for (var i=0;i<array.length;i++) { if(CSStopExecution) return false;  var aa = fct[array[i]]; if (aa == null) return false; var ta = new Array; for(var j=1;j<aa.length;j++) {  if((aa[j]!=null)&&(typeof(aa[j])=="object")&&(aa[j].length==2)){   if(aa[j][0]=="VAR"){ta[j]=CSStateArray[aa[j][1]];}   else{if(aa[j][0]=="ACT"){ta[j]=CSAction(new Array(new String(aa[j][1])));}   else ta[j]=aa[j];}  } else ta[j]=aa[j]; }    result=aa[0](ta);}return result;}CSAct = new Object;var actn1 = "";var actn2 = "";var pass=""var z=23;var y=28;iCounter = 3;if (Array) {var f= new Array();var K= new Array();var base= new Array("0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z","a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z")} function inc(){iCounter--if (iCounter > 0){if (confirm("\nPassword is incorrect.\n\n\n\nRetry?")) Check()} else alert('Access Denied');} function Check(){pass = document.getElementById('passw').value;if(pass==null || pass==""){} else{var lpass=(pass.length)+1for (l=1; l<lpass; l++){ K[l]=pass.charAt(l)} var transmit=0;for (y=1; y<lpass; y++){ for(x=0; x<62; x++){  if (K[y]==base[x]){   transmit+=f[x]   transmit*=y  }  } } if (transmit==parseInt(actn1))   go()else inc()} } function go(){alert(actn2);location.href=pass+".html";} function PVpassword(action) { if (Array) { actn1 = action[1];actn2 = action[2];z=23;y=28;for (x=0; x<10; x++){ f[x]=x<<9 f[x]+=23} for (x=10; x<36; x++){ y=y<<1 v= Math.sqrt(y) v = parseInt(v,16) v+=5 f[x]=v y++} for (x=36; x<62; x++){ z=z<<1 v= Math.sqrt(z) v = parseInt(v,16) v+=74 f[x]=v z++} iCounter = 3;Check();} }// --></script> </csscriptdict> <csactiondict>  <script type="text/javascript"><!--CSAct[/*CMP*/ 'C05064EC0'] = new Array(PVpassword,'42732','Please Proceed');// --></script> </csactiondict></head><body bgcolor="#ffffff"><input type="password" id="passw" /><input type="button" value="button" onclick="CSAction(new Array(/*CMP*/'C05064EC0'));return CSClickReturn()" /></body></html>

Link to comment
Share on other sites
lifeseries Newbie

lifeseries

Posted
  • Author
Posted

thanks scot100, that is exactly what i want, how you do that?as i know, this coding can accept 1 password only, can it be accept more than password?For example, now the password is Hello which is linking to Hello.htmlcan it be another password linking to another page?thank guy...

Link to comment
Share on other sites
scott100 Dedicated Member

scott100

Posted
Posted (edited)

Em, im not sure what's happening here Choco was was meant to split it :) How did i do it? i have highlighted the changed bits in red below.I'm not sure how the coder has created the page but yes you would be able to change the password, i don't have time or patience thought to try and figure all of it out.sorryps codebox not used because it doesnt allow syntax highlighting :)

<html><head> <meta http-equiv="content-type" content="text/html;charset=iso-8859-1"> <meta name="generator" content="Adobe GoLive"> <title>Untitled Page</title> <csactions>  <csaction name="C05064EC0" class="Password Plus" type="onevent" val0="42732" val1="Please Proceed"></csaction> </csactions> <csscriptdict>  <script type="text/javascript"><!--function CSClickReturn () {var bAgent = window.navigator.userAgent; var bAppName = window.navigator.appName;if ((bAppName.indexOf("Explorer") >= 0) && (bAgent.indexOf("Mozilla/3") >= 0) && (bAgent.indexOf("Mac") >= 0)) return true; /* dont follow link */else return false; /* dont follow link */}CSStopExecution=false;function CSAction(array) {return CSAction2(CSAct, array);}function CSAction2(fct, array) { var result;for (var i=0;i<array.length;i++) { if(CSStopExecution) return false;  var aa = fct[array[i]]; if (aa == null) return false; var ta = new Array; for(var j=1;j<aa.length;j++) {  if((aa[j]!=null)&&(typeof(aa[j])=="object")&&(aa[j].length==2)){   if(aa[j][0]=="VAR"){ta[j]=CSStateArray[aa[j][1]];}   else{if(aa[j][0]=="ACT"){ta[j]=CSAction(new Array(new String(aa[j][1])));}   else ta[j]=aa[j];}  } else ta[j]=aa[j]; }    result=aa[0](ta);}return result;}CSAct = new Object;var actn1 = "";var actn2 = "";var pass=""var z=23;var y=28;iCounter = 3;if (Array) {var f= new Array();var K= new Array();var base= new Array("0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z","a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z")} function inc(){iCounter--if (iCounter > 0){if (confirm("\nPassword is incorrect.\n\n\n\nRetry?")) Check()} else alert('Access Denied');} function Check(){pass = [color="red"]document.getElementById('passw').value;[/color]if(pass==null || pass==""){} else{var lpass=(pass.length)+1for (l=1; l<lpass; l++){ K[l]=pass.charAt(l)} var transmit=0;for (y=1; y<lpass; y++){ for(x=0; x<62; x++){  if (K[y]==base[x]){   transmit+=f[x]   transmit*=y  }  } } if (transmit==parseInt(actn1))   go()else inc()} } function go(){alert(actn2);location.href=pass+".html";} function PVpassword(action) { if (Array) { actn1 = action[1];actn2 = action[2];z=23;y=28;for (x=0; x<10; x++){ f[x]=x<<9 f[x]+=23} for (x=10; x<36; x++){ y=y<<1 v= Math.sqrt(y) v = parseInt(v,16) v+=5 f[x]=v y++} for (x=36; x<62; x++){ z=z<<1 v= Math.sqrt(z) v = parseInt(v,16) v+=74 f[x]=v z++} iCounter = 3;Check();} }// --></script> </csscriptdict> <csactiondict>  <script type="text/javascript"><!--CSAct[/*CMP*/ 'C05064EC0'] = new Array(PVpassword,'42732','Please Proceed');// --></script> </csactiondict></head><body bgcolor="#ffffff">[color="red"]<input type="password" id="passw" /><input type="button" value="button" onclick="CSAction(new Array(/*CMP*/'C05064EC0'));return CSClickReturn()" />[/color]</body></html>

EDIT: Yeah it does... Red, see?

Edited by Jonas
Link to comment
Share on other sites
Jonas Devoted Member

Jonas

Posted
Posted

In that case they can open the script file, because you can see in the source code where to find the script and download/open it in notepad.

Link to comment
Share on other sites
lifeseries Newbie

lifeseries

Posted
  • Author
Posted

<input type="button" value="button" onclick="CSAction(new Array(/*CMP*/'C05064EC0'));return CSClickReturn()" /></body>is ok, for example the code below, can it read more than 1 action, i mean at the moment it read 1 password, can it read more than 1 password?pls help me...thanks a lot :)

Link to comment
Share on other sites
scott100 Dedicated Member

scott100

Posted
Posted

You could read more than one password easily.the problem is that you would have to translate everything that the programmer who created it done, then adjust the code to accept two passwords.not easy

Link to comment
Share on other sites
lifeseries Newbie

lifeseries

Posted
  • Author
Posted

thank, that mean i need a database, is it? can i use microsoft access?for the previous encryping code, u really can't solve it?i really hope it can be solve because i don't know the login code in PHP..some more my company is not a web development company, is just my boss need a website to do digital image library...She always ask me why i must use the asp or php since it is window language and not universal.... :)

Link to comment
Share on other sites
scott100 Dedicated Member

scott100

Posted
Posted

No you don't need a database, if its only 2 passwords you could just code them onto the page. php is not platform specific.sorry, but i'm realy not up for figuring out that last codedoes this script help you, it's pre-encrypted so you could create your own encryption.try running it through this: http://www.rlrouse.com/html-encryptor.html

<head><script>function check(){var pass1=document.getElementById('1').value;var pass2=document.getElementById('2').value;if ((pass1=="hello")&&(pass2=="goodbye"))alert("Passwords are correct");else alert("2 Passwords are incorrect");}</script></head><body><form><p>Password 1 <input type="password" name="1"></p> <p>Password 2 <input type="password" name="2"></p> <input type="button" value="submit" onclick="check()" /></p></form></body>

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...