User Name Password Register
DaniWeb IT Discussion Community
Home
Forums
Tutorials
Code Snippets
Blogs
Link Directory
All
What is DaniWeb IT Discussion Community?
You're currently browsing the JavaScript / DHTML / AJAX section within the Web Development category of DaniWeb, a massive community of 402,741 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 2,486 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Join our community!
Please support our JavaScript / DHTML / AJAX advertiser: Lunarpages Web Hosting

javascript code not working in firefox

Join Date: Jul 2006
Location: Deptford, London
Posts: 943
Reputation: MattEvans has a spectacular aura about MattEvans has a spectacular aura about 
Rep Power: 5
Solved Threads: 47
Moderator
Featured Poster
MattEvans's Avatar
MattEvans MattEvans is online now Online
Posting Shark

Re: javascript code not working in firefox

  #4  
Aug 27th, 2007
Erm.. not using javascript. It's not a good way to adequately password protect pages. The best you can do with javascript is:

- hide everything but the password form on the page (wrap everything in an html element, set display:none; or visibility:hidden; in css) unless the user enters the correct password (then set everything visible, using display:; or visibility:visible; respectively). unfortunately, everything on the page can be seen using view > source.
- have the page redirect when the user enters the correct password ( as you're doing here ); again, anyone can look at the source, and find out the URL of the restricted page.
- the best javascript 'password protection' i've seen did this: have a page with a password form; when the user enters anything in the password field; the script redirects to a folder with the name of the correct password; the basic principle is, that it's difficult for the average user to know where the folders on a webserver are, unless you give some hint ( links, common folder names, etc ). every incorrect guess will redirect to some unmapped location on your server; not ideal, but it restricts access. the bad point here, is that any user watching an 'admin' can see what the password-named folder is.. but, it's the best javascript password restriction method that I can imagine. You could take it a step further, and transform the password entered by some text/ascii math function before redirecting, but, the script suffers from the same vulnerability I mentioned if someone sees an admin login, although, its less obvious if the function generates some long non-dictionary string of characters.

the real solution, is not to use javascript for password restriction. use some method server-side that only sends pages to users that are authorized.

aswell as a good set of tutorials for javascript, some for basic server side authorization, and somewhere in there the client-protocol-server relationship, would be quite useful...

If you want to go ahead with JS validation regardless of that advice, and you just want an input dialog to pop-up; this code _should_ do that:
http://www.java2s.com/Code/JavaScrip...nputDialog.htm
I haven't tested it atall, but it looks alright, although it's old-school quirks mode HTML. It would need the same fixes as s.o.s mentioned with regard to your posted code in order to make it 'new standards compliant'
If it only works in Internet Explorer; it doesn't work.
Reply With Quote  
Advertising Opportunities on DaniWeb
Contact Us - Newsletter Archive - Sitemap - Privacy Statement
All times are GMT -4. The time now is 7:42 am.
Forum system based on vBulletin Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
©2003 - 2008 DaniWeb® LLC