•
•
•
•
What is DaniWeb IT Discussion Community?
You're currently browsing the JavaScript / DHTML / AJAX section within the Web Development category of DaniWeb, a massive community of 425,795 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 3,123 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Please support our JavaScript / DHTML / AJAX advertiser: Lunarpages Web Hosting
Views: 1285 | Replies: 4
 |
•
•
Join Date: Jun 2008
Posts: 2
Reputation: 
Rep Power: 0
Solved Threads: 0
Newbie Poster
Hi -
Does anyone know of a tutorial that will help me create a simple (just enough to keep out the average surfer) password protection code with a cookie?
Here is what I want to do:
I offer downloadable image files at my website. Currently they are free to download to anyone who visits. What I would like to do, however, is password protect each file so that only subscribers to my ezine can download these files. I still want surfers to see the images available, I just don't want them to be able to download them. To keep the site user friendly I would additionally like there to be a cookie attached that allows subscribers to revisit my site and continue to download images for a set period after each previous download without having to re-enter the login/password (say a month).
Any ideas where I can find some tutorials to help me with this? Thanks for any insight and references.
AL
Does anyone know of a tutorial that will help me create a simple (just enough to keep out the average surfer) password protection code with a cookie?
Here is what I want to do:
I offer downloadable image files at my website. Currently they are free to download to anyone who visits. What I would like to do, however, is password protect each file so that only subscribers to my ezine can download these files. I still want surfers to see the images available, I just don't want them to be able to download them. To keep the site user friendly I would additionally like there to be a cookie attached that allows subscribers to revisit my site and continue to download images for a set period after each previous download without having to re-enter the login/password (say a month).
Any ideas where I can find some tutorials to help me with this? Thanks for any insight and references.
AL
•
•
Join Date: Jan 2007
Posts: 2,556
Reputation:
Rep Power: 7
Solved Threads: 115
You do not understand how the Internet works. If they can see it, they have already downloaded it.
It has to be downloaded before they can see it. So the image is ALREADY on their computer by the time they can see it. They can then copy it by any of these methods:
- Right-click on the image and save it.
- Find the file in the cache and copy it.
- Find the file in the internet temporary files folder and copy it.
- Use ctrl-printscreen to put the image on the clipboard. Then paste it into MS-Paint.
- Switching off JavaScript in the browser prevents you from running scripts on their computers anyway.
If you don't want people copying your pictures, don't post them on a website.
You could put a thumbnail on the page, and download the full picture only if the person is logged in, but that requires a server-side script.
It has to be downloaded before they can see it. So the image is ALREADY on their computer by the time they can see it. They can then copy it by any of these methods:
- Right-click on the image and save it.
- Find the file in the cache and copy it.
- Find the file in the internet temporary files folder and copy it.
- Use ctrl-printscreen to put the image on the clipboard. Then paste it into MS-Paint.
- Switching off JavaScript in the browser prevents you from running scripts on their computers anyway.
If you don't want people copying your pictures, don't post them on a website.
You could put a thumbnail on the page, and download the full picture only if the person is logged in, but that requires a server-side script.
Daylight-saving time uses more gasoline
•
•
Join Date: Jun 2008
Posts: 2
Reputation:
Rep Power: 0
Solved Threads: 0
Newbie Poster
Hi -
Yes, I understand what you are saying. I guess I should have explained further:
The images on my web pages are thumbnails linked to PDFs. I would like to password protect the PDFs. So if someone clicks on the link they would be prompted to input a generic user id and password. Once they did this they could continue to download other PDFs for a certain period of time.
I understand that it is possible to circumvent the password by looking at the code. The majority of my visitors, however, do not understand HTML well enough to do this. If they do then they are free to circumvent this simple protective measure.
Thanks,
AL
Yes, I understand what you are saying. I guess I should have explained further:
The images on my web pages are thumbnails linked to PDFs. I would like to password protect the PDFs. So if someone clicks on the link they would be prompted to input a generic user id and password. Once they did this they could continue to download other PDFs for a certain period of time.
I understand that it is possible to circumvent the password by looking at the code. The majority of my visitors, however, do not understand HTML well enough to do this. If they do then they are free to circumvent this simple protective measure.
Thanks,
AL
•
•
Join Date: Sep 2005
Posts: 689
Reputation:
Rep Power: 6
Solved Threads: 41
Practically a Master Poster
•
•
•
•
Originally Posted by chinalotus 
Hi -
Yes, I understand what you are saying. I guess I should have explained further:
The images on my web pages are thumbnails linked to PDFs. I would like to password protect the PDFs. So if someone clicks on the link they would be prompted to input a generic user id and password. Once they did this they could continue to download other PDFs for a certain period of time.
I understand that it is possible to circumvent the password by looking at the code. The majority of my visitors, however, do not understand HTML well enough to do this. If they do then they are free to circumvent this simple protective measure.
Thanks,
AL
How is your ezine subscription implmented? You'll need to be able to retrieve the list of users subscribed to your ezine, and have them insert their email, and/or password before carrying on.
You'll need to use a server side to make this secure but if you're bent on just using plain old javascript then the basics are to have a list of the username and passwords, compare them, allow/deny access.
eg:
// your list of allowed usernames
var usernames = [
'joe',
'mary'
];
// prompt username, usually you use a form, or other UI but prompt() is simple
var username = prompt('Enter Your Username');
// iterate through each item in your list with the username
var auth = false;
for (var i = 0; i < usernames.length; i++) {
if ( usernames[i] == username) {
auth = true;
break;
}
}
If (auth == true) {
alert('you have access');
} else {
alert('no access');
}
You'll have to look into attaching an event handler to the link, and having the even handler (function) call a similar routine to the one above.
Then have the event handler stop propagation of the event if the authentication fails.
--
note: I didn't add passwords since that would be compromising your users passwords, as they will be visible in the HTML source.
You wouldn't want to user emails either, since they would be open to automated email harvesting for spam purposes.
Last edited by digital-ether : Jun 17th, 2008 at 9:33 am.
www.fijiwebdesign.com - web design and development and fun
Cpanel Email - Let users Register email accounts on your website upon registration
Ajax Chat - Fully browser based chat!
Cpanel Email - Let users Register email accounts on your website upon registration
Ajax Chat - Fully browser based chat!
•
•
Join Date: Jun 2008
Location: Phoenix, AZ
Posts: 769
Reputation:
Rep Power: 2
Solved Threads: 63
Master Poster
Likewise, I would recommend going with a server side script for this. To make a javascript authentication function even remotely secure will be 3 times as tricky. You understand that I can view your javascript right. Even if you have a function that redirects to another page and then back quickly, I can stop script and with several available tools, be able to view any javascript code that you have on there. And where do you intend to store the usernames and passwords, in the javascript code? It is possible, I just wouldn't recommend it.
Last edited by R0bb0b : Jun 17th, 2008 at 2:19 pm.
|
•
•
•
•
•
•
•
•
DaniWeb JavaScript / DHTML / AJAX Marketplace
•
•
•
•
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Linear Mode
Similar Threads
- ALL GMail invites to be posted here please! (Geeks' Lounge)
- Win32.trojan.agent.bi and Coolwebsearch :( (Viruses, Spyware and other Nasties)
- BetterInternet, Start up Trojan, Aurora HELP!!! (Viruses, Spyware and other Nasties)
- Aurora Popups... yet again (Viruses, Spyware and other Nasties)
- Removing Aurora Spyware (Viruses, Spyware and other Nasties)
- more aurora probs (Viruses, Spyware and other Nasties)
- Cant stop pop ups, computer lagging (Viruses, Spyware and other Nasties)
- php help needed for login (PHP)
- Forms Authorization/ Authentication using asp .net and vb .net (ASP.NET)
Other Threads in the JavaScript / DHTML / AJAX Forum
- Previous Thread: Hiding empty <div>'s
- Next Thread: Javascript request - changing table TD width
