•
•
•
•
What is DaniWeb IT Discussion Community?
You're currently browsing the HTML and CSS section within the Web Development category of DaniWeb, a massive community of 429,794 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 3,804 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Please support our HTML and CSS advertiser: Lunarpages Web Hosting
Views: 6642 | Replies: 5
 |
•
•
Join Date: Jan 2005
Posts: 2
Reputation: 
Rep Power: 0
Solved Threads: 0
Newbie Poster
Password Protection from a txt.file I am experiencing a great degree of difficulty trying to password protect a page on my site. I have a .txt file of user id numbers which serve as passwords, and I want to create a java script to gain access that file from my html form. Any help out there?
•
•
Join Date: Apr 2004
Posts: 207
Reputation:
Rep Power: 5
Solved Threads: 8
Posting Whiz in Training
it's much much much easier to use an access database.. ive got the asp code for this (you're using cookiebased login sessions yea?) but i would need t find it, ask m again if you acctually want it
•
•
•
•
NIKE just mod it!
HND Business IT
CCNA
MSCE
•
•
Join Date: Jan 2005
Posts: 2
Reputation:
Rep Power: 0
Solved Threads: 0
Newbie Poster
OK, I will try using the Access Database.. I could still use your help though. Just let me know what I need to send you and I'll get it done.
•
•
Join Date: Jun 2005
Location: Kansas City, Missouri, USA
Posts: 344
Reputation:
Rep Power: 4
Solved Threads: 4
Posting Whiz
Password protection can be tackled a lot of different ways and they depend on:
You mention a text file with the passwords that the javascript will use to verify....um....if your client-side javascript can access the text file, so can your site visitors. All they have to do is open the page source, read the javascript, then point their browser to the text file. Again, not secure.
- Which OS (windows? linux?)
- Which webserver (IIS? Apache?)
- Do you have admin privs on the server?
- Do you only need to protect scripts or all files?
- What scripting languages are available to you? (ASP?, ASP.NET?, PHP?, Java?, PERL CGI?)
You mention a text file with the passwords that the javascript will use to verify....um....if your client-side javascript can access the text file, so can your site visitors. All they have to do is open the page source, read the javascript, then point their browser to the text file. Again, not secure.
•
•
Join Date: Dec 2004
Location: Lincoln Park, Michigan
Posts: 1,744
Reputation:
Rep Power: 7
Solved Threads: 108
Best way is to use a server side language, like Perl or PhP (or ASP), and use it for the authentication...
•
•
Join Date: Jun 2005
Location: Kansas City, Missouri, USA
Posts: 344
Reputation:
Rep Power: 4
Solved Threads: 4
Posting Whiz
I don't know that I'd say using a server-side scripting language is the "best" way. You can certainly build a good solution that way. I provide a PHP example for password-protecting pages in my class_session.
I would argue that as far as security goes, using a method natively supported by your webserver is even better than using server-side script. You can configure the webserver to require authentication for specific files or directories. This is done by turning off anonymous access and configuring an authentication method.
For example, with Apache, you can have Apache require the user to authenticate using an OS account, an htpasswd account, or a user account stored in a database. You can enforce this using the Apache conf files or via .htaccess files -- you can search for more about .htaccess.
With server-side script, typically you can only protect script. For example, if you have a directory full of PDF's, it's not so easy to protect those with server-side script. There IS a way, but it involves storing the PDF's in a non web-accessible directory and having a script that can open and stream the PDF--if the user is authorized.
It really depends on what your goals are, what your platform is, and what skill resources you have available.
I would argue that as far as security goes, using a method natively supported by your webserver is even better than using server-side script. You can configure the webserver to require authentication for specific files or directories. This is done by turning off anonymous access and configuring an authentication method.
For example, with Apache, you can have Apache require the user to authenticate using an OS account, an htpasswd account, or a user account stored in a database. You can enforce this using the Apache conf files or via .htaccess files -- you can search for more about .htaccess.
With server-side script, typically you can only protect script. For example, if you have a directory full of PDF's, it's not so easy to protect those with server-side script. There IS a way, but it involves storing the PDF's in a non web-accessible directory and having a script that can open and stream the PDF--if the user is authorized.
It really depends on what your goals are, what your platform is, and what skill resources you have available.
|
•
•
•
•
•
•
•
•
DaniWeb HTML and CSS Marketplace
•
•
•
•
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Linear Mode
•
•
•
•
- how to launch a txt file (VB.NET)
- reading txt file into array (C++)
- Capturing data from txt file using JavaScript/HTML (JavaScript / DHTML / AJAX)
- How can I read from a txt file? (C++)
- URGENT - Reading from txt file into a 2 dimension array (Java)
- uploading .txt file via phpmyadmin to Mysql (MySQL)
Other Threads in the HTML and CSS Forum
- Previous Thread: offsetTop prob - need to determine if a div is visible
- Next Thread: Image in Textbox?
