•
•
•
•
What is DaniWeb IT Discussion Community?
You're currently browsing the JavaScript / DHTML / AJAX section within the Web Development category of DaniWeb, a massive community of 402,519 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 2,736 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Please support our JavaScript / DHTML / AJAX advertiser: Lunarpages Web Hosting
Views: 4123 | Replies: 4 | Solved
 |
| |
•
•
Join Date: Nov 2006
Posts: 38
Reputation: 
Rep Power: 2
Solved Threads: 1
Light Poster
<h3>Administrator Login Here:</h3>
<p>ENTER USER NAME :
<input type="text" name="text2">
</p>
<p> ENTER PASSWORD :
<input type="password" name="text1">
<input type="submit" value="Check In" name="Submit" onclick=javascript:validate(text2.value,"admin",text1.value,"admin") >
</p>
</form>
<script language = "javascript">
function validate(text1,text2,text3,text4)
{
if (text1==text2 && text3==text4)
load('http://localhost:8080/vote-0.3/admin/');
else
{
alert("You should'nt be there");
}
}
function load(url)
{
location.href=url;
}
</script>this code is working fine in IE but not in mozilla-firefox. when I click the submit button nothing happens in firefox.....what can be done?....thanks
Last edited by apontutul : Aug 23rd, 2007 at 2:22 am.
•
•
Join Date: Jun 2006
Location: India
Posts: 6,812
Reputation: 
Rep Power: 23
Solved Threads: 339
Your code is far from being a proper XHTML document, but works in IE, since its really forgiving. A few things:
- All the form elements should go in the form tag. Its only when they go inside the form tag, a name attribute given to them is valid, otherwise name attribute for non-form elements is deprecated.
- The language attribute of
<script>tag is deprecated. Use 'type ' instead. Something like<script type="text/javascript">. - Its always recommended to place your script in the header section or include it at the bottom of your page.
- The way you are accessing the elements is completely wrong. One possible way would be to just pass the form element to the validate function and let the function pull out values from the form. Something like this:
<input type="submit" value="Push" onclick="validate(this.form);" />
"I don't accept change. I don't deserve to live."
"Working a real job is a win if you're lazy, greedy, or unmotivated. If you're average, you fit right in. And if you're above average, the basic terms of employment and premise of the arrangement is against your interests."
"Working a real job is a win if you're lazy, greedy, or unmotivated. If you're average, you fit right in. And if you're above average, the basic terms of employment and premise of the arrangement is against your interests."
•
•
Join Date: Nov 2006
Posts: 38
Reputation:
Rep Power: 2
Solved Threads: 1
Light Poster
thanks got it working....
another thing, can you tell me how to get a login dialog box at the start i.e "on loading" of a page?
another thing, can you tell me how to get a login dialog box at the start i.e "on loading" of a page?
•
•
Join Date: Jul 2006
Location: Deptford, London
Posts: 943
Reputation:
Rep Power: 5
Solved Threads: 47
Posting Shark
Erm.. not using javascript. It's not a good way to adequately password protect pages. The best you can do with javascript is:
- hide everything but the password form on the page (wrap everything in an html element, set display:none; or visibility:hidden; in css) unless the user enters the correct password (then set everything visible, using display:; or visibility:visible; respectively). unfortunately, everything on the page can be seen using view > source.
- have the page redirect when the user enters the correct password ( as you're doing here ); again, anyone can look at the source, and find out the URL of the restricted page.
- the best javascript 'password protection' i've seen did this: have a page with a password form; when the user enters anything in the password field; the script redirects to a folder with the name of the correct password; the basic principle is, that it's difficult for the average user to know where the folders on a webserver are, unless you give some hint ( links, common folder names, etc ). every incorrect guess will redirect to some unmapped location on your server; not ideal, but it restricts access. the bad point here, is that any user watching an 'admin' can see what the password-named folder is.. but, it's the best javascript password restriction method that I can imagine. You could take it a step further, and transform the password entered by some text/ascii math function before redirecting, but, the script suffers from the same vulnerability I mentioned if someone sees an admin login, although, its less obvious if the function generates some long non-dictionary string of characters.
the real solution, is not to use javascript for password restriction. use some method server-side that only sends pages to users that are authorized.
aswell as a good set of tutorials for javascript, some for basic server side authorization, and somewhere in there the client-protocol-server relationship, would be quite useful...
If you want to go ahead with JS validation regardless of that advice, and you just want an input dialog to pop-up; this code _should_ do that:
http://www.java2s.com/Code/JavaScrip...nputDialog.htm
I haven't tested it atall, but it looks alright, although it's old-school quirks mode HTML. It would need the same fixes as s.o.s mentioned with regard to your posted code in order to make it 'new standards compliant'
- hide everything but the password form on the page (wrap everything in an html element, set display:none; or visibility:hidden; in css) unless the user enters the correct password (then set everything visible, using display:; or visibility:visible; respectively). unfortunately, everything on the page can be seen using view > source.
- have the page redirect when the user enters the correct password ( as you're doing here ); again, anyone can look at the source, and find out the URL of the restricted page.
- the best javascript 'password protection' i've seen did this: have a page with a password form; when the user enters anything in the password field; the script redirects to a folder with the name of the correct password; the basic principle is, that it's difficult for the average user to know where the folders on a webserver are, unless you give some hint ( links, common folder names, etc ). every incorrect guess will redirect to some unmapped location on your server; not ideal, but it restricts access. the bad point here, is that any user watching an 'admin' can see what the password-named folder is.. but, it's the best javascript password restriction method that I can imagine. You could take it a step further, and transform the password entered by some text/ascii math function before redirecting, but, the script suffers from the same vulnerability I mentioned if someone sees an admin login, although, its less obvious if the function generates some long non-dictionary string of characters.
the real solution, is not to use javascript for password restriction. use some method server-side that only sends pages to users that are authorized.
aswell as a good set of tutorials for javascript, some for basic server side authorization, and somewhere in there the client-protocol-server relationship, would be quite useful...
If you want to go ahead with JS validation regardless of that advice, and you just want an input dialog to pop-up; this code _should_ do that:
http://www.java2s.com/Code/JavaScrip...nputDialog.htm
I haven't tested it atall, but it looks alright, although it's old-school quirks mode HTML. It would need the same fixes as s.o.s mentioned with regard to your posted code in order to make it 'new standards compliant'
If it only works in Internet Explorer; it doesn't work.
•
•
Join Date: Feb 2008
Posts: 1
Reputation:
Rep Power: 0
Solved Threads: 0
Newbie Poster
Re: javascript code not working in firefox Another issue with the code that is shown...
(this may ony be a problem with older browsers).
You have given the submit butten a "name" of "submit".
I strongly suggest you name it something else becasue it can cause a name conflict with the form.submit() method and cause form submits to fail.
(this may ony be a problem with older browsers).
You have given the submit butten a "name" of "submit".
I strongly suggest you name it something else becasue it can cause a name conflict with the form.submit() method and cause form submits to fail.
|
•
•
•
•
•
•
•
•
DaniWeb JavaScript / DHTML / AJAX Marketplace
•
•
•
•
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Hybrid Mode
•
•
•
•
access activation ajax api asp blogger blogging blogs bon browser code dani daniweb data development dreamweaver dropdownlist email encryption firefox gdata google html internet key linux microsoft module mozilla msdn net news open-source product programming reuse rss security serial software sql super tags testing vista web webmail wysiwyg xml
- javascript function not working in firefox (JavaScript / DHTML / AJAX)
- "i want used confirm in javascript in code behind" (ASP.NET)
- AJAX not working on firefox (JavaScript / DHTML / AJAX)
- javascript works in IE but not working in firefox (JavaScript / DHTML / AJAX)
- Javascript and Firefox ISSUES (JavaScript / DHTML / AJAX)
- javascript code not working in mozillafirefox (JavaScript / DHTML / AJAX)
Other Threads in the JavaScript / DHTML / AJAX Forum
- Previous Thread: Javascript code to disable swf dotted-frame in webpage
- Next Thread: javascript+iframe
