I have been a happy lurker for some time now, soaking in the abundant knowledge that i have found here. But now I am at my wits end trying to find the solution to what is probably a novice’s oversight.

I have a menu that animated with jquery. One of the link I have added js call a function that asks for a quick password then opens new page. Some reason it only seems to refresh the page. Here's the code involved.
the js

function password(){
	var password;
	var pass1="cool";
	password=prompt('Please enter your password to view this page!',' ');
	if (password==pass1)
	  alert('Password Correct! Click OK to enter!');
		   //window.location.href = "www.google.com";

and the html

<a href="" onclick="password()">Password</a>

I used Google as a reference to ensure my site wasn't posing any addiction problems. From everything I have read online and offline window.location should be so complicated. If I need to include more context let me know. Thanks for any insight/help.

7 Years
Discussion Span
Last Post by vsmash

yes I have tried adding "http://" to the beginning, along with single quotes, moving the script to the page itself, and stripping down away the pop-up to test just the current document. Nothing seems to give any light to the problems. I am testing it on primarily on Firefox 3.6 and IE8 (and the handful of misfits afterward). I guess I could even supply a link to the test site. http://www.cda.med.br/ to find the link in question, hover over the Funcionários part of the menu and click on password.

The function is on line 87; the link is on line 219 of the html document.


Your link isnt working.

I fail to see the insight in your comment. I posted the additional info to help identify any conflicts that I might not see. I know that the link is not working. ;)


the links is Wrong, the href is invalid

<a href="#" onclick="password()">Password</a>

and you arent really going to have a password in clear in the file are you?


The "password" is not about real security, just a mock to keep average Joe from snooping. For this case there is no real reason for protection, the client ask for a type of fake login, so I guess I am a obliged. But while were on the subject how would I go about creating a more secure system. Thanks again.

I changed the href and works like a charm if I don't use the popup. ie

function password() {
	window.location= "http://www.google.com/";

As soon as I return to the original code posted it sends me the the same url with a "#" appended to the end. I am beginning to think that the window.location is doing the trick but is affecting the DOM of the popup and not the browser window. Not completely sure if that is possible. Then as the popup closes the link executes the href for the link sending me to "#". If this is the case I would need to pass the info back to the page and then redirect the page to the desired site.

Another question, is there anything else I need to know about this magical creature href="#". Is there a name for this type of link? I think I remember it being referred to as a null link and being bad or something for indexing.


of course its a null link
any secure work is done serverside and the unlogged user does not even get a link
of course your confirm link screws up, as soon as there is any response to the alert the return value is 'true' and the href is processed
it is not strictly necessary to have a href at all for the script processing to work
javascript, would likely store the hash of the password in the file, and hash the input, compare the hashes and act appropriately
there is no security in anything done client side

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.