HTML Help!

[RossMAN]

I recently registered a few domains with dixiesys.com ($19.95/yr, 25 POP email addresses, 200MB, 3GB per mo transfer) and want to password protect them.

So I'm looking for a very simple HTML solution.
1) After going to www.domainhere.com I want a blank white page which prompts you for a password.
2) Let's set the username to dumb and the password to ass. I just want to ensure that no one can look at any of the websites contents without first entering a valid username and password. There will be about 5 users.
3) After entering a valid username and password you would be granted access to the website's index.html

How do I do this?
Are there any HTML beginner's websites with a template like this you can recommend?

Thanks!

 

[joohang]

No HTML solutions I can think of.

Ask your host to protect on the server. Or you'll need to do some server-side coding.

 

[b0mbrman]

It's gotta be javascript at least

I'm rusty but here's one general way

Now, assuming your root directory isn't web-browsable, here's how I'd do it:
(1) Name your welcome page Y.html (or whatever you want) where Y is the password you want
(1) Make an html page with a textbox on it saying "What's the password?"
(2) Assign what they put into a variable X
(3) In a separate window, get javascript to open the file called X".html"
If X=Y, it'll open up the welcome page. If they stick in the wrong password, they'll just get a 404 error

 

[thelanx]

use htaccess. I'm sure you can find a tutorial by searching.

 

[docmanhattan]

if you have access to above the root directory, usually /www or something, you can script it such that you store everything over root and include everything to your main page (usually index.something)

 

[RossMAN]

<< use htaccess. I'm sure you can find a tutorial by searching. >>



Thanks I'm looking at these.

 

[b0mbrman]

Hey, check out the edited thing I put in my last reply...that should work but might be too simple...

 

[RossMAN]

<< Hey, check out the edited thing I put in my last reply...that should work but might be too simple... >>



Thanks I'll look into that but I know absolutely nothing, zip, zero, nada, zilch about coding HTML

 

[b0mbrman]

<<

<< Hey, check out the edited thing I put in my last reply...that should work but might be too simple... >>


Thanks I'll look into that but I know absolutely nothing, zip, zero, nada, zilch about coding HTML >>


Alright...BRB...gonna write out the code in notepad

 

[DrMoreau]

You can find lots of Javascript password protection scripts Here. There are ways around them for those who are in the know, but they will work for your average viewer, which is the best you can expect with Javascript.

 

[b0mbrman]

<html>
<head>

<script language="javaScript">

function checkPassword() {
var password;
passWord = this.document.passCheck.passEnter.value
passPage = passWord + ".htm"
var newWindow
newWindow = (passPage)
}
</script>
</head>

<body bgColor="#FF8080">
<form name="passCheck"
<input type="textBox" name="passEnter">
<input type="button" value="Enter" onClick="checkPassword(this.form)">
</form>
</body>
</html>

 

[BigFatCow]

heres mine anyway...


<HTML>

<HEAD>
<SCRIPT LANGUAGE="JavaScript">

function Try(passwd, user){
if (passwd =="ass" && user=="dumb"){
location.href = "index.html";
}
else {
alert("Incorrect user name and or password.");
};


}
</SCRIPT>
</HEAD>

<FORM NAME="pass">
Enter User Name:<INPUT TYPE="USERNAME" NAME="txtuser" SIZE="20">
Enter Password:<INPUT TYPE="PASSWORD" NAME="txtPasswd" SIZE="20">

<INPUT TYPE="RESET" NAME="cmdTry" VALUE="Click here to enter the site."
onClick="Try(pass.txtPasswd.value, pass.txtuser.value)">

</FORM>
</BODY>
</HTML>





try it here on geocities.

 

[b0mbrman]

<< heres mine anyway...
try it here on geocities. >>


Mmm...but you gotta disable the user from seeing the source somehow though...

 

[BigFatCow]

i know....

i just made it so no right click, all you would have to do so they cant do View>Source would be to have frames.

 

[yllus]

Ross, can your site support CGI/Perl? If so, post or PM me so and I'll write up a secure CGI script when I get home after I get home tonight (about midnight, 5 hours from now). Do NOT use Javascript if you value your security.

 

[BigFatCow]

<< Ross, can your site support CGI/Perl? If so, post or PM me so and I'll write up a secure CGI script when I get home after I get home tonight (about midnight, 5 hours from now). Do NOT use Javascript if you value your security. >>



yea, java is real easy to get through.

 

[DanFungus]

never really done JavaScript, but can't you have it load a .js file with the username/password inside of it from the server? But then the problem of seeing the source....
but also, with the stuff already posted, I think, you would be able to just goto index.html or whatever and just bypass the password page. You'd need some sorta cookie almost and for each page to see if the username/password are correct in the cookie and if not, don't let them get to the page.

 

[RossMAN]

Wow thanks everyone for the great suggestions.

sully - Yes I think it does support CGI please PM me the code when you have a chance. Thanks!

 

[b0mbrman]

<< never really done JavaScript, but can't you have it load a .js file with the username/password inside of it from the server? But then the problem of seeing the source....
but also, with the stuff already posted, I think, you would be able to just goto index.html or whatever and just bypass the password page. You'd need some sorta cookie almost and for each page to see if the username/password are correct in the cookie and if not, don't let them get to the page. >>


Yeah...in that one, you put the password program on index.html and then make the start page odfiajdsf.htm where odfiajdsf is the password you want

 

[jjones]

here's a very simple PHP script you can use that will get the job done for what i think you want and I think you have php installed already on the server.

Create your entry page (index.html) using the following:

<html>
<head>
<title>Password Entry Page</title>
</head>
<body bgcolor=#FFFFFF>
<center>

<p><p>
<form method=post action="http://www.yourdomain.com/homepage.php">

<input type=text name="password" size=10 maxlength=10>
<p>
<input type=submit value="Submit">
</center>
</body>
</html>

Next create what is your real Home Page (homepage.php) using the following:

<?php

if ($password == "mypass") {

echo "

<html>

Place your home page html content here.

</html>
";
}

else if ($password != "mypass") {
echo "

<html>


You don't belong here.

</html>
";
}

?>

That's it. If they have the password, they get in; if they don't they get told they don't belong. and there's no way they can get the password from looking at the source.

You'll notice that the form posts to a page called homepage.php; you can rename that to whatever you want; that's just an example. Also, the password is set to "mypass" and you can rename that also.

saludos.

edit: damn, for some reason i can't show break tags so i substitued paragraph tags. same difference.

 

[stndn]

if your server supports htaccess, read this link
if you don't have unix access and need to create the password for .htaccess, go here
note that all examples ask you to put the password into .htpasswd, but you can name that anything you want. best filename would be hidden files, ie: files that starts with a dot (eg: .kljeinf or .asdf1234)

for javascript, it's not quite safe and people can just look at your source code to figure out the password...
you may be able to do this:
<SCRIPT LANGUAGE="JavaScript" TYPE="Text/JavaScript" SRC="filename.js">
<!--
// -->
</SCRIPT>
and put the contents of javascript in "filename.js" instead of your html page

however, it's easy to use "view-source:http://www.filename" on your url/address bar (which btw, defeats the no-right-click-to-disable-people-from-viewing-your-source-code things) and then work the "target filename" from there
another thing is that once a person gets pass the javascript, s/he can just copy/paste the url where that leads to, and open straight from that filename right ahead
another thing is that if a person disable javascript on the browser, your password protection won't really work anymore ....

as far as cgi, there are several ways to securely get past it... haven't been able to figure out mine ... so would you mind to share it with us once you get that?

good luck
-954-