----------------------------------- void Sun May 25, 2003 4:19 pm [Tutorial] Password Protecting Your Pages ----------------------------------- This is a VERY simple way to pass protect your web page..not very attractive but it works password 1 var wrong="pass1.htm"; // password... var password="WHAT"; // prompts the user this... var name = prompt("WHAT is the password???",""); // if... else statement... right, confirm this, wrong, go to wrong... if (name == password) {(confirm("Welcome!"))} else {location.href=wrong} YOU HAVE CORRECTLY GUESSED THE PASS WORD The password is "WHAT" copy the program to ur text document and save as pass1.htm NOT pass1.html, if you do then change the variable wrong to pass1.html because thats the site that its redirected to when the pass is wrong Edit: Note: THIS IS NOT A FOOLPROOF METHOD!!! It is easy to bypass, If you very important things to protect, use .ht access & .htpasswd, as it is harder to get through. But if it is not available, I guess this will have to do ----------------------------------- JSBN Sun May 25, 2003 4:28 pm ----------------------------------- while u did forget my little warning which i added, it is good. +5 ----------------------------------- void Sun May 25, 2003 4:32 pm ----------------------------------- i thought ppl would realize that coz i said "VERY simple" program...as in it not very complex encrypting..thus making it easy to bypass, in fact, if your smart enough, you can save the web page to your desktop, then edit the page and remove the pass script and then reload the site.....(beginners hacking...lolz)...ill save the MODS breath MY EDIT: WE DO NOT ENCOURAGE HACKING, IN FACT WE CONDEMN IT EVEN THO MORE THAN HALF OF US DO IT :wink: LOLZ (you cant sue us now!!) ----------------------------------- PHP God Mon May 26, 2003 6:55 am ----------------------------------- I would have taken bits. He just practically taught us all how those little passwrods work that PPL have on geocities. jk man. I've seen that tut b4 tho. ----------------------------------- octopi Mon May 26, 2003 10:33 pm ----------------------------------- Best way, is to use apache itself Make a '.htaccess' file AuthType Basic AuthUserFile /path/to/your/directory/.htpasswd AuthName "Members Area" require valid-user you will need to encrypt the password using the crypt function of Perl. http://www.hof-berlin.de/crypt.php3 will do it for you. ----------------------------------- Homer_simpson Mon May 26, 2003 10:45 pm ----------------------------------- how to hack a page protected that way : open the page goto view > source copy and paste the page and remove the password part... i think that would do =/ ----------------------------------- JSBN Tue May 27, 2003 6:52 am ----------------------------------- actually... homer, .htpasswd & .htaccess files are a little more complicated than that. because there will still be a .htacess file on the server. You cant remove it. ----------------------------------- Homer_simpson Tue May 27, 2003 7:26 am ----------------------------------- no, i'm talking about the first way that was mentioned... ----------------------------------- CHUTHAN20 Fri May 28, 2004 7:59 pm simple ----------------------------------- visit this address to almost evrything. http://www.dynamicdrive.com ----------------------------------- blackwhite Tue Jul 13, 2004 5:30 pm ----------------------------------- hotscripts has some cool pwd protecting scripts. actually, they have everything.