Not sure who originally posted this query (nntp?) because I can't see their name AND it's a very old post. However, I thought it best to leave a sensible reply for anyone else coming across this forum page like i did.
Firstly, may I apologise on behalf of all sensible programmers for the comments made by Karl and some others. They are most likely boys in their bedrooms or extreme techy geeks. These type of people don't seem to appreciate that there are other people in the world who are new to things and are climbing the ladder a bit further down than themselves.
Obviously, you are new to the whole programming world and Javascript is something new to you to just as it was to everyone else who now claims to be an expert these days. Javascript is a great means of creating dynamic content but in it's most basic form, I would recommend not using it for anything to do with security, simple because, Javascript can be disabled. Yes, there are servlets etc, but lets not get complicated techy geeks, this answer is for "newbies".
Now, for 50% of people your method might still work because not everyone knows Javascript or how to disable it. Lets face it, it's not exactly clear for a non-techy in Internet Explorer. But yes, those that have some I.T knowledge will already know that it can be disabled quite easily. I mean, the whole "disable right-click" is pointless because in Internet Explorer you can just right-click, keep the button held down, then press ENTER to remove the message, then let go of the button and hey presto...
Anyway...
I think what's missing from this entire page is someone who will actually give you an alternative. Techy geeks are extremely good at laughing in your face and running things down, but few of them ever actually give you proper help and guidance on a better solution. Notice the posts above? most just tell you WHY it won't work, but none actually give you any useful advice.
Anyway, if you truly want to venture into the area of only showing links to paid members, you really want to go about it using a server-side programming language like PHP or ASP. This will allow you to create Memberships with registration pages (like this forum). The big difference between doing this method in comparison to Javascript is that....
a). Javascript will still have to have the link stored somewhere in the HTML EVEN if you have disabled it where as PHP/ASP can decide before hand whether to show a link as they are producing the HTML.
Lets say you have a non-member looking at the page :
Javascript version would look like this:
============================
This is an important <a href='
http://www.example.com' onclick="if(!member){alert('you are not a member');return false">link</a>
PHP/ASP version might look like this
=============================
This is an important <span class='disabledlink'>link</span>
As you can see the biggest difference is that, with PHP/ASP all of the working out has been done on the server so that a visitor can't see anything that's gone on and won't be able to find the link in the source. With the Javascript version, you could easily just view the source and get the link anyway.
SUMMARY
===========
To be honest, the idea of disabling links (using javascript) to non members is an odd choice because, firstly, in order to have members, you would have something setup already using PHP/ASP to let them login etc. So just don't print the link if they aren't members and avoid Javascript.
The only way I could see needing to use your method (for non-technical people) would be to have a Javascript dialogue box that first asked the user to enter a special password (that all members would know). If correct, you store a COOKIE. Then you could decide if links were enabled by checking the COOKIE? But that should be avoided at all costs!
So the answer is, no, don't use Javascript for security things.
AN ASIDE - XHTML
==============
If you are new to XHTML and the whole compliance thing then Javascript can be another downer. Basically, XHTML and W3C are creating restrictions to make sure people do things properly so that their solution is globally accessible.
So, if you use Javascript to do something, you have to make sure that if Javascript is disabled, the user can still perform the same task (or near enough).
Anyway,
Hope that helps someone if they come across this in 2012.