password

[prophet]

so hopefully only one more question about this.....

so I have a webpage using frames. I have a header and a column down the
left, and the main body (all of which have different htmls but are brought
together under index.html.
From the header frame I have a list of different options which when clicked
change the body of the page, leaving the header page the same. I have
added a page which uses a 'gatekeeper' to loosely password protect one of
the
pages to be displayed in the main body. The only problem is that with the
current code it is not the body that changes, but rather the header.

How can I adjust this???

Attached 1st is what sends it to the gatekeeper, second is the 'gatekeeper'
code

Any advice?

1.

<HEAD>
<!-- Begin
var nifty_little_window = null;
function gateKeeper() {
nifty_little_window = window.open('gatekeep.html', 'theKeeper',
'width=350,height=200,resizable=1');
}
// End -->
</SCRIPT>
</HEAD>

<body>
<td width="70">
<p align="center"><A HREF="" onMouseOver="gateKeeper()"
class="navgreen">ENTER</A></td>

</body>

2.

<HEAD>

<base target="index">

<SCRIPT LANGUAGE="JavaScript">
<!-- Begin

function goForit() {
var location;
var password;
password=this.document.testform.inputbox.value
location=password + ".html"
fetch(location)
theKeeper=window.close()
}
function fetch(location) {
var root;
if (opener.closed) {
root=window.open('','theKeepersGopher','toolbar=yes,location=yes,status=yes,menubar=yes,scrollbars=yes,resizable=yes,copyhistory=no');
root.location.href = location;
} else {
opener.location.href = location;
}
}
// End -->
</SCRIPT>



<BODY onLoad="top.window.focus()" BACKGROUND="images/background.jpg">


<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%>
<TR>
<TD ROWSPAN=2 WIDTH=50%>
<TD WIDTH=50% ALIGN=CENTER VALIGN=MIDDLE>
<FONT FACE="ARIAL" SIZE=2><B>For Members only.<br>
Please enter the password.<br>
</B></FONT><BR>
<TR>
<TD WIDTH=50% ALIGN=CENTER VALIGN=BOTTOM>
<CENTER>
<FORM NAME="testform">
<INPUT TYPE="text" NAME="inputbox" VALUE="" size=20>
<INPUT TYPE="button" NAME="button" Value="Submit Password"
onClick="goForit(this.form)">
<P></FONT>
</FORM>
</CENTER>
</TABLE>

 

[shimmyshack]

target attribute for the form, and for that matter all the window.opens
and so on...

you have made a rod for your own back here, this is why frames were a
nightmare when they were in fashion. think of all that code that wont
be portable when you finally decide youve got better things to do than
go through the pain of adding another few pages.

your password scheme will only stop absolute beginners, and it gets
"saved" in the addressbar, cache, all caching proxies, the actual box
(unless you turn off autocomplete), the history, and doesnt expire if
the browser is restarted. I would have chosen to use a 1 or 2 line
..htaccess file myself. hassle avoided.

 

[prophet]

target attribute for the form, and for that matter all the window.opens
and so on...

you have made a rod for your own back here, this is why frames were a
nightmare when they were in fashion. think of all that code that wont
be portable when you finally decide youve got better things to do than
go through the pain of adding another few pages.

your password scheme will only stop absolute beginners, and it gets
"saved" in the addressbar, cache, all caching proxies, the actual box
(unless you turn off autocomplete), the history, and doesnt expire if
the browser is restarted. I would have chosen to use a 1 or 2 line
.htaccess file myself. hassle avoided.

As I am a beginner, how would I use a .htaccess file

 

[ASM]

prophet a écrit :

As I am a beginner, how would I use a .htaccess file

The best would be to ask Google.
(or a ng speaking about servers)

 

[shimmyshack]

hi yeah, assuming you are on apache you will probably have mod_auth
already installed and running all you need to do is to create an
..htaccess file to prevent access to a directory, files you would write
html as normal but put inside the protected directory, lets call it
"protected"

http://sub.domain.com/protected/

then in notepad or some other text editor you would write these lines.

AuthName "Please Log In"
AuthType Basic
AuthUserFile /absolute/path/to/private/folder/.htpasswd
Require valid-user

the .htpasswd file contains users and their passwords, if no
users/passwords, then just fill it with the "secret" words you were
already going to use in the javascipt
you make the .htpasswd using the program .htpasswd, google for it, it
comes with apache

htpasswd -c bob -p (-c create)
enter password...
coolhuh
coolhuh
htpasswd -b baldrick -p
yeah
yeah

heres an example of what it then looks like
bob:$9likh98hn09fnhiHIO390=-
baldrick:9klhTV437gi09j09
you can add many "users" so if your secret word was marmelade, just add
that with a blank password.

save the .htaccess file in the dir you are protecting, and save
..htpasswd somewhere private where noone can get it using
http://sub.domain.com/.htpasswd
ie. if your web doc root is /www/public_html
then save ,htpasswd in /www/private/.htpasswd

no need to restart the server, now whenever you try to get
files/images/html/js/css etc... of the form

http://sub.domain.com/protected/file.html
and any subdirectories like

http://sub.domain.com/protected/subdir/file2.html

you will be prompted for a user/pass combo.
Provided the user doesnt close the browser, you will have access to all
files from within there for the duration of the session.