I have Two kinds of web pagess, one is for control page for only admin login, another one is to view status for user login. initially both html files can view with 192.168.0.10/control.htm and other file is 192.168.0.10/status.htm. I searched on Internet and I got some login code. this login comes when I give 192.168.0.10, then I gets login page, I can login with admin/admin, also I can login with user/user, once login, the corresponding page comes with admin login, control.htm comesup, with user login, status.htm file shows, on both of these pages I have logout, when admin or user click on logout, then login page comes back. even admin or user logout, if I give absolute path like 192.168.0.10/control.htm or 192.168.0.10/status.htm on browsewr, those pages are comingup, how can I force without login, that page shouldnot come?. when admin or user didn't login, I don't want those pages should showup, it should show only when admin or user loggedin. These web pages running on microcontroller with limited memory, not like full pledge high-end processor, I don't have CGI/PERL on this microcontroller , I can set some variables in flash, or I can read some variables from flash to web. can I get some javascript to force login page when admin or user not logged in when they give absolute path like above, please let me know.
12 3055
Can some expert give me a clue about how to do this?. thanks in advance
I am new to javascript.
I have login page with javascript, checks login-id and password, admin/admin and user/user, once admin or user login, it brings control page (control.htm) for admin and status page (status.htm) for user. but without login, if I give absolute address of control page or status page directly (192.168.0.10/control.htm or 192.168.0.10/status.htm) it shows up. Is there anyway I can put a javascript validation in control/status page to makesure without login, those page shouldn't appear, can I get some javascript.
Web server running on microcontroller , not full pledge scripts like CGI/Perl won't run here.
thanks in advance
Dormilich 8,658
Recognized Expert Moderator Expert
but you are aware that password validation only with Javascript is highly insecure?
Actually that is fine, by default I supply different password fof admin and user. Most of the time admin only controls, where as the users will notified that they have to login with user id only, also I am supplying different password for admin and user. Admin is the one who opens manual and reads, admin knows both passwords, where as the user don't know admin password except user password.
I added login script, I can paste if needed. What I want is, after logi, admin login takes to control page (read and write) and user login takes to status page, (Read only), but if I give absolute path, both pages are visible without either login, I need some kind of auth to show pages with abs path.
Please let me know.
cursor not pointing to login user id box, unless I keep cursor and click in that box, by default how can I force cursor goto login id box?.
It is fine if it is insecure. I am looking how inside pages shouldn't show with absolute path.
gits 5,390
Recognized Expert Moderator Expert @tvnaidu
have a look at the answer to your other post where you asked that question.
kind regards
Thanks you verymuch, appreciated.
acoder 16,027
Recognized Expert Moderator MVP
I'm afraid JavaScript doesn't provide much security and it's very easy to circumvent any login process coded using JavaScript. You may try Flash.
Sign in to post your reply or Sign up for a free account.
Similar topics |
by: Gowhera Hussain |
last post by:
Use This for Learning Only ....
Do Not Try To Act Smart
HACKING WITH JAVASCRIPT
Dr_aMado Sun, 11 Apr 2004 16:40:13 UTC
This tutorial is an overview of how javascript can be used to bypass
simple/advanced html forms and how it can be used to override cookie/session
|
by: annoyingmouse2002 |
last post by:
Hi there,
sorry if this a long post but I'm really just starting out. I've been
using MSXML to parse an OWL but would like to use a different
solution. Basically it reads the OWL (Based on XML) and puts values in
a number of arrays and then puts the contents of the array in a HTML
table. I'd like to keep the array structure. I've checked out all
sorts of different javascript parsers but have not met with a great
deal of success with any...
|
by: strutsng |
last post by:
<input type="file"> only allows the user to browse for files.
How about "browse for folder" dialog? Can html/javascript do that? I
couldn't find any syntax for that. If not, please advise what are the
other approaches.
please advise. thanks!!
|
by: Matt Kruse |
last post by:
http://www.JavascriptToolbox.com/bestpractices/
I started writing this up as a guide for some people who were looking for
general tips on how to do things the 'right way' with Javascript. Their code
was littered with document.all and eval, for example, and I wanted to create
a practical list of best practices that they could easily put to use.
The above URL is version 1.0 (draft) that resulted. IMO, it is not a
replacement for the FAQ,...
|
by: tony |
last post by:
I'm designing a survey form page that will be fairly complex and am
becoming confident enough with PHP now to tackle most things.
(Thanks to everyone here who has helped)
Before I go too far with this I was wondering if anyone could perhaps
offer advice or point me to any documents/web pages that could help with
ensuring the security of the form/page and site. It is likely that the
form will come under attack I expect.
Even comments...
| |
by: Grey |
last post by:
I have to write a program to verify email address availability. i have to
verify thousand of email address. is there any way to verify the email in
..net instead. the requirement is to verify which email valid or invalid
|
by: diane |
last post by:
I've got an application running with table-based security: i capture
the user's windows login with fOsusername, then have them enter a
password checked against their username/login in my own table. The
problem is, they can't remember the passwords they've created, and I
spend more time than I want to resetting.
Here's what I'd LIKE to have happen: when the user opens the
application (Access2k), a dialog box appears with the windows...
|
by: Devin |
last post by:
Hi,
This might seem a little bit disjointed. My boss is suggesting I take
a certain approach to something. There is a private section of the
intranet (its essentially its own section as few users would have use
for it or even know of its existence) and when a user logs on to the
home page of this intranet site ASP should verify that they are
allowed to be there (based on them logging on to the network when they
logged on to their PC).
|
by: tvnaidu |
last post by:
I have Two kinds of web pagess, one is for control page for only admin login, another one is to view status for user login. initially both html files can view with 192.168.0.10/control.htm and other file is 192.168.0.10/status.htm. I searched on Internet and I got some login code. this login comes when I give 192.168.0.10, then I gets login page, I can login with admin/admin, also I can login with user/user, once login, the corresponding page...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |