473,324 Members | 2,178 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,324 software developers and data experts.

protecting a link to a page

Hi,
how can I activate a login when someone clicks on a link? I want only
authorized users to have access to the pages accessible through the
links.

Thanks.
Jul 23 '05 #1
6 1356
Lee
Xerxes said:

Hi,
how can I activate a login when someone clicks on a link? I want only
authorized users to have access to the pages accessible through the
links.


Anything involving security should be done on the server,
not on the pages that are sent to the client.
Your web hosting service should be able to help you.

Jul 23 '05 #2
Xerxes wrote:
how can I activate a login when someone clicks on a link? I want only
authorized users to have access to the pages accessible through the
links.


Not with JavaScript (at least not with client side JavaScript).

Most webservers have some kind of built in functionality, or you can
implement a login system in just about any server side programming language
your server supports (you can use postscript if you are feeling insane, but
Perl, PHP and JSP are better bets (Windows users might want to look at
ASP)).
--
David Dorward <http://blog.dorward.me.uk/> <http://dorward.me.uk/>
Home is where the ~/.bashrc is
Jul 23 '05 #3
In article <hB****************@roc.nntpserver.com>, ashkaan57
@hotmail.com enlightened us with...
Hi,
how can I activate a login when someone clicks on a link? I want only
authorized users to have access to the pages accessible through the
links.

Put them in their own directory and protect the directory with decent
security.
..htaccess works great for Apache servers and IIS has it's own mechanism.

This has nothing at all to do with javascript. Javascript should *never*
be used to implement security.

--
--
~kaeli~
Jesus saves, Allah protects, and Cthulhu thinks you'd make
a nice sandwich.
http://www.ipwebdesign.net/wildAtHeart
http://www.ipwebdesign.net/kaelisSpace

Jul 23 '05 #4
Hi and thanks for the reply.
The link is supposed to play a streaming video, hosted by
brandbandvideo.com. If it was to open another page, I could "protect"
the page through the web hosting company admin page so it would
automatically ask for user id and password. But since the link would
open Windows Media Player, I am not sure how to proceed.
I apologize for simple question.

"Lee" <RE**************@cox.net> wrote in message
news:cd********@drn.newsguy.com...
Xerxes said:

Hi,
how can I activate a login when someone clicks on a link? I want only
authorized users to have access to the pages accessible through the
links.


Anything involving security should be done on the server,
not on the pages that are sent to the client.
Your web hosting service should be able to help you.

Jul 23 '05 #5
Xerxes wrote:
Hi,
how can I activate a login when someone clicks on a link? I want only
authorized users to have access to the pages accessible through the
links.

Thanks.


Any "security" you provide via client-side Javascript is no security at
all.

Secure the login process on the server.

Then go a step further and make it difficult to automate a process that
simply tries every password for an account... for example, disable the
account for 10 minutes after 3 successive login failures on an account.

It is unbelievably easy to write applications that will just try to POST
to an ACTION repeatedly with different values for the inputs. This is
precisely why if you fail to provide the correct password to Yahoo! Mail
(for example), it displays an image with machine unreadable text and asks
the user to provide the word. This eliminates any possiblity of an
automated tool hacking away at accounts until it discovers the password.

--
Grant Wagner <gw*****@agricoreunited.com>
comp.lang.javascript FAQ - http://jibbering.com/faq
Jul 23 '05 #6
If the final destination is hosted on a server with no server
authentication, there isn't really anything you can do either client or
server-side to prevent someone from simply bookmarking the final location.

Store the video with some incredibly strange file name, then add server
authentication to a page you host that has a link to the incredibly strange
and hard to guess file name of the video. Of course, once someone has that
link, they can simply post it for all the world to see somewhere else.

Or, a variation on the above might be (if you can manipulate the file hosted
on brandbandvideo.com from your server)... have server-side processing on
your server create a symlink to the video with a really strange name, then
generate a link to that strange name. Have a nightly job remove all the
symlinks created that day. That way, each visit to your protected page
hosted on your server creates a link that is effectively useless the next
day.

What you want to do can not be done using client-side Javascript, and unless
I'm missing something simple and obvious, it can't be done very effectively
server-side either.

Xerxes wrote:
Hi and thanks for the reply.
The link is supposed to play a streaming video, hosted by
brandbandvideo.com. If it was to open another page, I could "protect"
the page through the web hosting company admin page so it would
automatically ask for user id and password. But since the link would
open Windows Media Player, I am not sure how to proceed.
I apologize for simple question.

"Lee" <RE**************@cox.net> wrote in message
news:cd********@drn.newsguy.com...
Xerxes said:

Hi,
how can I activate a login when someone clicks on a link? I want only
authorized users to have access to the pages accessible through the
links.


Anything involving security should be done on the server,
not on the pages that are sent to the client.
Your web hosting service should be able to help you.


--
Grant Wagner <gw*****@agricoreunited.com>
comp.lang.javascript FAQ - http://jibbering.com/faq
Jul 23 '05 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
by: StevePBurgess | last post by:
I have a data driven website. Part of the website is a downloads section - all the downloads are help in a folder called "downloads". When a general user (i.e. one that doesn't have a log in) uses...
12
by: Roland Hall | last post by:
I read Aaron's article: http://www.aspfaq.com/show.asp?id=2276 re: protecting images from linked to by other sites. There is a link at the bottom of that page that references an interesting...
4
by: Jonathan Henderson | last post by:
Obfuscators aren't only used for protecting intellectual property. See the hacker demo at this link: http://www.preemptive.com/documentation/NetHackerDemo.html For those who don't know what...
1
by: darrel | last post by:
I have a section of our site that I'm putting behind a password. The template checks to see if a cookie was set, if not, it sends you to the login page, where you enter in the pwd, and it sets...
0
by: Mark Stokes | last post by:
Hi there, I am currently writing a webmail client in asp.net with C#. I currently support HTML email bodies, but badly formed HTML can cause problems with the rest of my page. Of course, I...
8
by: Iain Napier | last post by:
I'm in the middle of developing a website with a downloads section. It's a wad of educational software for an LEA which for obvious reasons needs password protecting. Users have to authenticate...
1
by: darrel | last post by:
I need to be able to password protect individual pages. For instance: /protected.aspx?id=123 /protected.aspx?id=555 Both would need to be only accessible to two different people (with their...
0
by: xamman | last post by:
hi there! according to msdn (link at bottom) i should be able to protect a whole class declaratively as above. However i keep getting 'request for principal permissions failed' exceptions. in...
5
by: MarkusJNZ | last post by:
Hi all, I have a website which I want to release in 2 versions. The first version will be freeware in exchange for a link back to my page. The second version will cost and will not need a link...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.