469,343 Members | 5,711 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,343 developers. It's quick & easy.

How secure is this script?

[HTML]<tr><td colspan=2 align=center><font size="+2"><b>Members-Only Area!</b></font></td></tr>
<tr><td>Username:</td><td><select name=memlist>
<option value='x'>
<option value='John Smith|42691|NGLOQEMM'>John Smith
<option value='Peter Jones|52219|GNLVAPMV'>Peter Jones
<option value='Sue Brown|18215|PXAPGWKY'>Sue Brown
<option value='Sally West|64403|NUIRTURT'>Sally West
</select></td></tr>
<tr><td>Password:</td><td><input type=password size=10 maxlength=8 name=pass></td></tr>
<tr><td colspan=2 align=center><input type=button value="Login" onclick="check(this.form)"></td>
</tr>
</table>
</form>
[/HTML]
Expand|Select|Wrap|Line Numbers
  1. <SCRIPT LANGUAGE="JavaScript">
  2. <!-- Begin
  3. var params=new Array(4);
  4. var alpha="ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHI";
  5. function check(form) {
  6. which=form.memlist.selectedIndex;
  7. choice = form.memlist.options[which].value+"|";
  8. if (choice=="x|") {
  9. alert("Please Select Your Name From The List");
  10. return;
  11. }
  12. p=0;
  13. for (i=0;i<3;i++) {
  14. a=choice.indexOf("|",p);
  15. params[i]=choice.substring(a,p);
  16. p=a+1;
  17. }
  18. h1=makehash(form.pass.value,3);
  19. h2=makehash(form.pass.value,10)+" ";
  20. if (h1!=params[1]) {
  21. alert("Incorrect Password!"); return; };
  22. var page="";
  23. for (var i=0;i<8;i++) {
  24. letter=params[2].substring(i,i+1)
  25. ul=letter.toUpperCase();
  26. a=alpha.indexOf(ul,0);
  27. a-=(h2.substring(i,i+1)*1);
  28. if (a<0) a+=26;
  29. page+=alpha.substring(a,a+1); };
  30. top.location=page.toLowerCase()+".html";
  31. }
  32. function makehash(pw,mult) {
  33. pass=pw.toUpperCase();
  34. hash=0;
  35. for (i=0;i<8;i++) {
  36. letter=pass.substring(i,i+1);
  37. c=alpha.indexOf(letter,0)+1;
  38. hash=hash*mult+c;
  39. }
  40. return(hash);
  41. }
  42. // End -->
  43. </script>
Sep 11 '07 #1
4 1381
dmjpro
2,476 2GB
Hey!
Welcome to TSDN!
Be specific and use Code Tags while you do Post.
Be more specific about your Problem.

Kind regards,
Dmjpro.
Sep 11 '07 #2
im not too sure what you mean by "code tags" i thought they were already included in what i posted.

I got the code from another javascript site and basically what it does is encrypt pasword | page.html for each user you choose. Users can be directed to the same page or each to a different page as you choose. What i dont know seeing that i pretty much know nothing about javascript is how easy this is to decode.
Sep 11 '07 #3
gits
5,390 Expert Mod 4TB
hi ...

code tags are wrapped around your posted code to format and syntax-highlight it:

for example:

[CODE=javascript]
code goes here
[/code]

kind regards
Sep 11 '07 #4
acoder
16,027 Expert Mod 8TB
I got the code from another javascript site and basically what it does is encrypt pasword | page.html for each user you choose. Users can be directed to the same page or each to a different page as you choose. What i dont know seeing that i pretty much know nothing about javascript is how easy this is to decode.
Anything on the client-side is relatively easy to decode especially for someone determined.

In your code, someone just needs to reverse the process of makehash() and they have the required passwords and URLs.

The solution is to code all login on the server-side.
Sep 11 '07 #5

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

6 posts views Thread by Sarah Tanembaum | last post: by
1 post views Thread by deko | last post: by
6 posts views Thread by andrew blah | last post: by
31 posts views Thread by Fredrik Tolf | last post: by
14 posts views Thread by knal | last post: by
3 posts views Thread by tshad | last post: by
1 post views Thread by CARIGAR | last post: by
reply views Thread by suresh191 | last post: by
1 post views Thread by Marylou17 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.