Validation through javascript....

Re: Validation through javascript....

Yodai wrote:[color=blue]
> I want a webpage to display a validation box while it charges.... I
> want that, as the page is requested, the first thing that appears is
> a box that asks for a name and a password. If the password supplied
> is wrong, then the javascrip sends you to a 'forbidden acces' page,
> else it displays the contents of the page.[/color]

This sounds to me like something you should be doing server-side (e.g. with
PHP).

In most cases, I'm all for client-side form validation wherever possible,
complemented with server-side validation of course, but in this particular case,
you are relying on your client-side validation (eg. via JavaScript) as an
authentication mechanism. If someone has JavaScript turned off, they would
completely by-pass your security mechanisms.

Re: Validation through javascript....

In article <o4CLb.44519$AJ B.11434@news04. bloor.is.net.ca ble.rogers.com> ,
noreply@noreply .com enlightened us with...[color=blue]
>
> In most cases, I'm all for client-side form validation wherever possible,
> complemented with server-side validation of course, but in this particular case,
> you are relying on your client-side validation (eg. via JavaScript) as an
> authentication mechanism. If someone has JavaScript turned off, they would
> completely by-pass your security mechanisms.
>
>
>[/color]

Not to mention they can view the source and get the password.

--
--
~kaeli~
Dijon vu - the same mustard as before.

Re: Validation through javascript....

Thank's guys... But I already know all that... What I am trying to do is to
get a validation for a personal webpage, which is not intended to be a
secure authentication sistem, but more of a fancy-like feature for
identification of users which I already know (customers and family) since
there's no sensible information anyway.

Any idea?

Cheers...

Yodai

Re: Validation through javascript....

In article <S7yMb.2550965$ uj6.6232603@tel enews.teleline. es>,
yodai@spamnot.m ail.vu enlightened us with...[color=blue]
> Thank's guys... But I already know all that... What I am trying to do is to
> get a validation for a personal webpage, which is not intended to be a
> secure authentication sistem, but more of a fancy-like feature for
> identification of users which I already know (customers and family) since
> there's no sensible information anyway.
>
> Any idea?[/color]

Well, you could have a page that prompts for a password. If correct,
loads one page. If not, loads the other.
3 pages all together.

More complicated would be a dynamic write of contents - then you start
having to worry about browser types. Do they all use IE5+?

Remember that both are insecure as hell. :)

--
--
~kaeli~
Press any key to continue or any other key to quit

Re: Validation through javascript....


"kaeli" <tiny_one@NOSPA M.comcast.net> escribió en el mensaje
news:MPG.1a6c87 3ddf577597989ab 2@nntp.lucent.c om...[color=blue]
> In article <S7yMb.2550965$ uj6.6232603@tel enews.teleline. es>,
> yodai@spamnot.m ail.vu enlightened us with...[color=green]
> > Thank's guys... But I already know all that... What I am trying to do is[/color][/color]
to[color=blue][color=green]
> > get a validation for a personal webpage, which is not intended to be a
> > secure authentication sistem, but more of a fancy-like feature for
> > identification of users which I already know (customers and family)[/color][/color]
since[color=blue][color=green]
> > there's no sensible information anyway.
> >
> > Any idea?[/color]
>
> Well, you could have a page that prompts for a password. If correct,
> loads one page. If not, loads the other.
> 3 pages all together.
>
> More complicated would be a dynamic write of contents - then you start
> having to worry about browser types. Do they all use IE5+?
>
> Remember that both are insecure as hell. :)[/color]

Yup... I know... As a matter of a fact, they all use IE5+, or I can make
them use so... The thing is, it must be only one page.... I've thought maybe
could be a grey box covering the actual page with the authentication, if
correct, then it shows what has already been downloaded. Later I will see if
I make some sort of personalization depending on the username... The thing
is that it will all go on a webserver of an embbedded system I have
designed. The thing with this server is that it can only attend one call at
a time, and it can only contain one file, since my emmbedded doesn't have a
file system....

So?....

Cheers....

Yodai

Re: Validation through javascript....

In article <SwAMb.2554233$ uj6.6244295@tel enews.teleline. es>,
yodai@spamnot.m ail.vu enlightened us with...[color=blue][color=green]
>>[/color]
> Yup... I know... As a matter of a fact, they all use IE5+, or I can make
> them use so...[/color]

Well, then, have the prompt check for a proper login. If it is correct,
write to a div the proper content. If it is not, write an error.

Extremely simple example with no error checking:

<html>
<head>
<title> test </title>
<script type="text/javascript">
function checkLogin()
{
var a=prompt("enter the password");
if (a=="noway") writeSuccess();
else writeFail();
}
function writeSuccess()
{
document.getEle mentById("write Area").innerHTM L="Success!";
}
function writeFail()
{
document.getEle mentById("write Area").innerHTM L="Fail!";
}
</script>
</head>

<body onLoad="checkLo gin()">
<div id="writeArea"> </div>
</body>
</html>

--
--
~kaeli~
Who is General Failure and why is he reading my hard disk?

Re: Validation through javascript....

Cheers! I'll give it a try....

Yodai
[color=blue]
> <html>
> <head>
> <title> test </title>
> <script type="text/javascript">
> function checkLogin()
> {
> var a=prompt("enter the password");
> if (a=="noway") writeSuccess();
> else writeFail();
> }
> function writeSuccess()
> {
> document.getEle mentById("write Area").innerHTM L="Success!";
> }
> function writeFail()
> {
> document.getEle mentById("write Area").innerHTM L="Fail!";
> }
> </script>
> </head>
>
> <body onLoad="checkLo gin()">
> <div id="writeArea"> </div>
> </body>
> </html>
>
> --
> --
> ~kaeli~
> Who is General Failure and why is he reading my hard disk?
> http://www.ipwebdesign.net/wildAtHeart
> http://www.ipwebdesign.net/kaelisSpace
>[/color]