Home > Features > Password Protection Using JavaScript • Bookmark   • Newsletters   • Register Search Options

FEATURE

Password Protection Using JavaScript

Password Protection Using JavaScript

March 4, 2002
Text size: 
Get XBIZ News
XBIZ Research
Will virtual reality boost the paysite market?
Yes, it will soon
  39.66%
Yes, but in a few years
  36.87%
No
  23.46%
Out of 179 votes. Results based on votes submitted by members of XBIZ.net social network.

" You should also be aware that since this client-side approach does require JavaScript to be enabled on the visitor's end, not everyone will be able to use it. "

Sometimes you may wish to allow friends, sponsors, and other visitors who are not "members" to enter your protected member's area without having to 'join' your site. While most pay sites can easily setup 'guest accounts,' AVS sites (among others) are not as fortunate. Here's an easy solution with many intriguing possibilities:

Whether you want to allow a sponsor or content provider access to your protected content area for program compliance verification, or a reviewer to evaluate your design, or you just want to give your friends free porn, there are many times when having a 'reasonably' secure gateway can come in handy. I have used this simple method in the past for all of the above reasons, as well as to protect 'under construction' or 'Beta' areas of my projects, as well as online 'admin' and 'stats' areas within my various operations.

Builders of AVS sites are one group of Adult Webmasters who will doubtless see the value of this approach, since they usually have only one 'master password' and may be quite reluctant to reveal it for any of the above purposes, as it usually gives the user access to your AVS stats and admin functions, plus a level of 'involvement' that is the rough equivalent of 'sysadmins' doling out 'root' access to everyone: Since many Adult Webmasters do not implement .htaccess-based directory protection, simply handing out the member's area URL is by far the easiest option, but making a more attractive and professional looking 'guest pass' page is a much better approach.

The Problem (and Solution) when Using JavaScript
While JavaScript based security implementations are at best 'limited' in their efficiency, there are times when they pose the best option, and if done correctly, can provide a major stumbling block for would-be intruders. Many if not most of the implementations that I have seen embedded the password within the script itself, and used a simple comparison of the entered value with the embedded value to allow or deny access. The main problem with this approach is that a simple 'view source' will reveal the gateway page's underlying HTML, including the password itself.

My approach does not include the password within any of the HTML code, and it even allows for multiple passwords that will provide access to different pages. How? The code takes the entered value, and tacks on a file extension (like '.htm' '.html' or '.php' etc.) before redirecting the visitor to the specified page. Flexible and cunning, the use of 'real' passwords for page names such as "a0032P.html" rather than "members.html" will add a tremendous level of enhanced security to this approach, since any 'guessed' name will result in access to pages with that name.

The possibilities are many, the code, simple:

HTML HEAD

SCRIPT language="JavaScript"

!--- JavaScript Gateway

function gateway() {

var password = document.gate.password.value;
var location=password + ".html";
this.location.href = location;

}

// JavaScript Gateway ---

/SCRIPT

/HEAD BODY

FORMname="gate" TABLE align=center border=0 TR
TD INPUT type="password" name="password" size=20 /TD
TD INPUT type="button" value="ENTER" name="enter" onclick="gateway()" /TD
/TR /TABLE /FORM

/BODY /HTML There are many interesting uses for this script, and a little experimentation can go a long way.

Realize that any 'wrong' (or failed) entries will generate a '404' error, and so you should always include an .htaccess redirect based on this. You should also be aware that since this client-side approach does require JavaScript to be enabled on the visitor's end, not everyone will be able to use it (although the vast majority will). There are many interesting uses for this script, and a little experimentation can go a long way.

Sure, this type of approach could also be easily (and more robustly) done using php, but not all ISPs (and especially not all free hosts) support this server-side technology, and the way I did it is an easy method for anyone to implement. If you have any questions or comments on the use or abuse of this script, then click on the link below: ~ Stephen


EDUCATIONAL FEATURES

Cam World: A Good Grind Reaps Riches

For years, webcam modeling was taboo and considered by many as a dirty and raunchy activity. However, in today’s economy, webcam jobs are being accepted more and more by everyone across the globe.... More »

Cam World: Beauty on Point — Models Talk Tradecraft

Cam girls are the girls that are always on point — with the perfect make-up and perfect skin, the shiny hair and long nails. Given their expertise, I asked some of the girls from Studio 20 if they... More »

Cam World: Camming and Toys Go Hand in Hand

There is nothing more satisfying than pleasure, especially if it is sexual. The size or the presentation of the stimulus does not matter if the sensations and tension the body receives transform the way... More »
XBIZ NEWSLETTERS
Stay informed of the latest industry developments. Get XBIZ newsletters delivered to your inbox. Subscribe today!
Enter email address:

* To manage existing subscriptions click here.






POPULAR PRODUCTS & SERVICES
Submit your press release to
multiple news outlets with 1 click.
Subscribe to RSS news feeds or
add free content to your website.
Access XBIZ news and articles
with your mobile device.
Subscribe to XBIZ World magazine, the industry's leading e-commerce trade publication, delivering in-depth coverage of the online, mobile and ancillary digital markets.

UPCOMING EVENTS

XBIZ.net Paysite Meetup

May 04 - May 04
Prague, Czech Republic

Eurowebtainment 2017

May 17 - May 20
Majorca, Spain

XBIZ Retreat

May 30 - Jun 03
Miami, Florida

XBIZ Miami 2017

May 30 - Jun 02
Miami, Florida
Everyday thousands of business professionals browse XBIZ's industry directory for quality products and services. Not listed yet? Your company could be losing potential new business. Submit your company today!
Use XBIZ RSS feeds to stay informed of the latest industry developments or as a content syndication tool for your website!