Google Answers Logo
View Question
 
Q: web design ( Answered 5 out of 5 stars,   1 Comment )
Question  
Subject: web design
Category: Computers > Security
Asked by: jossychina-ga
List Price: $20.00
Posted: 05 Mar 2004 09:15 PST
Expires: 04 Apr 2004 10:15 PDT
Question ID: 313770
dear researcher,
       I am using a sundomain. I registered my site with
esmartstart.com and I want a situation whereby people have to login to
my site with a user name and password to be able to view certain parts
please.
Answer  
Subject: Re: web design
Answered By: larre-ga on 05 Mar 2004 11:41 PST
Rated:5 out of 5 stars
 
Thanks for asking!

According to their Terms of Service, eSmartStart doesn't permit direct
use of CGIs (programs that can be used for password protecting
directories), Java Servelets, or .htpasswd and .htacess files. These
three methods are considered the more reliable forms of employing
password protection. There's no database setup, so PHP/MySQL is also
unavailable. In order to require logins, you'll need to employ a
javascripts or, perhaps, consider a Remotely Hosted Login Script.

I've scouted around and located a couple of easy-to-install
javascripts that provide the features you've requested.


THREE TRIES JAVASCRIPT
----------------------------------------------------------------------

This javascript allows a single password for multiple users. Visitors
get three tries to enter the correct password then they are refused
entry. The easy installation instructions are written right into the
script.

Copyright rules here at Google Answers do not allow us to copy and
paste the script directly into the answer. To obtain this (free)
script:

Visit: http://javascript.internet.com/passwords/three-tries.html

Click the "Highlight All" button

Right-click and select: Copy

Open a blank document in your text or HTML editor, and Paste the info
from your Clipboard to the blank document.

Follow the instructions in the script for embedding it into your HTML
page that you'll then upload to your eSmartStart website.


MULTIPLE USERS JAVASCRIPT
----------------------------------------------------------------------

If you'd rather not have just one password for access to a Members
Only area of your site, here's a Multiple Users javascript. You can
set up individual usernames and passwords for as many members as you
like, and you have the choice of giving each user an individual
welcome/login page.

To obtain this (free) script:

Visit: http://javascript.internet.com/passwords/multiple-users-source.html#source

Click the "Highlight All" button

Right-click and select: Copy

Open a blank document in your text or HTML editor, and Paste the info
from your Clipboard to the blank document.

Follow the instructions in the script for embedding it into your HTML
page that you'll upload to your eSmartStart website.


ADDITIONAL JAVASCRIPT RESOURCES
----------------------------------------------------------------------

If you'd like to learn more about javascripts in general, especially
Password Protection javascripts, I've located a beginner's tutorial
which will walk you step-by-step through script creation and
installation.

Page Resource
Javascript Password Protection Tutorial
http://www.pageresource.com/jscript/jpass.htm

Irt.org (Internet Related Technologies) offers a Javascript
KnowledgeBase Password Protection FAQ. I've always liked IRT's
down-to-earth explanations and scripting suggestions.

irt.org
Knowledge Base | JavaScript | Password Protection
http://developer.irt.org/script/password.htm

You'll find many different javascripts available in the script
collections listed in the Google Directory.

Javascript Collections - Google Directory
http://directory.google.com/Top/Computers/Programming/Languages/JavaScript/Scripts/Collections/


REMOTELY HOSTED LOGIN SCRIPTS
----------------------------------------------------------------------

Remotely Hosted scripts "operate" or run on a separate web service or
server. They're most often used when a particular web host, such as
eSmartStart.com, does not accommodate some of the more advanced
website features. These scripts are linked using plain HTML or,
sometimes, javascript.

Here's a short list of several Password Protection Scripts that are
available (free) and appear to meet your needs. You'll be able to
obtain installation instructions from the selected Remote Hosting
services.

HostedScripts - Password Protection
http://www.hostedscripts.com/

SiteGagets - Password Protection
http://www.sitegadgets.com/info/prot.html?

CGI for Me - Password Protection (click on Password Protection link)
http://www.cgiforme.com/index2.cgi

CGI Resource/Remotely Hosted - Password Protection (12 scripts listed)
http://cgi.resourceindex.com/Remotely_Hosted/Password_Protection/



Answer and Search Strategy
----------------------------------------------------------------------

Close examination of the eSmartStart.com website, member requirements,
TOS, and FAQ.

Google Search Terms:

login javascript
"user authentication" javascript
"password protection" javascript
"remotely hosted" "password protection"

I believe these resources will meet your needs. If anything is
unclear, or you discover broken links, please let me know. I'll make
it right.

Best regards,

---larre

Request for Answer Clarification by jossychina-ga on 05 Mar 2004 14:34 PST
Please, I like the site provided but there is a problem. How do I add
or remove users now that I have pasted those codes in my site? Please,
I will need a clear answer

Clarification of Answer by larre-ga on 05 Mar 2004 14:59 PST
For the JavaScript Source Multiple Users script...

Each time you wish to add users, you'll need to modify the javascript
adding the additional users/password to the listing in the script
portion of the page, and then upload the page to your webspace again.


Open the HTML page in your HTML editor.

Add names and passwords to the Multiuser Javascript Code

Save the file (page).

Upload it to the eSmartStart servers. 


I'll be happy to clarify further, if needed. 

---l
jossychina-ga rated this answer:5 out of 5 stars
Thanks for your answer. I still have to learn it thru the link provided

Comments  
Subject: Re: web design
From: djcapelis-ga on 29 Mar 2004 12:01 PST
 
This method of authenticating users is insecure.  It sends the
password information to the user and can be easily bypassed, or the
passwords retrieved.

The best option would be to use a file to store the information on the
server or go ahead and build a database on the server to use.  Or, use
a service which provides the means to use a good database.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  


Google Home - Answers FAQ - Terms of Service - Privacy Policy