I took the following code from another webpage ".shtml".
<SCRIPT>
function passWord() {
var testV = 1;
var pass1 = prompt('Please Enter Your Password',' ');
while (testV < 3) {
if (!pass1) history.go(-1);
if (pass1.toLowerCase() == "letmein") {
alert('You Got it Right!');
window.open('protectpage.html');
break;
}
testV+=1;
var pass1 = prompt('Access Denied - Password Incorrect, Please Try Again.','Password');
}
if (pass1.toLowerCase()!="password" & testV ==3) history.go(-1);
return " ";
}
</SCRIPT>
<CENTER>
<FORM>
<input type="button" value="Enter Protected Area" onClick="passWord()">
</FORM>
</CENTER>
It works only in case the password is entered a second time, but not when it is entered the first time. When you enter the password it says the wrong password prompting you to enter the password again and then it goes through. I need a script that shall prompt me of the correct password, in case I enter the wrong password. Can anyone help me with the code as I am a beginner in JavaScript?
I took the following code from another webpage "http://www.javascriptkit./script/cut10.shtml".
<SCRIPT>
function passWord() {
var testV = 1;
var pass1 = prompt('Please Enter Your Password',' ');
while (testV < 3) {
if (!pass1) history.go(-1);
if (pass1.toLowerCase() == "letmein") {
alert('You Got it Right!');
window.open('protectpage.html');
break;
}
testV+=1;
var pass1 = prompt('Access Denied - Password Incorrect, Please Try Again.','Password');
}
if (pass1.toLowerCase()!="password" & testV ==3) history.go(-1);
return " ";
}
</SCRIPT>
<CENTER>
<FORM>
<input type="button" value="Enter Protected Area" onClick="passWord()">
</FORM>
</CENTER>
It works only in case the password is entered a second time, but not when it is entered the first time. When you enter the password it says the wrong password prompting you to enter the password again and then it goes through. I need a script that shall prompt me of the correct password, in case I enter the wrong password. Can anyone help me with the code as I am a beginner in JavaScript?
Share Improve this question edited Jun 26, 2023 at 18:33 Ahmad Adibzad 6673 gold badges10 silver badges17 bronze badges asked Aug 7, 2013 at 5:15 LouTrevLouTrev 491 gold badge1 silver badge4 bronze badges 2- That link works fine right???? – Guruprasad J Rao Commented Aug 7, 2013 at 5:18
-
Try this
<SCRIPT> function passWord() { var testV = 1; var pass1 = prompt('Please Enter your password',' '); while (testV < 3) { if (!pass1) history.go(-1); if (pass1.toLowerCase() == "Your Password Here") { alert('Password correct !'); window.open('yourProtectedpage.html'); break ; } testV+=1; var pass1 = prompt('Accès denied - Wrong Password.','Password'); } if (pass1.toLowerCase()!="Your Password" & testV ==3) history.go(-1); return " "; } </SCRIPT> <CENTER> <FORM> <input type="button" value="Page Protected by Password" onClick="passWord()"> </FORM> </CENTER>– Yahia Baiba Commented Jun 8, 2018 at 11:08
5 Answers
Reset to default 5Your code appears to work when visiting the link.
I know you're learning. Still, you shouldn't be doing authentication like this though as you're not really protecting anything. Anyone can read the source code by using the "View Page Code" option in any browser (typically right click on the page). This means anyone can easily get your password.
For true authentication you should be using either a server side language (like PHP), or HTTP Digest authentication configured by your web server. Digest is a bit out of date as it uses MD5, but it's a million times better than what you're doing.
For more information about setting up HTTP Digest with Apache web server see:
http://httpd.apache/docs/2.2/mod/mod_auth_digest.html
For doing the same with Nginx:
http://wiki.nginx/HttpAuthDigestModule
The HTTP Basic authentication works too, but it transmits the password from the user's browser in plain text. With HTTP digest the password is hashed.
Knowing that you're learning JavaScript, your best bet is to configure the web server you're using. Since most web hosting services use Apache, you can most likely use an .htaccess file. You can search ".htaccess http digest" for tutorials on how to set this up.
Some web hosting services have control panels that have a feature to protect directories using Digest/Basic auth. In cPanel, which is quite mon, it's called "Password Protect Directories".
If you were more advanced I would suggest doing it in PHP, but thats a rather plicated subject.
//Add this to you script
function run(){
var password = prompt("Password Please");
//Change to your own Password
if(password != 'Sameer'){
document.body.innerHTML = '';
document.body.innerHTML = 'Password Failed! Reload to Renter Password';
}else{
alert('Success');
}
}
run();
Try this.. Just add access denied prompt inside the false case...
function passWord()
{
var testV = 1;
var pass1 = prompt('Please Enter Your Password',' ');
while (testV < 3)
{
if (!pass1)
{
history.go(-1);
var pass1 = prompt('Access Denied - Password Incorrect, Please Try
Again.','Password');
}
else if (pass1.toLowerCase() == "letmein")
{
alert('You Got it Right!');
window.open('protectpage.html');
break;
}
testV+=1;
}
if (pass1.toLowerCase()!="password" & testV ==3)
history.go(-1);
return " ";
}
I used the same exact code that you have and the problem is the the first time for don't know what reason it added one space in front of the input. Just make sure that you don't have that and it will be fine.
If you use a library to render the UI, you can use this function:
export function setPasswordToEnter({
password,
localStorageKey,
errorMessage,
}) {
if (
!password ||
(localStorageKey && localStorage.getItem(localStorageKey) === password)
) {
return;
}
const input = prompt('Enter the password to continue:');
if (input !== password) {
alert(errorMessage || 'Incorrect password');
throw new Error(errorMessage || 'Incorrect password');
}
if (localStorageKey) {
localStorage.setItem(localStorageKey, input);
}
}
Run before the render function:
setPasswordToEnter({
password: 'password',
localStorageKey: '[myapp] password to enter'
});
React Example: https://stackblitz./edit/password-to-enter-react?file=src/index.js
P.S. You should definitely get your password from env variable if possible.