Storing the password in a different .js file is not a solution because all those files will be visible in the "temporary internet files". What you could do is to create two html pages the first contains a textfield and a button. The second contains your personal data you want to protect and you put the password as the name of the file. (ex: passwd.html) When you click on the button of the first page, you open a new page whose URL is build with javascript using the password given as filename. It's rather basic but it works. People giving a bad password will have a 404 error. - cerj

0

Dr. Nick, that doesn't work. Are you sure the onClick is correct? getPhone -- that doesn't look right. I tried every conceivable fix. Rolos, it would be cool to see what you could do. Our server is Linux, I think. Apache. I've done Perl scripts on there. Just did phpBB, which works flawlessly, so php is cool. My brother is expert at javascript (out of town) but if it's not secure, wouldn't want to use it. cerj, sounds good to me what you said about having two html pages. Whatever works, guys.

0

var answer; answer = window.prompt("Where Do I Live?", ""); if (answer.charCodeAt(0) == 72 && answer.charCodeAt(1) == 97 && answer.charCodeAt(2) == 119 && answer.charCodeAt(3) == 97 && answer.charCodeAt(4) == 105 && answer.charCodeAt(5) == 105) document.writeln("My Phone Number Is: 999- 9999"); else document.writeln("If You Don't Know Where I Live, You Can't Get My Password"); Cut and paste this code into an HTML file. Do not forget your >script< tags along with them. The password is 'Hawaii'. As you can see all I did was convert each character in the string to their numerical values using charCodeAt(). I could have converted the whole string to a numerical value but I think that it would be a bit more painstaking to crack this way. This method also ensures that the page viewer does not see the real password, rather they see the extremely pathetic 'encrypted' version of it. Let me know if you want to use this method and I hope this helps to a certain extent. - Rolos

0

Hey Rolos, it worked. I'm not much of a programmer and you said include Script tags. Took me awhile to figure it out but finally got it done that it works fine. Where could I view charCodeAt() values? I guess my question next is about using JavaScript. If someone's browser doesn't use it, they can't use it, right? Just wondering of the best way. Plus, 99% of the general public is of no concern. But your method, would it solve the problem, since someone knowing how to view code would know aoubt charCodeAt() values? Or are these unusual values? Lastly, I would give them more than once question. Like, what's my dog's name? What is the mascot of the college I graduated from? etc. It could be fun. Maybe even have humorous error statements. Thanks!

0

Say, maybe this is a little better, Rolos? 1. I put that last JavaScript code you posted in a text file and named it phone.js 2. FTPd to my server 3. Wrote a simple HTML page and put this in there to call that script (someone told me how)... [script src="phone.js" language="javascript" type="text/javascript"][/script] Of course, the [ means etc. So, it works the same but nobody can view source code and see how it works. How could someone view my phone.js file? That would be some serious cracking, wouldn't it?

0

Well actually there wouldnt be much cracking involved. They can still get the file from their browser's cache (I believe) and open and read the script. Or by downloading the file through your server unless you restrict access to it. All they'd have to do is add phone.js to the end of your main page's URL and they have instant downloading access. With the method I gave you, you could write and add a series of functions that could totally throw off the numerical value of the password content's characters and store that into another variable then do more comparisons. This will further make it a pain in the ass for people to try and crack. The value of charCodeAt() returns the value of one letter in the string specified by the programmer. So for example if I used: var password = "Oregon"; I would do the following to get the numerical value of the letter 'O'. document.writeln(password.charCodeAt(0)); This will print the value of 'O' on an HTML page. You would increase the number inside of charCodeAt() by 1 for the next letter in the string. So for example if I wanted the numerical value for 'r' in Oregon I would do the following: document.writeln(password.charCodeAt(1)); And this will give me the numerical value of the letter 'r'. There are sooooo many different ways to go about this, since I don't have any or a lot of experience with using servers and php forms and what have you, I use Javascript to work around that. So I mean what I gave you is just the very beginning of what you could do. There are also encryption algorithms available that you could use in your script. But I do not not know how big you are planning on taking this. From what it seems, this seems like a pretty big project for you. I hope this helps, if you need more explanation please leave a comment. - Rolos

0

P.S. Bill - You would create even more blocks of the stuff that I have given you, except you create more variables to hold these answers for you to do your comparisons. If you want to write anything to an HTML page using Javascript use the following: document.writeln("Message"); I will soon be putting up a tutorial page on a great deal of programming languages put together by myself and many other greater programming demons from this forum. So if you need any help in the future, be sure to stop by and I'll provide that URL for you. Mind you it won't be for another month or so before the very first prototype is put up. - Rolos

0

"greater programming demons" I like that.

0

I was asking where I could view the codes cuz it seems to me there must be a table somewhere. Apprently 105="i" Otherwise, I'm really lost. I googled and read some on charCodeAt but it didn't explain to me. I mean, we have "Hawaii" now but if I want to change that, I don't know how. Is it easy to restrict access to my phone.js file? Permission setting or something else?

0

Rolos simply converted the string value "Hawaii" into numerical code (according the the Unicode Latin-1 standard). Ironically enough, discerning the correct character match is harder than finding the phone number. The table you are looking for can be found here: http://www.bbsinc.com/symbol.html "Is it easy to restrict access to my phone.js file? Permission setting or something else?" A default web server installation means everything is accessable in your root index (such as www.computing.net/[THIS IS ROOT]). So if I wanted to see your js file, I would write its URL into my browser. cerj had a good workaround, which essentially creates a the link to the answer based upon your input. If your input is wrong, the link created is wrong. However, you cannot have security with client-side javascript. Methods of implementing security include making use of .htaccess features in apache, using a database (which can handle users and permissions) to protect your data, or using a server-side scripting language (where you can hide your code and only display output). It is a popular scripting design to combine a database and a server-side scripting language together (like MySQL and PHP). http://www.tmisnet.com/~engholm/books/htmljavascript/CH14.html#ch14xxx11

0

I meant to post on this topic some time ago, but forgot. Cerj stole my thunder in the meantime though...I've used that method a few times, and although I'm sure there is a way around it, it's not known to the common web surfer like myself. I'm no hacker, and getting at those js files is a piece of cake even for me. Decoding the password wouldn't be too tough either, but if I wasn't willing to spend 15 extra minutes to see what dark secrets you're hiding on the page, I'd move on. I'm endorsing the method, of course, assuming a server-side method is out of the question for whatever reason. I haven't gotten my hands on the intellitxt js for this forum though...Something about how the asp outputs it. Has anybody else gotten it? I'm very curious to see how they fixed the sticky scrolling problem. -SN

0

Here is a link to a script that passes a password to be part of a URL -- http://javascript.about.com/library/scripts/blpassword.htm

0

isnt the chrCodeAt thing just ASCII? and even i know that... A = 65, or in binary 01000001 B= 66, 01000010 ect... and a = 97, 01100001 b = 98, 01100010 ect... so all uppercase start with 010, then the letter code, and lower case letters start with 011. im not sure if its the same, but if Hawaii is chr(72), chr(97), chr(119), chr(97), chr(105) and chr(105) then i think at least for the letters it is ASCII. also, coulndt you for another method, just have the pass word's chr values added to a number, and then that number given out as the phone number? for example, if your phone number was 123-4567, and the password was gfedcba, then you could subtract 96 from each of the chr's first off, so the strings chrs are now 7,6,5,4,3,2,1...then you subtract those from the your original phone number, so the new phone number is -6, -4, -2, 0, 2, 4, 6. then store those. when the password is entered, you add each chr (-96) to the number, and then print that number...so if they enteredin "aaaaaaa" in this example, then the phone number would come out to be 531-1357, if you make the numbers positive, just to simplify the output. this is just another way to store it without actually storing the actuall number, although the above method by DuckWill would also work. hope this helps... eaw8806

0