I'll start out by saying I don't know much about Javascript. I took one semester of Java in college which helps me understand the code when I see it, but I have trouble creating my own code from scratch.

Now I know that there are tons of password scripts out there that I can copy and paste, and I have been using my own version on the Gatekeeper code. You can see it here:

www.koiretailer.com/koi.htm

To make it easier on my customers I want the password box on the page itself, not on a popup message or page. I'll keep playing with it, I know I'll get it eventually, but anything you guys can tell me now would be a great help. (and will save some of my hair from being torn out )

Right....firsly you should be doing this with a server side language, you should NEVER use javascript for passwords because it is inaccessible and because everything is done on the client side it is insecure. I took a look at your password script and saw that it seems to be using the good old security through obscurity mentality which never works for long.

For the record, Java and Javascript work very differently in their behaviors and context, so while syntactically they are similar there are many subtle differences.

All you need to do is set up a form on your page (which by the way needs a markup transplant) and then send the data server side to be processed and then set a session to say the customer is logged in, this will give greater customer and site security.

Jamie

What Jamie said. Javascript, being a client-side code solution, is not secure and people will figure out the password pretty easily.

Use PHP, ASP, ASP.NET, or something else that's server-side for passwords. Jamie just gave you the best advice on this subject that you're ever going to get.

I'm not looking for complexity. Just a simple password that will keep simpletons out and send to user straight to the "protected" site. I'm not dealing with logins and usernames. What I'm looking for is a way to get the gatekeeper directly *on* the page and not in a popup window.

I've made some headway, now I'm looking for a method or event that will send the user to a webpage. (the go method seems only to work with pages already in the users history)

EDIT: thank you both for your input and it's not lost on me. I'm not looking for true security here because it's only a wholesale site. If someone gets through then, oh well... there's nothing important I'm trying to hide on the other side.

That's just it, Rusalka: a server-side solution is no more complex than a client-side solution, and will be more likely to keep stupid people out. The thing with idiots is that they have a way of doing the one thing correctly that will open up the door to allow them to do 100 things incorrectly. If the information is important enough to need to be password-protected, then it should be done properly.

The other option is to configure the server in such a way as to not allow access to that folder, and only allow certain user accounts on the server. I think it's done through .htaccess in Apache, but I'm not sure.

By the way...Mr. Deeds was a good movie.

Haha, yeah it was.

OK, I give up. I know HTML and CSS pretty well now but I always knew I would need to pick up php and asp (along with many other things I haven't delved into). Since you seem to be so adamant in me not using javascript for this I'll take it as an excuse to start reading my php books, which are at home, so I'm botching this assignment for today. Maybe after spending some time on that I'll look back and laugh at my attempts to get this damned assign method to work, lol.

Thanks for the extra push guys, I needed it

I never list other sites, but for $10 you can get a password script (ASP/VBscript) here http://www.kattouf.com/mypagelock/ but it uses an "include file" so it will only work on ASP pages. This may or may not help. I have baught his products in the past and was very satified. There may be other options as well searching Google...you need to know what server side languages you can run on your server first.

Greta, this is a simple way to do the identification without pulling all your hair out:

As Jamie said, you need a form:

HTML Code:

<form name="frmPwd" action="login.php" method="post">
  <input type="password" name="inpPwdPass"/>
  <br/>
  <input type="submit" value="Login"/>
</form> 

Then, the login.php should be:

PHP Code:

<?php
//First, define the valid password
$validPwd="ThereIsNoPass";

//Get the form passed password
$userPwd=trim($_POST['inpPwdPass']);

//Check them both, and redirect accordingly
if( $userPwd == $validPwd ){
  header('location:/protected/index.html');
  exit();
}
else{
  header('location:/someErrorPage.html');
  exit();
}
?>

Obviously, you need to change the error or success landing pages, but this is all you'll need.

seeing as you are on IIS

<self-promo>
Site Logon

</self-promo>