Javascirpt中的登录页面和安全性 [英] Login Page In Javascirpt and security

问题描述

大家好，

我正在创建一个小型网站，将其放置在本地共享驱动器上.

我已经使用Javascript代码创建了一个简单的登录页面，如下所示:

Hi Everyone,

I am creating a small website which i am gonna placed on Local shared drive.

I have Created a Simple Login Page using Javascript Code as Follow:

function check(form)
{
/*the following code checkes whether the entered userid and password are matching*/
if(form.userid.value == "admin" && form.pswrd.value == "pwd@123")
{
window.open('home.html')/*opens the target page while Id & password matches*/
}

else if(form.userid.value == "maddy" && form.pswrd.value == "maddy@123")
{
window.open('home.html')/*opens the target page while Id & password matches*/
}

else
{
alert("Please Enter Username and Password")/*displays error message*/
}
}

但是这里发生了问题，我已经共享了指向每个用户的共享登录页面链接，当他们使用定义的用户名和密码登录时，他们会转到主页，该页面会在我不希望的新窗口中打开.

1)我想在同一窗口中打开"home.html".

和

如果有人直接输入"home.html" URL，那么他们可以在没有任何有效登录的情况下看到主页.

2)要打开主页，每个人都必须输入用户名和密码，否则他们将无法通过直接链接访问主页.

当我将此网站上传到本地共享驱动器上时，请使用Javascript，Jqueries，HTML，CSS和一些简单的技巧为我提供建议.

谢谢和问候，
Mayur K. Alaspure

But problem occurred here, I have Shared Login Page link to every one, when they logged in with defined username and Password they go to home page which opens in new Window Which i don''t want.

1) I want to open "home.html" in same window.

and

If someone directly entered the "home.html" url then they can see the homepage without any valid login.

2) To open homepage everyone must enter username and Password else they can not access the homepage with direct link.

Please suggest me with Javascript, Jqueries, HTML,CSS and bit easy tricks as i am uploading this web on Local Shared drive.

Thanks and Regards,
Mayur K. Alaspure

推荐答案

Gday伴侣.

听起来您只是在做一个家庭项目，输入东西-即所有位于同一建筑物/住宅中的机器-不能从外界访问的东西.
无论哪种情况，实际上都是您需要Web服务器(软件)为其提供的东西.这样，您就可以在服务器上放置文件"home.html"(或其他等效文件).当请求时，服务器将对其进行检查并执行其中的任何代码，然后再将结果返回给请求者(通常是Web浏览器).

话虽如此，对(1)的答案是设置当前窗口的位置，而不是打开一个新窗口.您可以通过设置window.location来执行此操作，而不是使用window.open.

我对问题(2)的回答是下载XAMPP，然后做一个登录页面教程.然后，您的用户名/密码将被提交到Web服务器上的页面，该页面将在将其传递到主文件或重新加载登录页面之前检查其有效性.由于您在home(.html)页面上有活动代码，因此可以检查用户是否登录.如果没有，请不要输出任何相关页面.

这就提出了另一点-任何具有登录页面链接的人都可以查看其源代码.完成后，将显示每个人的密码/用户名.这真的不是一个很好的系统..

您可以在此处获取XAMPP: http://www.apachefriends.org/en/xampp-windows.html [ ^ ]
这是一个看起来不错的口吻: http://www.phpeasystep.com/phptu/6.html [^ ]

Gday mate.

Sounds like you''re just doing a home-project, type thing - i.e all machines in same building/residence - not something to be accessed from the outside world.
In either case, it''s really something that you need a webserver(software) for. That way, you have the file ''home.html'' (or another equivalent file) sitting on the server. When it''s requested, the server examines it and executes any code in it before returning a result to the requester (usually a web-browser).

With that said, the answer to (1) is to set the location of the current window, rather than opening a new one. You can do this by setting window.location, instead of using window.open.

My answer to question (2) would be to download XAMPP then do a login-page tutorial. Then, your users'' names/passwords will be submitted to a page on the web-server that checks their validity before passing them on to the main file, or reloading the login page. Since you''ve got active code in the home(.html) page, you can check if the user is logged in or not. If not, just don''t output any of the concerned page.

This brings up another point - anyone with a link to the login page can view it''s source. When this is done, the passwords/usernames for everyone will be visible. This is really not such a good system..

You can get XAMPP here: http://www.apachefriends.org/en/xampp-windows.html[^]
Here''s a tute that looks good: http://www.phpeasystep.com/phptu/6.html[^]

看看这个问题 [ ^ ]以及其中的链接.

它将向您解释与此有关的一些问题.

祝你好运！

Take a look at this question[^] and the links that are in it.

It will explain you some concerns related to it.

Good luck!

这篇关于Javascirpt中的登录页面和安全性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！