[thelist] A little JS Problem

Brian Cummiskey Brian at hondaswap.com
Wed Dec 29 22:22:25 CST 2004 

Norman Bunn wrote:

> I have this page with a very rudimentary password scheme 
> (http://www.siconsultants.com/assoc.html).  It's kinda like those 
> chain latches people put on doors; it will keep casual folks out.  In 
> essence, it looks for a pattern in the password and allows the link to 
> go through if there is a match.  If not, it generates an alert and 
> sends you back to the same page.
>
> My client likes this setup and is not worried about unauthorized 
> access; all the really sensitive stuff is elsewhere.
>
> However, he wants to make it so the casual observer cannot tell how 
> many associations he has as clients and would like the password 
> pattern to determine the page the user is routed to.  For example, 
> type in "123abc_cpa" and go to the CPA page; type in "456def_bar" and 
> go to the bar page.  I have tried to get this to work, but I can't 
> seem to get the JS to override the ACTION in the FORM tag.  What am I 
> missing?
>
> The HTML:
>
> <FORM METHOD=GET ACTION="cpa.html" NAME="cpaform" onSubmit="return 
> cpaPass();">
>
> THE JS:
>
> <script language="JavaScript"> <!-- function cpaPass() {   var 
> initArray = new Array("CPA","cpa","Cpa","CPa","cpA","cPA");
>   var alertFlag = 0;
>   var badInit = '1';
>   if(document.cpaform.password.value == '') {      alert('Please enter 
> your SCACPA password.');       return false;
>   }   else{      var passstr = document.cpaform.password.value;       
> n=0;
>       while (n < initArray.length) {
>           if (passstr.substring(7) == initArray[n]) {
>             badInit = '';
>         }
>           n++;
>       }
>       if (badInit != '') {
>           alertFlag = 1;
>       }
>      var passres = passstr.substr(0,3).match(/[0-9]/);      if(passres 
> == null) {         alertFlag = 1;      }      passres = 
> passstr.substr(3,3).match(/[A-Za-z]/);      if(passres == null) { 
>         alertFlag = 1;      }      passres = 
> passstr.substr(6,1).match(/_/);      if(passres == null) {         
> alertFlag = 1;      }   }
>   if(alertFlag == 1) {      alert('The password you entered is 
> invalid.\nPlease re-enter your SCACPA password.');      return false; 
>   }   else {
>   return true;
>   }
> }
> Thanks!
>
> Norman
>



-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.298 / Virus Database: 265.6.6 - Release Date: 12/28/2004

More information about the thelist mailing list