HTML Security
Moderator: Mod Squad
-
The Bandit
- Posts: 29
- Joined: Mon Jun 04, 2007 5:30 pm
- Location: Margate, FL
HTML Security
If adding a new html web page in WG3.2, is there a way to require the user to log-in before the page can be viewed (similar to forums, files, etc)?
Re: HTML Security
i did it with my wg developer page just made it an active-h page requiring login, it loaded login.asp and passed from there. to prevent users from going directly to the link you can write a small web addon not allowing web http requests to anything but the root.The Bandit wrote:If adding a new html web page in WG3.2, is there a way to require the user to log-in before the page can be viewed (similar to forums, files, etc)?
Re: HTML Security
Just create a directory under your "webpages" directory in Worldgroup for all your new webpages, then create a login script as your index.htm file in this new directory.The Bandit wrote:If adding a new html web page in WG3.2, is there a way to require the user to log-in before the page can be viewed (similar to forums, files, etc)?
I created "test" as the directory and test.htm for the example below.
You would use test/test.htm as the location to goto if the logoin is successful (change it to whatever directory name/filename you created).
This is entered as the VALUE statement as part of INPUT TYPE for the form.
You can also spruce up the page to match your website if you want.
Using this you need to be a WG member, or signup first.
TD
=========================
<HTML>
<HEAD>
<TITLE>Log-In Required</TITLE>
</HEAD>
<BODY>
<H1><I>Log-In Required</I></H1>
<P>Please enter your User-ID and password.<BR>
<FONT SIZE=-1>(If you don't have an account on this system, please
<A HREF="/signup/">sign up</A>.)</FONT>
<FORM NAME="login" ACTION="/session/login/" METHOD=POST>
<INPUT TYPE=HIDDEN NAME="onsuccess" VALUE="/test/test.htm">
<TABLE BORDER=0>
<TR>
<TD>User-ID:</TD>
<TD> </TD>
<TD><INPUT TYPE=TEXT MAXLENGTH=29 NAME="uid"></TD>
</TR>
<TR>
<TD>Password:</TD>
<TD> </TD>
<TD><INPUT TYPE=PASSWORD MAXLENGTH=9 NAME="pwd"></TD>
</TR>
<TR>
<TD COLSPAN=2> </TD>
<TD><INPUT TYPE=SUBMIT VALUE="Log In"></TD>
</TR>
</TABLE>
</FORM>
<SCRIPT LANGUAGE="JavaScript"><!--
document.login.uid.focus();
// --></SCRIPT>
</BODY>
</HTML>
====================================
Sysop of QuickSilver MBBS
http://www.quicksilvermbbs.com
http://www.hashhouse.net
http://www.dataware.info
http://informationware.com
http://www.quicksilvermbbs.com
http://www.hashhouse.net
http://www.dataware.info
http://informationware.com
Re: HTML Security
this would also force login on an external call http"//yourdomain/test"?Toyduck wrote:Just create a directory under your "webpages" directory in Worldgroup for all your new webpages, then create a login script as your index.htm file in this new directory.The Bandit wrote:If adding a new html web page in WG3.2, is there a way to require the user to log-in before the page can be viewed (similar to forums, files, etc)?
I created "test" as the directory and test.htm for the example below.
You would use test/test.htm as the location to goto if the logoin is successful (change it to whatever directory name/filename you created).
This is entered as the VALUE statement as part of INPUT TYPE for the form.
You can also spruce up the page to match your website if you want.
Using this you need to be a WG member, or signup first.
TD
=========================
<HTML>
<HEAD>
<TITLE>Log-In Required</TITLE>
</HEAD>
<BODY>
<H1><I>Log-In Required</I></H1>
<P>Please enter your User-ID and password.<BR>
<FONT SIZE=-1>(If you don't have an account on this system, please
<A HREF="/signup/">sign up</A>.)</FONT>
<FORM NAME="login" ACTION="/session/login/" METHOD=POST>
<INPUT TYPE=HIDDEN NAME="onsuccess" VALUE="/test/test.htm">
<TABLE BORDER=0>
<TR>
<TD>User-ID:</TD>
<TD> </TD>
<TD><INPUT TYPE=TEXT MAXLENGTH=29 NAME="uid"></TD>
</TR>
<TR>
<TD>Password:</TD>
<TD> </TD>
<TD><INPUT TYPE=PASSWORD MAXLENGTH=9 NAME="pwd"></TD>
</TR>
<TR>
<TD COLSPAN=2> </TD>
<TD><INPUT TYPE=SUBMIT VALUE="Log In"></TD>
</TR>
</TABLE>
</FORM>
<SCRIPT LANGUAGE="JavaScript"><!--
document.login.uid.focus();
// --></SCRIPT>
</BODY>
</HTML>
====================================
im no web tech by far im learning as i go
need a database module written im the man need an index.htm to say hello your SOL, lol
Re: HTML Security
Yes, if a user entered http://yourdomain/test/ it still would force a login request. The WG webserver looks for 'index.htm' as the starting point for a web-set in a directory; putting the login script in the 'index.htm' causes the login request. It's not fooproof, but it is simple to do.dspain wrote:
this would also force login on an external call http"//yourdomain/test"?
im no web tech by far im learning as i go
need a database module written im the man need an index.htm to say hello your SOL, lol
TD
Sysop of QuickSilver MBBS
http://www.quicksilvermbbs.com
http://www.hashhouse.net
http://www.dataware.info
http://informationware.com
http://www.quicksilvermbbs.com
http://www.hashhouse.net
http://www.dataware.info
http://informationware.com
Re: HTML Security
Another option;The Bandit wrote:If adding a new html web page in WG3.2, is there a way to require the user to log-in before the page can be viewed (similar to forums, files, etc)?
turn on secureweb in your setup files for WG; general setup, then set a key in security and accounting for it's administration.
Make the directory and/or .htm file you want in the /wgserver/webpages directory,
then enter the url; http://yourdomain/secureweb/ to reach your WG server.
You will get the option of 'securing' that directory by key and by an additional password if you want.
This is probably the most secure way with WG.
TD
Sysop of QuickSilver MBBS
http://www.quicksilvermbbs.com
http://www.hashhouse.net
http://www.dataware.info
http://informationware.com
http://www.quicksilvermbbs.com
http://www.hashhouse.net
http://www.dataware.info
http://informationware.com
Re: HTML Security
well i have galacticomm SSL as well i bought from netvillage about 2 years ago.Toyduck wrote:Another option;The Bandit wrote:If adding a new html web page in WG3.2, is there a way to require the user to log-in before the page can be viewed (similar to forums, files, etc)?
turn on secureweb in your setup files for WG; general setup, then set a key in security and accounting for it's administration.
Make the directory and/or .htm file you want in the /wgserver/webpages directory,
then enter the url; http://yourdomain/secureweb/ to reach your WG server.
You will get the option of 'securing' that directory by key and by an additional password if you want.
This is probably the most secure way with WG.
TD
im not ready to dive into web production yet just looking at my options.
Re: HTML Security
Well this procedure/option is available in WG 3.2 also.dspain wrote:well i have galacticomm SSL as well i bought from netvillage about 2 years ago.Toyduck wrote:Another option;The Bandit wrote:If adding a new html web page in WG3.2, is there a way to require the user to log-in before the page can be viewed (similar to forums, files, etc)?
turn on secureweb in your setup files for WG; general setup, then set a key in security and accounting for it's administration.
Make the directory and/or .htm file you want in the /wgserver/webpages directory,
then enter the url; http://yourdomain/secureweb/ to reach your WG server.
You will get the option of 'securing' that directory by key and by an additional password if you want.
This is probably the most secure way with WG.
TD
im not ready to dive into web production yet just looking at my options.
Sysop of QuickSilver MBBS
http://www.quicksilvermbbs.com
http://www.hashhouse.net
http://www.dataware.info
http://informationware.com
http://www.quicksilvermbbs.com
http://www.hashhouse.net
http://www.dataware.info
http://informationware.com