+ 1

why theres no security in my js code !?

when i put this code /////////////////////// var password = ("prokho"); var input_pass = prompt("please insert the password to show the page contains"); if ( input_pass == password ) document.write("this is the contain of this page"); else alert("the password is wrooooong" ); //////////// if i insert the right password the text i document.write will be printed in the page but if i press cancle or insert the wrong password the text will not be printed in the page but i can see the html content!!

16th Nov 2016, 1:46 PM
Khaled
Khaled - avatar
3 ответов
+ 3
That's because when you enter the right password, it tell the computer to "Write text to the page" and nothing else.
16th Nov 2016, 1:51 PM
Keto Z
Keto Z - avatar
+ 3
js is not a good option for such security because it is at client side PHP should be used because not only they can have password if they know little js by looking at page source they can even see the secured content and modify to disable the alert as well however the problem you are facing is because document .write writes to the document only what is inside it thus your things will be removed
16th Nov 2016, 5:07 PM
Sandeep Chatterjee
+ 1
Please note that the way you are doing is in NO WAY the way it's done. Do not go out and create pages with that technique. If you are still learning, go on - try out everything there is. BUT don't go out and do that in a real world example... Now that that is done: /* * Configuration */ var password = ("password_string"); /* * Get user input */ var input_pass = prompt("Password: "); if ( input_pass == password ){ document.write("You have entered " + input_pass + "which is the password"); } else{ document.write("You entered " + input_pass + "that is not the password"); }
16th Nov 2016, 3:11 PM
Johannes K
Johannes K - avatar