News:

The anti-spam plugins have stopped being effective. Registration is back to requiring approval. After registering, you must ALSO email me with your username, so that I can manually approve your account.

Main Menu

Help on Using Dialog boxes on on's site

Started by fesworks, May 04, 2008, 01:44:45 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

fesworks

I figured I'd ask here. Desh gave me some info on a simple "accept and continue" dialog box:

Quote from: Desh on May 01, 2008, 02:08:22 AM
For a pop up, it's pretty simple depending on how far you want to go.

You could have a javascript onclick with a return confirm in the links.
<a href="#UrlGoesHere" onclick="return confirm('This content is rated mature. You must be at least 18 years old to continue.');">Mature Content</a>

Of course it won't work if the user's browser doesn't have javascript.  If you're really concerned about that, you could write some little php script that reads the URL in a get query.  That page could ask the user the same question without depending on javascript.

<a href="mature.php?url=UrlGoesHere">Mature Content</a>

In mature.php
This content is rated mature. You must be at least 18 years old to continue.
<a href="<?php echo $_GET['url']; ?>">Continue</a>


I was curious if there was a way to password protect certain pages. Merely enter a password to continue. no user name or anything. Just a password.

www.PSIwebcomic.com
www.TheShifterArchive.com
www.ArdraComic.com
www.WebcomicBeacon.com

Xepher

Well, you can do pretty much anything you want with PHP, and it should work with any/all browsers. I assume this is just for the adult verification thing, not really trying to keep stuff super-protected.

I'd just do this:

<?php
if ($_GET['password'] != 'mypassword'){

echo 
"This page requires a password to access it!";

}else{ 
?>


Page content goes here.....

<?php ?>


Then you just send someone a link that reads "http://fesworks.xepher.net/secret_page.php?password=mypassword" and it'll let them access it. It never actually has a form or password dialog at all, just doesn't work if that string isn't on the end of the URL.

fesworks

Well, I wasn't just thinking of the age verification stuff, but I was mostly thinking of "special" pages for bonus stuff for whatnot. Or sharing info between only a few people... things like that.

People would not be able to "View Source" and find the password this way, right?

www.PSIwebcomic.com
www.TheShifterArchive.com
www.ArdraComic.com
www.WebcomicBeacon.com

Xepher

No, because PHP is processed by the server (unlike javascript, which is client side) only what is actually output ever gets to the client. The only danger is if you have some content management system that allows arbitrary file inclusion (which is a bad idea to do anyway.) I only mention this because I've seen several users here that have script to basically include whatever file name someone puts on the page... http://example.xepher.net/index.php?page=about would, for example, just blindly including the file "about.php" in some of these setups. If you have something that dumb, they could change it to "?page=secret_page" and possibly see the password (depending on how the script processes included files.) But basically, as long as you don't have gaping security holes in other scripts on your site, there's no way for them to get the password... save from another user you've given it to of course.

fesworks


www.PSIwebcomic.com
www.TheShifterArchive.com
www.ArdraComic.com
www.WebcomicBeacon.com