Can i use both Server side and Client side scripting to build my web portal

[linmit]

I have a web portal which is scripted using client side scripting language i.e HTML. I want to create a login page in .php and want the other pages to be in .hmtl.

Can i do so?

I want to do this because i want the login password to be stored in a database. Also I want the password to get encrypted (by either MD5 javascript or OpenSSL ) when user enters it inside the login form.

 

I cannot create the entire portal in php because my portal makes use of C code. And php doesn't have an interface with C language.

 

Can a user get directed to a .html page after a secure login from login.php page ?

My main aim is to secure the access to my web portal using a password.

 

I tried to authenticate the login using javascript where the password was stored in an array. But i feel any one having moderate knowledge can easily break that password.

 

Any help would be greatly appreciated!!

[trq]

Firstly, HTML is not a scripting language, it is a simple markup language.

 

As for your questions, of course you can. Practically all web applications are made with a mix of client side scripting (JavaScript) and some server side language (ie; PHP).

[linmit]

Thanks thorpe for ur quick reply. I know its a mark up language. I just wanted to know if my login.php page can direct to index.html on validation of login password. And is there going to be any security issue in this case?

I would be using MYSQL database only for my login page. The rest of the web pages are going to be static pages(.html).

 

One more thing I would like to ask, when the user types index.html or any other page in his browser he shld be automaticaly directed to login.php. I want only authorized users to access my web pages. How can i do that?

 

Thanks...

[trq]

The rest of the web pages are going to be static pages(.html).

 

You need to track wether of not the user is logged in, so no, html cannot do this.

 

What is your issue with using php? It can easily serve static content if that's what you need.

[linmit]

No, I cannot use php because php does not have any interface with C and Perl language. I will have to stick to html.

 

Any advice on how can i do that?

 

I want when the user types http://locahost/abc.html or http://locahost/xyz.html he should be automatically redirected to the http://locahost/login.php page

 

User can only access http://locahost/xyz.html page when he clicks a link on http://locahost/abc.html and not by directlty typing it in the browser.

[trq]

HTML does not have an interface to anything, it's not a programming language. Why can't you use PHP?

 

I understand what you want, but as I said, HTML is not a programming language. How exactly do you expect to check if a user is logged in or not using HTML?

[linmit]

With HTML pages i can use the C code using CGI-C, for eg, i have a C program and i can display the output of this program on .html page using CGI-C whereas i cannot do so in PHP. Correct me if I am wrong at this.

 

I already have a login.html page where I have saved the login password in an array in a javascript. But this method is not secure, anyone having moderate knowledge can break this password.

 

I dont want to know if the user has logged or not. I just want only the authorized users to have access to my web pages. Can you help me with that?

[linmit]

 

Or can i do that by configuring the apache server to allow access only to login.php page. All the other pages be redirected to login.php page.

 

I am hosting my site on apache server on linux platform

[The Letter E]

With HTML pages i can use the C code using CGI-C, for eg, i have a C program and i can display the output of this program on .html page using CGI-C whereas i cannot do so in PHP. Correct me if I am wrong at this.

 

I already have a login.html page where I have saved the login password in an array in a javascript. But this method is not secure, anyone having moderate knowledge can break this password.

 

I dont want to know if the user has logged or not. I just want only the authorized users to have access to my web pages. Can you help me with that?

I'm not familiar with cgi-c, but I use cgi-perl in conjunction with php, html and javascript, no problem. For pages that I want to have authentication and perl I just use the perl page as an api. Pretty simple and straight forward, maybe pass an auth key to the api once the user is logged in for added security.