function pasuser(form) { //password form
if (form.pass.value=="support")
{location="referrals2.htm"}
else {alert
("The password you entered is incorrect. Please try again. For more information call (979)830-4137")
}}
I noticed it in the script.js file that is referenced in your about.htm file. The real problem is that the password is in clear text and readable by any client...
I don't know where it came from since it doesn't seem to apply to this page, but you usually want to handle password scripting on the server. Or at least use a hash mechanism to make it a little harder...
-Erik
****************************************************** The discussion list for http://webstandardsgroup.org/
See http://webstandardsgroup.org/mail/guidelines.cfm for some hints on posting to the list & getting help ******************************************************
