nginx and javascript log in webpage without mysql
by errigour from LinuxQuestions.org on (#5JDED)
Hi I have a directory disabled with nginx but i want to be able to use javascript to write to files in it without visitors to my webpage to be able to spoof and read the password files is that even possible with javascript?
like i have a directory www with files index.html and a directory called data.
so
www
www/index.html
www/data/password.db
data directory is offlimits to outside users but i want to use javascript to write to password.db without people spoofing javascript, i am uber new to javascript and nginx is it possible with nginx and javascript?
I basically want to write to a database that i dont want visible to anyone. and i dont want people to be able to modify my *.db files or anything in the data directory. I have no idea how to use mysql either but i want people to be able to log in and out of my webpage without their passwords being modified or veiwed by others.
this is my 00-default.conf file
Code:server {
listen 80 default_server;
server_name localhost ;
root "C:/laragon/www/";
index index.html index.htm index.php;
# Access Restrictions
allow 127.0.0.1;
deny all;
#include "C:/laragon/etc/nginx/alias/*.conf";
location / {
try_files $uri $uri/ =404;
autoindex on;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass php_upstream;
#fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
charset utf-8;
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
location ~ /\.ht {
deny all;
}
location ^~ /data/ {
deny all;
}
}
like i have a directory www with files index.html and a directory called data.
so
www
www/index.html
www/data/password.db
data directory is offlimits to outside users but i want to use javascript to write to password.db without people spoofing javascript, i am uber new to javascript and nginx is it possible with nginx and javascript?
I basically want to write to a database that i dont want visible to anyone. and i dont want people to be able to modify my *.db files or anything in the data directory. I have no idea how to use mysql either but i want people to be able to log in and out of my webpage without their passwords being modified or veiwed by others.
this is my 00-default.conf file
Code:server {
listen 80 default_server;
server_name localhost ;
root "C:/laragon/www/";
index index.html index.htm index.php;
# Access Restrictions
allow 127.0.0.1;
deny all;
#include "C:/laragon/etc/nginx/alias/*.conf";
location / {
try_files $uri $uri/ =404;
autoindex on;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass php_upstream;
#fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
charset utf-8;
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
location ~ /\.ht {
deny all;
}
location ^~ /data/ {
deny all;
}
}