Jump to content

How to add a password dialog box when i check a program


Recommended Posts

Hi i want to a make a modification in WPI so when one of our tecnichian checks a program for instalation it prompts for a password.

The reason i want to do this is because i dont want a tecnichian to install software for example( Microsoft Office) without permition.

Can you guys tell me how to implement this.

Link to comment
Share on other sites


Here is a simple HTA password dialog box. There is no encryption in password, so you have to implement it yourself, or just hide it in the code, like in the example.

<html>
<head>
<title>Authentication</title>
<HTA:APPLICATION
ID="Authentication"
APPLICATIONNAME="Authentication"
SCROLL="No"
SCROLLFLAT="No"
SINGLEINSTANCE="yes"
BORDER = No
APPLICATION = Yes
INNERBORDER = No
SHOWINTASKBAR = no
SCROLL = No
NAVIGABLE = No
CAPTION = No
>
<STYLE>
BODY {background:silver;}
</STYLE>
</head>

<script LANGUAGE="VBScript">
'Edit these lines put your own username & password
MyUsername = "Administrator"
MyPassword = "password"

Sub Window_Onload
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * From Win32_DesktopMonitor")
For Each objItem in colItems
intHorizontal = objItem.ScreenWidth
intVertical = objItem.ScreenHeight
Next
intLeft = (intHorizontal - 350) / 2
intTop = (intVertical - 170) / 2
Window.ResizeTo 350,170
window.moveTo intLeft, intTop
End Sub

Sub Authenticate
If PasswordArea.Value = MyPassword And UsernameArea.Value = MyUsername Then
MsgBox("Authentication Successfull")
'If ok Install Office here
Set objShell = CreateObject("WScript.Shell")
'This hides the password window
window.moveTo -2000,-2000

'This is the line you have to edit
objShell.Run("Setup.exe /qb TRANSFORMS=\\server\share\Office\office.mst")
Window.Close
Else
MsgBox("Invalid Username or Password")
'If Wrong Goto Quit
Window.Close
End If
End Sub
</SCRIPT>

<body>
<table align="center">
<tr><td>Username:</td><td><input type="text" name="UsernameArea" size="30"</tr></td></tr>
<tr><td>Password:</td><td><input type="password" name="PasswordArea" size="30"></td></td>
<tr><td><input type="button" value="Proceed" TABINDEX="1" onClick="Authenticate()"</td><td></td></tr>
</table>

</body>
</html>

Edited by geezery
Link to comment
Share on other sites

Best bet would be to limit access via NTFS permissions. Applying permissions on the front-end (WPI) doesn't necessarily keep the user from "exploring" and running the application from your CD/DVD/Network Share. You could also create a self-extracting .exe out of the application and password protect it which would take care of launching from file instead of WPI. But if you are sure this is what you would like to pursue, I would highly recommend formally adding it to the wishlist...

For WPI 6.2, in \WPIScripts folder, open check.js and browse to: function setChecked(i) down to line 115 and write an intercept for checking the checkboxes.

Change:

chkbox.checked=true;

to:

chkbox.checked = checkPassword(i);

This will require us to create a new function checkPassword. I'd place it at the top of the file for convenience.

var pword="";  //move inside of checkPassword(i) if you want don't want the password stored globally (i.e. The user has to input the same password for every application they select even if it's the same password).
function checkPassword(i)
{
position="check.js";
whatfunc="checkPassword()";

try
{
if (gcond[i].toString().match("password") == null || gcond[i].toString() == "") //gcond does not contain a password
return true;

var mySplitResult = gcond[i].toString().split("password");
var pass = mySplitResult[1].split('"'); //this parses out the password
var pass1;

pass1 = pass[1];

if (pass1 != pword)
pword=prompt('Please enter your password to install this App!',' ');

if (pword==pass1)
{
return true; //password meets the password criteria
}
else
{
alert('Password is incorrect! You do not have permissions to install this application.');
return false; //password is incorrect, uncheck the application
}
}
catch (ex)
{
return true;
}


}

Now for the useage, I've taken advantage of gcond for proof of concept, at least until WPI has a variable that reflects the password (I'm thinking maybe a textbox with a minimum of a password, possibly a username). Add this (or your own password) to your gcond statement of each application you would like to password protect:

(password="tony")

The function above will parse out "tony" (no quotes) for the password.

Another example that shows combined gcond statements:

FileExists("c:\test.txt") && (password="ross")

I've attached the files from above for testing and observation. There are some serious limitations to the above code as the password would be stored in plain text within the config.js file. We could easily provide encryption for the passwords, but even the encryption algorithms would be in plain text and available for advanced users to decipher but wouldn't be bad for a first start. The code will need some cleaning up with some error checking before implementation...just a concept.

config.js

check.js

Edited by lawrenca
Link to comment
Share on other sites

Forgot to mention that it would be very easy to implement geezery's Dialog Box into the script above. You could also call/compare your encryption from this dialog with a few modifications. I just wanted to show a quick and easy way with just a password input prompt.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...