Les,
What are you trying to achieve in the encryption? If you are trying to
encrypt a form submission, the data is still passed in plain text prior to
the action page. Unless the form submission process resides in a folder
that has SSL enabled on it, then you could be doing work for nothing.
On the other hand, I use encrypt to create encrypted and generic URL primary
keys.
foo.cfm?userID=1 would never show in any of my documents or query strings
because number "1" would be encrypted before displaying or linking. The
only thing necessary after that would be to make sure wherever the userID
needed to be process is to decrypt before manipulation of the data.
On 5/10/07, James Holmes <[EMAIL PROTECTED]> wrote:
>
> It seems you are getting the string to decrypt from a DB - are you
> originally inserting the encrypted string into the DB with
> cfqueryparam?
>
> On 5/10/07, Les Mizzell <[EMAIL PROTECTED]> wrote:
> > Encrypting:
> >
> > <cfif IsDefined("form.fm_test") AND #fm_test# NEQ "">
> > <cfset var.fm_test="#trim(FORM.fm_test)#">
> > <cfset encrpt_fm_test=encrypt("#var.fm_test#","#encryptVAR#")>
> > </cfif>
> >
> > Decrypting:
> >
> > <cfif IsDefined("query.fm_test") AND #query.fm_test# NEQ "">
> > <cfset decrypt_fm_test=decrypt("#query.fm_test#","#encryptVAR#")>
> > </cfif>
>
> --
> mxAjax / CFAjax docs and other useful articles:
> http://www.bifrost.com.au/blog/
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Deploy Web Applications Quickly across the enterprise with ColdFusion MX7 &
Flex 2
Free Trial
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJU
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:277609
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
