Hi,
If you are on CF 5 you can use a UDF I created called urlEncrypt. Here it
is. For directions go to http://loathe.mine.nu, or shoot me an email.
<!---
**********
urlEncrypt/urlDecrypt UDF Template
**********
By Tim Heald ([EMAIL PROTECTED]) and Lee Borkman
Version 1.0
Filename: encryptUDF.cfm
--->
<CFSCRIPT>
function urlEncrypt(queryString, key){
// encode the string
uue = cfusion_encrypt(queryString, key);
// make a checksum of the endoed string
checksum = left(hash(uue & key),2);
// assemble the URL
queryString = "/" & uue & checksum &"/index.htm";
return queryString;
}
function urlDecrypt(key){
var queryString = cgi.path_info;
var scope = "url";
var stuff = "";
// see if a scope is provided if it is set it otherwise set it to url
if(arrayLen(arguments) gt 1){
scope = arguments[2];
}
if ((right(queryString,3) neq "htm") or (findNoCase("&",queryString)
neq
0) or (findNoCase("=",queryString) neq 0)){
stuff = '<FONT color="red">not encrypted, or corrupted
url</FONT>';
} else {
// remove /index.htm
querystring = replace(queryString, right(queryString,10),'');
// remove the leading slash
querystring = replace(queryString, left(queryString,1),'');
// grab the old checksum
if (len(querystring) GT 2) {
oldcheck = right(querystring, 2);
querystring = rereplace(querystring, "(.*)..", "\1");
} else {
oldcheck = "";
}
// check the checksum
newcheck = left(hash(querystring & key),2);
if (newcheck NEQ oldcheck) {
return querystring;
}
//decrypt the passed value
queryString = cfusion_decrypt(queryString, key);
// set the variables
for(i = 0; i lt listLen(queryString, '&'); i = i + 1){
// Break up the list into seprate name=value
pairs
thisPair = listGetAt(queryString, i + 1, '&');
// Get the name
thisName = listGetAt(thisPair, 1, '=');
// Get the value
thisValue = listGetAt(thisPair, 2, '=');
// Set the name with the scope
thisName = scope & '.' & thisName;
// Set the variable
setVariable(thisName, thisValue);
}
}
return stuff;
}
</CFSCRIPT>
Tim Heald
ACP/CCFD
Application Development
www.schoollink.net
-----Original Message-----
From: Dimple Goshar [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 23, 2002 2:15 AM
To: CF-Talk
Subject: RE: RE: Encrypting Numeric ID's
Hi,
Have u tried the DE function?
The help says
"Returns its argument with double quotes wrapped around it and all double
quotes inside it escaped."
Regards,
Dimple
> -----Original Message-----
> From: Jason Dowdell [SMTP:[EMAIL PROTECTED]]
> Sent: Friday, April 19, 2002 4:59 PM
> To: CF-Talk
> Subject: RE: RE: Encrypting Numeric ID's
>
> My original question was this...
> I need to encrypt a numeric userid that gets
> passed through a url and through a form and
> is used in a query. The urlencodedformat
> string that gets passed through the url and
> set in a form hidden field was messing up the
> page design because it had a double quote in
> it. I was looking for a solution that would
> match all of the above requirements.
>
> 1. pass through a url safely
> 2. pass through a form safely
> 3. be encrypted based on a key (done)
>
> Thanks guys,
> Jason
>
> -----Original Message-----
> From: Matt Robertson [mailto:[EMAIL PROTECTED]]
> Sent: Friday, April 19, 2002 2:57 AM
> To: CF-Talk
> Subject: RE: RE: Encrypting Numeric ID's
>
>
> I believe the original post was about how to encrypt and then escape a
> string, not just escape it. 2 functions in and then out seems necessary
> to get that done, but I'd be happy to see a shorter route.
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, April 18, 2002 3:59 PM
> To: CF-Talk
> Subject: Re: RE: Encrypting Numeric ID's
>
>
> Yes, but why bother doing all this work when htmlEditFormat() does all
> this for you?
>
>
>
______________________________________________________________________
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
