Hi, If you are on CF 5 you can use a UDF I created called urlEncrypt. Here it is. For directions go to http://loathe.mine.nu, or shoot me an email.
<!--- ********** urlEncrypt/urlDecrypt UDF Template ********** By Tim Heald ([EMAIL PROTECTED]) and Lee Borkman Version 1.0 Filename: encryptUDF.cfm ---> <CFSCRIPT> function urlEncrypt(queryString, key){ // encode the string uue = cfusion_encrypt(queryString, key); // make a checksum of the endoed string checksum = left(hash(uue & key),2); // assemble the URL queryString = "/" & uue & checksum &"/index.htm"; return queryString; } function urlDecrypt(key){ var queryString = cgi.path_info; var scope = "url"; var stuff = ""; // see if a scope is provided if it is set it otherwise set it to url if(arrayLen(arguments) gt 1){ scope = arguments[2]; } if ((right(queryString,3) neq "htm") or (findNoCase("&",queryString) neq 0) or (findNoCase("=",queryString) neq 0)){ stuff = '<FONT color="red">not encrypted, or corrupted url</FONT>'; } else { // remove /index.htm querystring = replace(queryString, right(queryString,10),''); // remove the leading slash querystring = replace(queryString, left(queryString,1),''); // grab the old checksum if (len(querystring) GT 2) { oldcheck = right(querystring, 2); querystring = rereplace(querystring, "(.*)..", "\1"); } else { oldcheck = ""; } // check the checksum newcheck = left(hash(querystring & key),2); if (newcheck NEQ oldcheck) { return querystring; } //decrypt the passed value queryString = cfusion_decrypt(queryString, key); // set the variables for(i = 0; i lt listLen(queryString, '&'); i = i + 1){ // Break up the list into seprate name=value pairs thisPair = listGetAt(queryString, i + 1, '&'); // Get the name thisName = listGetAt(thisPair, 1, '='); // Get the value thisValue = listGetAt(thisPair, 2, '='); // Set the name with the scope thisName = scope & '.' & thisName; // Set the variable setVariable(thisName, thisValue); } } return stuff; } </CFSCRIPT> Tim Heald ACP/CCFD Application Development www.schoollink.net -----Original Message----- From: Dimple Goshar [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 23, 2002 2:15 AM To: CF-Talk Subject: RE: RE: Encrypting Numeric ID's Hi, Have u tried the DE function? The help says "Returns its argument with double quotes wrapped around it and all double quotes inside it escaped." Regards, Dimple > -----Original Message----- > From: Jason Dowdell [SMTP:[EMAIL PROTECTED]] > Sent: Friday, April 19, 2002 4:59 PM > To: CF-Talk > Subject: RE: RE: Encrypting Numeric ID's > > My original question was this... > I need to encrypt a numeric userid that gets > passed through a url and through a form and > is used in a query. The urlencodedformat > string that gets passed through the url and > set in a form hidden field was messing up the > page design because it had a double quote in > it. I was looking for a solution that would > match all of the above requirements. > > 1. pass through a url safely > 2. pass through a form safely > 3. be encrypted based on a key (done) > > Thanks guys, > Jason > > -----Original Message----- > From: Matt Robertson [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 19, 2002 2:57 AM > To: CF-Talk > Subject: RE: RE: Encrypting Numeric ID's > > > I believe the original post was about how to encrypt and then escape a > string, not just escape it. 2 functions in and then out seems necessary > to get that done, but I'd be happy to see a shorter route. > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Thursday, April 18, 2002 3:59 PM > To: CF-Talk > Subject: Re: RE: Encrypting Numeric ID's > > > Yes, but why bother doing all this work when htmlEditFormat() does all > this for you? > > > ______________________________________________________________________ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists