For example, a simple UUID would do the trick here.
John
Howard Fore wrote:
What's the goal here? If you want to make sure that spambots can't
harvest that email address, you don't want to do Base64 on it as
that's not encryption and since it doesn't require a key to decode,
you really haven't protected anything.
Can you tackle it a different way than exposing the email address? Is
there a different unique identifier you can use? You wouldn't need to
jump through the hoops with encryption/decryption to keep the address
safe.
--
Howard Fore, howard.f...@hofo.com <mailto:howard.f...@hofo.com>
"The universe tends toward maximum irony. Don't push it." - Jeff Atwood
On Thu, May 7, 2009 at 10:42 AM, Clarke Bishop
<cbis...@resultantsys.com <mailto:cbis...@resultantsys.com>> wrote:
I am building an eMail unsubscribe function, and I thought it
would be a good idea to encrypt the eMail address. In the email, I
set the unsubscribe link to:
unsubscribe.cfm?id= l5N6axdBQlGDpyAklnmkjP+mfaauBKvfS9G9RzUQRJI=
But, this string isn’t URLEncoded, so I encoded it like this:
unsubscribe.cfm?id=l5N6axdBQlGDpyAklnmkjP%2BmfaauBKvfS9G9RzUQRJI%3D
But, I’ve still got a problem because when I URLDecode the
parameter, it alters the string.
Instead of: l5N6axdBQlGDpyAklnmkjP+mfaauBKvfS9G9RzUQRJI=
I get: l5N6axdBQlGDpyAklnmkjP mfaauBKvfS9G9RzUQRJI=
It’s changing the “+” to a space. As a result, my decrypt fails.
My question is: *What’s the best way to generally handle this
requirement?* I know I could just replace the space with a “+”,
but I’m expecting there may be other characters that don’t get
handled correctly. And, I don’t want to get a bunch of unexpected
errors.
I’m using ColdFusion 8 and doing the encrypt like this:
encrypt(ARGUMENTS.data, variables.theKey, "DESEDE", "Base64")
Is there a better encryption or encoding to use? Or, is there a
better way to use URLEncode and URLDecode?
Thanks for any ideas!
Clarke
-------------------------------------------------------------
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform
For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by FusionLink <http://www.fusionlink.com>
-------------------------------------------------------------
-------------------------------------------------------------
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform
For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------
