Thank you. Good start.
There is the question of the best way to keep track of keys for various,
different files; or use the same key for all files without exposing it.
As you can see, I am very much a security novice when it comes to this
stuff.
On 7/17/2014 2:18 PM, John M Bliss wrote:
> Che
Just to clarify, the problem is not in the transmission, which can be
accomplished by FTPs, etc.
Once the file resides on the shared FTP server, it needs to be encrypted
to maintain security.
So, I think the flow is: (1) transmit plain file up to server, and (2)
encrypt on the server. Revers
Check out https://wikidocs.adobe.com/wiki/display/coldfusionen/EncryptBinary
including example at bottom.
On Thu, Jul 17, 2014 at 4:10 PM, Bryan Stevenson <
br...@electricedgesystems.com> wrote:
>
> Hey Rick,
>
> You can use more secure forms of FTP as opposed to getting that
> draconian - just
Hey Rick,
You can use more secure forms of FTP as opposed to getting that
draconian - just a thought ;-)
I haven't done any file encryption in a while, so I'll bow out on that
detail - but yes it is doable.
Cheers
*Bryan Stevenson*B.Comm.
President & CEO
Electric Edge Systems Group Inc. - ma
There are lots of examples on using these functions on strings.
However, is it possible to use these functions to encrypt/decrypt entire
files (not .cfm code files), for example, to maintain security in an FTP
server, etc.
TNX for any pointers.
-- Rick
[mailto:cfsearch...@yahoo.com]
Sent: Friday, November 09, 2012 1:37 PM
To: cf-talk
Subject: RE: encrypt / decrypt question
My response got cut off.. Here is the full snippet... assuming it goes
through ;-)
http://pastebin.com/fPLcU3Kd
-Leigh
Leigh, that makes abundant sense. Thank you very much. As always.
Eric
-Original Message-
From: Leigh [mailto:cfsearch...@yahoo.com]
Sent: Friday, November 09, 2012 1:37 PM
To: cf-talk
Subject: RE: encrypt / decrypt question
My response got cut off.. Here is the full snippet
My response got cut off.. Here is the full snippet... assuming it goes through
;-)
http://pastebin.com/fPLcU3Kd
-Leigh
~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/14302721
> Does the GenerateSecretKey function account for both the key
> and the algorithm?
No - not the way you are thinking. You need to supply the algorithm twice. Once
when generating the key _and_ once when performing the encryption. To better
illustrate:
: Leigh [mailto:cfsearch...@yahoo.com]
Sent: Thursday, November 08, 2012 2:47 PM
To: cf-talk
Subject: RE: encrypt / decrypt question
> Any idea what the "The UU algorithm is not supported" error is about?
You skipped the algorithm again ;-) The third argument is the encryption
algorith
> Any idea what the "The UU algorithm is not supported" error is about?
You skipped the algorithm again ;-) The third argument is the encryption
algorithm ie "AES". Encoding (ie "UU") is the fourth argument.
Encrypt(yourString, yourKey, theAlgorithm, theEncoding)
-
~
sage-
From: Pete Freitag [mailto:p...@foundeo.com]
Sent: Tuesday, November 06, 2012 10:53 AM
To: cf-talk
Subject: Re: encrypt / decrypt question
You left out the algorithm: "AES" in your encrypt() call this time - also
since you have the unlimited strength policy files you might con
tion
> generates a new key every time the form is processed.
>
> Sorry to drag on with this question. I am still reading up in the
> documentation to see if I can construct a working insert statement. Thank
> you all again for your time and advice.
>
> Eric
>
>
>
&
PM
To: cf-talk
Subject: Re: encrypt / decrypt question
Eric,
A while back I was testing all the encryption and decryption types and wrote
a short cfm page that let me do the testing. The code there is a good
example of how it all works. Instead of trying to write it up and post here
I created a
your advice.
>
> Eric
>
> -Original Message-----
> From: Wil Genovese [mailto:jugg...@trunkful.com]
> Sent: Sunday, November 04, 2012 9:58 PM
> To: cf-talk
> Subject: Re: encrypt / decrypt question
>
>
> Eric,
>
> A while back I was testing all the encr
hope this question makes sense. Thank you again for your advice.
Eric
-Original Message-
From: Wil Genovese [mailto:jugg...@trunkful.com]
Sent: Sunday, November 04, 2012 9:58 PM
To: cf-talk
Subject: Re: encrypt / decrypt question
Eric,
A while back I was testing all the encryption
[mailto:jugg...@trunkful.com]
Sent: Sunday, November 04, 2012 10:43 PM
To: cf-talk
Subject: Re: encrypt / decrypt question
Sure thing.
The best way to know the correct one is to open your jvm.config file in
c:\ColdFusion9\runtime\jre\bin and looking at the java path.
>From the options you g
Sure thing.
The best way to know the correct one is to open your jvm.config file in
c:\ColdFusion9\runtime\jre\bin and looking at the java path.
>From the options you gave below I would guess, based on experience, that this
>is the correct folder. c:\ColdFusion9\runtime\jre\lib\security\
For
> I downloaded and unzipped the unlimited strength JCE JAR policy files. No
> problem there. The README says to place the JAR files in the \lib\security\
> folder.
>
> However, there are several \lib\security\ folders on my server, all under
> the c:\ColdFusion9\ folder. For example:
>
> c:\ColdF
:58 PM
To: cf-talk
Subject: Re: encrypt / decrypt question
Eric,
A while back I was testing all the encryption and decryption types and wrote
a short cfm page that let me do the testing. The code there is a good
example of how it all works. Instead of trying to write it up and post here
I created
Eric,
A while back I was testing all the encryption and decryption types and wrote a
short cfm page that let me do the testing. The code there is a good example of
how it all works. Instead of trying to write it up and post here I created a
very short and sweet blog post about this.
http://ww
Wil,
>>>Which encryption method are you using? The stronger ones require that
you also install the Java Cryptography Extension.
Yes, I was reading up on that in the Adobe documentation. OK, I will proceed
to do that. I had read that an encryption method was optional, but I
understand that I sho
Which encryption method are you using? The stronger ones require that you also
install the Java Cryptography Extension.
http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html
Wil Genovese
Sr. Web Application Developer/
Systems Administrator
CF Webtools
www.c
Greetings. I have what is probably a very basic question, about which I have
done a lot of reading - I still need some help.
I am trying to use the encrypt function to encrypt a credit card number.
I am placing the key as a variable in application.cfc, thus:
To encrypt the credit
> All I'm doing with it is encrypting the user's ID so they don't
> see "1003" and then try to mess with it and change it to 2003
> or 134567.. all it is is the user's ID encrypted.
Hi Greg, Cameron's advice is a better approach, though if you want to
continue with the URL parameters, I'd suggest
I tried this
with storing the key in the database and I get
An error occurred while trying to encrypt or decrypt your input
string: '' Can not decode string "[my_secret_key]"..
when I take out the "DES" and "Hex" I get a string I can't decode...
something like %' ,(SP< (with no URL encoding)..
On Tue, Sep 6, 2011 at 9:53 AM, Greg Morphis wrote:
> All I'm doing with it is encrypting the user's ID so they don't see
> "1003" and then try to mess with it and change it to 2003 or 134567..
> all it is is the user's ID encrypted.
>
If I am understanding what you are doing, I'd be able to ch
All I'm doing with it is encrypting the user's ID so they don't see
"1003" and then try to mess with it and change it to 2003 or 134567..
all it is is the user's ID encrypted.
Plus
generates a random key every time.
I just ran 5 iterations of this and not once did it tell me that one
didn't equ
This smells similar to a problem someone else posted about recently where
they were using trim() on the key, tampering with it just enough (removing
meaningful whitespace) to make it no longer work. URLEncode/Decode may do
something similar.
However, I would very strongly suggest not sending you
I'm trying to encrypt a string with encrypt and generatesecretkey..
I'm passing the string as a URL variable and then trying to decrypt
the string. I'm getting errors like
* An error occurred while trying to encrypt or decrypt your input
string: Input length must be multiple of 8 when decrypting
> My preferred encryption algorithm is AES, as this is what the
> Government uses to encrypt classified documents. :)
AES with a 256-bit key is authorized for use up to top secret, if
memory serves. Remember, with any encryption, it's only as safe as
the keys you use which is why key management
My preferred encryption algorithm is AES, as this is what the Government
uses to encrypt classified documents. :)
Paul Alkema
http://paulalkema.com
http://twitter.com/#!/paulalkema
~|
Order the Adobe Coldfusion Anthology now!
h
No, not really as long as you're using a cipher that hasn't been
broken. Encryption uses a special class of functions that are easy to
perform one direction but prohibitively hard to perform the other
direction. For instance, if you take two very large prime numbers and
multiply them together to p
perhaps I really should say "virtually impossible" just to
be syntactically correct.
On Fri, Jun 17, 2011 at 8:49 PM, Russ Michaels wrote:
> Technically yes as this is how hackers reverse engineer encryption keys to
> create keygens etc.
> However it does depend on what encryption type you use,
Technically yes as this is how hackers reverse engineer encryption keys to
create keygens etc.
However it does depend on what encryption type you use, some have not yet
been hacked, so the chances are of course very very minute, and you would
need to be encrypting something that some desperately w
If I have Encrypt(x,y) which equals z OR Decrypt(x,y) which equals z, can z
be determined (encrypted or decrypted) without having both x and y?
Example:
if you output variables.value, you get:
*<'Y^MZ!]F;*=V@
So... if someone gets my MYPASSWORD and *<'Y^MZ!]F;*=V@, can they figure out
the v
Hi Les,
fyi, adobe issued CF 8.0.1 cumulative hotfix 3 yesterday (September 1),
which fixes the CFMX_COMPAT bug (among other 20+ bugs).
get the hf here: http://kb2.adobe.com/cps/511/cpsid_51180.html
Azadi Saryev
Sabai-dee.com
http://www.sabai-dee.com/
On 28/07/2009 03:30, Les Mizzell wrote:
Your example shows the same input for decrypt as you used for encrypt ...
hopefully that was just a typo, otherwise it's probably your issue.
> (decrypt)
> decrypt(FORM.password,request.seed,request.algorithm,request.encoding)
In other words, I would expect something more like this:
encPwd =
If the form.password contains characters that the encryption seed will cause
to result in a string that contains a space or plus-sign, you will have
trouble with the CFMX_COMPAT mode. Suggest going with a different mode.
Cheers,
Kris
> I'm on CF7.
>
> Here's my code:
> (in Application.cfc)
>
>
I'm on CF7.
Here's my code:
(in Application.cfc)
(encrypt)
encrypt(FORM.password,request.seed,request.algorithm,request.encoding)
(decrypt)
decrypt(FORM.password,request.seed,request.algorithm,request.encoding)
This is my error:
There has been an error while trying to encrypt or decrypt yo
This is going to sound weird but I've seen two issues nesting a trim() inside
other functions in the past. When I moved it above the function and cfset to a
temp it fixed the error. May not apply here but its only a 15 second test :)
~~
Interesting - changing the value of #encCODE# to a longer string seems
to have fixed the problem.
Haven't tested with every possible combination of letters/numbers on the
input yet, so ya never know - but it seems to like 2s now. Very odd...
> For this code:
>
>
>
>
>
> Figure this out
Since you are running CFMX 7, you might give the new encryption
methods a try. If you encode using Hex, you should be able to use the
encrypted string directly in a URL without encoding it.
example:
Good luck,
Mike Chabot
On 4/27/07, Kris Jones <[EMAIL PROTECTED]> wrote:
> Hi Les,
>
> I've seen
Hi Les,
I've seen similar behavior most typically when I'm also urlencoding
the the encrypted value. What I figured out was happening is that if
the encrypted value contained a space, when urlencodedformat() was run
on it, the space would get converted to "%20" as expected. However,
when it was de
Could you post the entire encrypt/decrypt code snip?
-Original Message-
From: Les Mizzell [mailto:[EMAIL PROTECTED]
Sent: Friday, April 27, 2007 11:45 AM
To: CF-Talk
Subject: encrypt/decrypt bug
This is driving me crazy!!
For this code:
Figure this out. Here's a few
On Wednesday 06 December 2006 14:10, rick kennerly wrote:
> > Define segregate.
> I usually restrict access to those pages based on account level. Is there
> a better way?
You mean building role based access into an app ?
Perfectly normal.
--
Tom Chiverton
Helping to synergistically synergize w
> Define segregate.
>
I usually restrict access to those pages based on account level. Is there a
better way?
~|
Create robust enterprise, web RIAs.
Upgrade & integrate Adobe Coldfusion MX7 with Flex 2
http://ad.doubleclick.
On Wednesday 06 December 2006 11:26, rick kennerly wrote:
> What I envision is being able to encrypt/decrypt on the fly specific fields
> (dob, ssn, etc) in a form but not the entire form and then segregate the
Define segregate.
> pages that do the decryption (it's really an in
experience with it.
What I envision is being able to encrypt/decrypt on the fly specific fields
(dob, ssn, etc) in a form but not the entire form and then segregate the pages
that do the decryption (it's really an intranet backend project). Is this a
good scheme? How does this affect per
quot;. (For more info, consult the
livedocs).
Thanks & Regards,
Phyo Pine
Information Systems Specialist
DMV - ODOT
-Original Message-
From: Stephens, Larry V [mailto:[EMAIL PROTECTED]
Sent: Friday, January 27, 2006 1:51 PM
To: CF-Talk
Subject: Encrypt Decrypt
I'm using a
I'm using a simple encrypt statement to store info:
#Encrypt(SESSION.Customer.xxx, GetX.Item)#',
(this is from my INSERT statement) GetX.Item is the key loaded from a
table.
(I don't profess to be an expert in encryption (obviously) but, other
than being a little obtuse in the code, I don't know
Thanks all for your help so far. Now I have been looking at the
documentation for encrypt/decrypt and I would like to use one of the more
secure encryption algorithms, such as BLOWFISH or DES. I notice that the
more secure algorithms use the function GenerateSecretKey. Now do this mean
that when
this code snippet.
foo is '#foo#'
bar is #bar#
By default encrypt uses UU-encoding to encode the encrypted data. So to ensure
that there is no trailing spaces, you should use Base-64 encoding. you can
specify that in Encrypt/Decrypt function.
Other solution is to base-64 encode th
>There is no bug in encrypt/decrypt, the problem is that in that
>instance, the encrypt result contains a space at the end.
>
>
Yeah. It's true. I totally missed that! No bug at all! :-)
[]s
Fabio Terracini
~
Those 'undocumented' functions have been documented for some time in
various places, including houseoffusion.com. There has been plenty of
discussion of them over the years.
The trouble with them is they are not guaranteed to be there in future
versions, and if they do remain their behavior is in
OR...I found a useful, hidden function in the guts of the cfadmin itself.
The encrypt function returns JUST an alphanumeric string, instead of with
punctuation and other chars.
encrypt: #encrypt#
decrypt: #decrypt#
-Original Message-
From: Matt Robertson [mailto:[EMAIL PROTECTED
Whoops its not tostring that takes something out of base64. Its decode().
I have a template that I built up years ago from the CF example that
displays a bunch of different ways to skin this cat. You can pick it
apart to bulletproof your use of CF encryption.
Encrypt Example
Encrypt Example
and that trailing space is being trimmed out by the db. Sooner or later
you would have other issues even if you work around this one somehow. See my
post on this in the other thread. Its an easy fix but you won't make the
'classic' CF algorithm any more secure.
--
--mattRobertson--
Janitor, MS
The pre CF7 encrypt() function does not create dbsafe strings. You have to
toake it a further step for that: Wrap the string in toBase64() before you
store the data. IIRC (its been awhile) you use tostring() when decrypting.
I think the new algorithm options in cfencrypt()/cfdecrypt() could be
eno
ECTED]> wrote:
> OK, follow up to this, can anybody suggest ways that they currently
> encrypt/decrypt sensitive data? I need to encrypt the data to save into the
> database and then at a later date retrieve that data, decrypt it and let the
> user edit it. I have looked at using th
There is no bug in encrypt/decrypt, the problem is that in that
instance, the encrypt result contains a space at the end.
As you can see with the following code, the key is not "*5)V%5*.Z59RR$",
but "*5)V%5*.Z59RR$ "
[#htmlEditFormat(foo)#],
#decrypt(foo, "wibble&qu
OK, follow up to this, can anybody suggest ways that they currently
encrypt/decrypt sensitive data? I need to encrypt the data to save into the
database and then at a later date retrieve that data, decrypt it and let the
user edit it. I have looked at using the various algorithms excluding
PROTECTED]
Sent: 26 September 2005 14:45
To: CF-Talk
Subject: Re: Weird Encrypt/Decrypt problem!
Whoa. So weird I also tested here, and the encoded "johnmurray" was
decoded to "johnmurrax"! It's not with all 10 charcs. string, by the way.
I think this is a CF default algo
Whoa. So weird I also tested here, and the encoded "johnmurray" was
decoded to "johnmurrax"! It's not with all 10 charcs. string, by the way.
I think this is a CF default algorithm (CFMX_COMPAT, which is compatible
do earlier versions of CF) implementation bug.
You should use a more secure and
you use
my example data you can easily replicate the issue.
-Original Message-
From: Tangorre, Michael [mailto:[EMAIL PROTECTED]
Sent: 26 September 2005 12:57
To: CF-Talk
Subject: RE: Weird Encrypt/Decrypt problem!
> From: Andy Mcshane [mailto:[EMAIL PROTECTED]
> This is on Co
> From: Andy Mcshane [mailto:[EMAIL PROTECTED]
> This is on Coldfusion 7, using a SQL database. I have tried
> URLEncodedFormat before saving to the database and then using
> URLDecode after retrieveing. As this text is defined by the
> user then I cannot simply say that there can be no 10
> c
Hi all, I am trying to store specific data into a database in an encrypted
format. This data also has to be decrypted so as to be displayed and edited
onscreen therefore ruling out using the hash function. The problem that I am
having is on the decrypt.
Example:
foo then equals "*5)V%5*.Z59R
Jochem,
Still with your code there is apparently some part of the code in the
variable "encrypted" that confuses Cold Fusion. It appears that CF is
interpreting something in the code as a tag ending.
Thanks,
Nick
At 12:55 PM 10/3/2004, you wrote:
>Nick Baker wrote:
> > We need to Encrypt and
Nick Baker wrote:
> We need to Encrypt and email private info. Then using the same key decrypt
> on the receiving end. However, our Decrypt tag throws and error, not liking
> some of the Encrypted code. The example below works under the same
> circumstances. Encrypting in one template and decryp
We need to Encrypt and email private info. Then using the same key decrypt
on the receiving end. However, our Decrypt tag throws and error, not liking
some of the Encrypted code. The example below works under the same
circumstances. Encrypting in one template and decrypting in another
template
I have template passing a url var that is pulled form my db.I happens to
be the key for that table, numerical. I use
then I add that 'myid'
value to the url and pass it. Then I decrypt it on the next templete
like
This works fine on my PS in ie and NN but the mac running osx and IE
returns an
Hey there again
I have been using the Encrypt/Decrypt functions to store encrypted values
into the database.
I have a Visual Basic application that I want to integrate with the user
database.. however the database is encrypted with the Encrypt/Decrypt
functions. I have the code for the VB
Using toBase64 and urlencrypt renders a string that should always be db-safe to store.
No quote marks and such.
Below is a sample template I worked up to play around with various (documented)
encryption options. Run it (name the file anything you like) and it'll encrypt stuff
in various forma
Try escaping the string before encrypting it. Then maybe convert it to base 64 so its
db-safe.
I'm pretty sure if you try to do this in one step it'll throw an error. I used
something very similar to this for strings I had to be able to store and email to
people.
-
use cfusion_encrypt/cfusion_decrypt. They'll always result in a hex string,
rather than the random jiberish that encrypt/decrypt use. Also,
cfusion_encrypt's result is ALWAYS exactly twice as long as the original
value, rather than the undetermined length from encrypt.
---
Barne
]
Sent: Tuesday, May 27, 2003 3:37 PM
To: CF-Talk
Subject: Re: Encrypt/Decrypt
Try escaping the string before encrypting it. Then maybe convert it to
base 64 so its db-safe.
I'm pretty sure if you try to do this in one step it'll throw an error.
I used something very similar to this f
lk
> Subject: Encrypt/Decrypt
>
> I encrypted a value to store in the db using the CF encrypt() function.
> It worked a few times, but then it encrypted a value with a double quote
> as one of the encrypted chars. Now when I try to decrypt() the value I
> get an error that the valu
I encrypted a value to store in the db using the CF encrypt() function.
It worked a few times, but then it encrypted a value with a double quote
as one of the encrypted chars. Now when I try to decrypt() the value I
get an error that the value to be decrypted is not valid.
I tried htmlcodeforma
[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Thursday, November 07, 2002 5:18 PM
Subject: Re: Encrypt/Decrypt Recommendations
> Bryan Stevenson wrote:
> > Yes I do have to decrypt it to give it back to those users that lose it
;-)
>
> If they lose it, creat
Bryan Stevenson wrote:
> Yes I do have to decrypt it to give it back to those users that lose
> it ;-)
You should consider hashing anyway and issueing a new password.
Especially if you combine this with a client side hashing script (there
are javascripts available for download, just Google) th
Bryan Stevenson" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Thursday, November 07, 2002 10:57 AM
Subject: Encrypt/Decrypt Recommendations
> Hey All,
>
> I'm looking for recommendations for an encrypt/decrypt tag or UDF that
will
> alway
Subject: Re: Encrypt/Decrypt Recommendations
Yes I do have to decrypt it to give it back to those users that lose it ;-)
I've done a workaround for now where I match the usernamedecrypt that
password and compare it to what the user types in the login form (kind of
the long way around...but it
Bryan Stevenson wrote:
> Yes I do have to decrypt it to give it back to those users that lose it ;-)
If they lose it, create a new password for them... that allows you to
use the one way encryption which is FAR more secure.
- Rick
~~
--
Vancouver Island ColdFusion Users Group
Founder & Director
www.cfug-vancouverisland.com
- Original Message -
From: "Bryan Stevenson" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Thursday, November 07, 2002 10
ion Users Group
Founder & Director
www.cfug-vancouverisland.com
- Original Message -
From: <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Thursday, November 07, 2002 12:17 PM
Subject: RE: Encrypt/Decrypt Recommendations
> Just use CF's Hash().
y, November 07, 2002 1:57 PM
>To: CF-Talk
>Subject: Encrypt/Decrypt Recommendations
>
>
>Hey All,
>
>I'm looking for recommendations for an encrypt/decrypt tag or
>UDF that will
>always produce the same encrypted value. This is so I can
>store encrypted
>passwords
Bryan Stevenson wrote:
>
> I'm looking for recommendations for an encrypt/decrypt tag or UDF that will
> always produce the same encrypted value. This is so I can store encrypted
> passwords in the DB and check the encrypted version of what a user types in
> a login form a
sha256 i think its on mm site
-Original Message-
From: Bryan Stevenson [mailto:bryan@;electricedgesystems.com]
Sent: Thursday, November 07, 2002 1:57 PM
To: CF-Talk
Subject: Encrypt/Decrypt Recommendations
Hey All,
I'm looking for recommendations for an encrypt/decrypt tag or UDF
Hey All,
I'm looking for recommendations for an encrypt/decrypt tag or UDF that will
always produce the same encrypted value. This is so I can store encrypted
passwords in the DB and check the encrypted version of what a user types in
a login form against the encrypted version in the DB
checksum to prevent someone from manipulating
characters to change the value (helpful for url parameters, hidden
form fields and cookies).
I also set up a test page with some more information on the drawbacks
of encrypt()/decrypt() at
http://www.iology.com/products/downloads/cryptest.cfm
You
AFAIK it is a feature that Encrypt() does not always return the same value, but
is always decryptable to the same value. I think I read it in the comment of an
Allaire employee in the Allaire forums.
Anyhow, I believe one should not use the Encrypt() at all. Use Hash(), it is one
way (nice for sa
>
>
>
Dick,
That did the trick! I was trying to compare two encrypted strings and I
should have been comparing their decrypted values. Thanks for the help
it was driving me nuts!
Steve
~~
Structure your ColdFusion code with F
> Maybe it's just a wierd browser thing. What do you see if you View SOurce?
No.. I checked that. It's very strange because there is no consistency to
it. Some strings encrypt the same everytime, others don't.
If I run this in my browser
#encryptedPW #-#Len(encryptedPW)#
and then hit re
the SQL, rather in CF after it
has been retrieved, e.g.:
.
.
.
HTH
Dick
At 1:57 PM -0400 6/29/01, Steve Reich wrote:
>I am having a problem with the encrypt/decrypt functions. Here is my code:
>
>*** This creates the user when they
rce, and a powerful ally it is." - Yoda
> -Original Message-
> From: Steve Reich [mailto:[EMAIL PROTECTED]]
> Sent: Friday, June 29, 2001 1:57 PM
> To: CF-Talk
> Subject: Encrypt/Decrypt Functions [NOT cfencrypt/cfdecrypt]
>
>
> I am having a problem with the enc
> Also, I'm not sure why I can encrypt the same value
> twice and not get the same value. I'm thinking my problem must be in the
> seed string length, but I'm not sure? Are there known issues with this?
Why
> am I having this problem? Can someone shed some light?
After a little more trial and er
I am having a problem with the encrypt/decrypt functions. Here is my code:
*** This creates the user when they register...
INSERT INTO users
(fname,lname,email,username,password)
VALUES('#fname#','#lname#','#email#','#username#','#dbPassw
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Their encryption is also horrendously easy to crack. Encrypt/Decrypt at
least use 3DES if my memory serves me. Stay away from the undocumented
cfusion_* functions
Best regards,
Zac Bedell
> -Original Message-
> From: Nick T
e text to numbers and it is DB safe.
>
> Steve
>
> Will Swain wrote:
>>
>> Thanks Zach,
>>
>> I'll have a look at that
>>
>> Cheers
>>
>> Will
>>
>> -Original Message-
>> From: Zachary S. Bedell [mailto:[E
Message -
From: "Jim Gurfein" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Monday, April 09, 2001 5:01 PM
Subject: Re: encrypt/decrypt
> I've checked normal resources and can't find any documentation on
> cfusion_encrypt() and cfusion_d
1 - 100 of 118 matches
Mail list logo