Marwan,
Here's how I take care of the situation.
The database field that stores your password needs to be a 32
(var)character.
When validating a user I select based upon the username only, and then I
compare the database password with the hashed user password. Something
like the following is how I use this:
<cfif qryPersonGet.recordcount AND
NOT Compare(qryPersonGet.password, Hash(trim(form.password)))>
<!--- Set session variables here...--->
</cfif>
Josh
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
