I am having a problem with the encrypt/decrypt functions. Here is my code:
*** This creates the user when they register...
<cfset dbPassword="#Encrypt(password, application.seed)#">
<cfquery name="CreateUser" datasource="#application.dsn#"
username="#application.dsn_username#" password="#application.dsn_password#">
INSERT INTO users
(fname,lname,email,username,password)
VALUES('#fname#','#lname#','#email#','#username#','#dbPassword#')
</cfquery>
*** This validates a registered user....
<cfset dbPassword = "#Encrypt(password, application.seed)#">
<cfquery name="CheckUser" datasource="#application.dsn#"
username="#application.dsn_username#" password="#application.dsn_password#">
SELECT userid
FROM users
WHERE username='#username#'
AND password='#dbPassword#'
</cfquery>
The problem is that if I output the encrypted password on my page, I get...
(6 W=SO*;E^JD
The field in the DB says...
(6 W=SO*;E^H
Obviously, they don't match, so the user can't get in. I've tried using a
variety of seed values, including various lengths. It seems that the last
one or two chars always come out differently? My questions are, what is a
good length for the seed value and should this be alphnumeric or will any
ascii character work? Also, I'm not sure why I can encrypt the same value
twice and not get the same value. I'm thinking my problem must be in the
seed string length, but I'm not sure? Are there known issues with this? Why
am I having this problem? Can someone shed some light?
Thanks,
Steve
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
