I've posted this snippet before, and I'll post it again. I got it from
this list originally many moons ago...
This produces a db safe string
<cfset secret_word_encrypted=
ToBase64(encrypt("#string2beEncrypted#","#key#"))>
This decrypts the string
<cfset secret_word_decrypted=
decrypt(tostring(tobinary("#secret_word_encrypted#")),"#key#")>
This string will still produce characters that are not url safe, but
that's not really the point anyway...I cant remember if this produces a
static length string, but a little routine to pad the string would fix that.
jon
Tyson Vanek wrote:
>Ray and all,
>
>The issue with the out-of-the-box ColdFusion encrypt/decrypt functions is
>that it doesn't limit itself to "safe" characters when doing the encrypting.
>Specifically, there's the possibility that the encrypt() function will
>generate an encrypted string with single quotes ('), spaces ( ), pound signs
>(#), line feeds or line breaks. Once an encrypted string with any of
>these characters has been generated, it can cause problems when trying to
>decrypt and get the original string. In some cases, this throws the
>all-too-familiar "The value to be decrypted is not valid" error message.
>Most of the time, this occurs when you take your string, encrypt it, stuff
>it into the database, retrieve the value from the database and attempt to
>decrypt it.
>
>If the encrypt() function were a little less dangerous, perhaps more people
>would use it. The headaches caused by this function can also be evidenced
>by going to the Allaire site and searching the ColdFusion Support Forums for
>"encrypt" and "decrypt" - you'll find tons of messages that describe this
>very same problem and recommend, as an alternative, to use the undocumented
>cfusion_encrypt() and cfusion_decrypt() functions.
>
>Unfortunately, the release of ColdFusion 5.0 apparently has not corrected
>this problem either.
>
>Hope this helps,
>Tyson
>
>------------------------------------------------
>Tyson Vanek, Technical Lead
>duoDesign, The eBusiness Architects
>Building your business online
>
>847.491.3000 main | [EMAIL PROTECTED]
>847.491.3100 fax | www.duodesign.com
>847.491.4270 direct | www.chicagoangels.org
>
>Come to our free 2-hour seminar "The eBusiness Squeeze"
>http://www.duodesign.com/squeeze/seminar.html
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
