I remember a discussion a little while back about encrypting/decrypting
variables etc and now I'm starting to encrypt some passed variables and was
wondering if y'all could remember some of the finer points of the
discussion, because I sure don't, and now I'm having some problems. I think
my problems are associated with the way cfscript is running, but I could be
going about the encryption process the wrong way in the first place...
What I'm trying to do is:
I want to encrypt all cookie, url and form values when passed or written to.
I wrote a couple UDFs that combines the Encrypt and URLEncodedFormat
functions, along with their counter functions.
<cfparam name="KeyName" default="Do you accept third party out of state
checks?">
<cfscript>
function Encodify(encodeThis){
var encodedString = "";
encodedString = URLEncodedFormat(Encrypt(encodeThis, KeyName));
return encodedString;
}
</cfscript>
<cfscript>
function Decodify(decodeThis){
var decodedString = "";
decodedString = Decrypt(URLDecode(decodeThis), KeyName);
return decodedString;
}
</cfscript>
Simple enough, but I'm getting an error when I just try to encode certain
numbers (in this case: 1)
<cfset myid="1">
Original myID: 1
<cfset myid=Encodify(myid)>
Encoded myid: %21%23%40%24%23%0A
<cfset myid=Decodify(myid)>
An error occurred while evaluating the expression:
myid=Decodify(myid)
The value to be decrypted is not valid
Which is wacked, because if I just take the "Encodified" value
(%21%23%40%24%23%0A) and write out the functions, instead of using the UDF,
it works:
<cfset myid=URLDecode(myid)>
URLDecoded myid: !#@$#
<cfset myid=Decrypt(myid, KeyName)>
Decrypted myid: 1
It looks like the pound signs in the encrypted value is what it creating the
error, but I can't figure out why/how cfscript can't handle it.
Can anyone shed some light on what I'm trying to do here? Is this a bug in
the UDF/cfscript implementation? Is this a waste of a UDF? Should I be
using CFusion_Encrypt() or Hash() functions instead? So many questions...
Tyler
________________________________________________________________________________
Get the mailserver that powers this list at http://www.coolfusion.com
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
