Thanks Lucas - that is what I was looking for. Sorry I took a while to reply - only just got back to this job and remembered that I had posted about this.
Giles Roadnight http://giles.roadnight.name -----Original Message----- From: Lucas Sherwood [mailto:[EMAIL PROTECTED] Sent: 25 October 2003 18:26 To: [EMAIL PROTECTED] Subject: RE: [ cf-dev ] Encrypting passwords The best/safest way is to use the one way encrypt inside CF in the form of the HASH() function What you do is... Inside the e-mail, put a link that includes the e-mail address and the hashed password #HASH(password)# When they click on the link they will get to a page with a url like the one below [EMAIL PROTECTED]&key=4C32C1D48EAD2402889AA2430C021889 So you have two URL paramaters... You just need to vaildate the whole thing... <cfquery name="q"> SELECT password FROM Users WHERE email = '#url.mail#' </cfquery> <cfif hash(q.password) eq url.key> <!--- unsubscribe this user ---> </cfif> Hope that helps... L. -----Original Message----- From: Giles Roadnight [mailto:[EMAIL PROTECTED] Sent: 25 October 2003 15:44 To: [EMAIL PROTECTED] Subject: [ cf-dev ] Encrypting passwords I am writing a mailing list application and want to include a link in all e-mails to unsubscribe. I don't want anyone to be able to come to the site and unsubscribe an address without having to enter a password. I don't want people to have to enter a password if they click on a link to unsubscribe. I don't want to include the password in the e-mail so anyone reading it can find out the password. Basically I want to encrypt the password in the link so that the server can de-code the password, check it against the password in the DB then unsubscribe the address. I know nothing about this sort of stuff so any help much appreciated. Thanks Giles Roadnight http://giles.roadnight.name -- ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] For human help, e-mail: [EMAIL PROTECTED] -- ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] For human help, e-mail: [EMAIL PROTECTED]
