Yeah I would agree with James, this certainly isnt a way to secure an application, I mean, what's to stop me putting in my username as 'Hotmail' or 'Gmail' and that instantly heightens my chance of just being able to guess a password, I'll bet I could use 'Hotmail' and 'Password' some user will have chosen that combination because they couldnt be bothered to remember a proper password.
I would say just use the Email address in full, no need for shortened usernames at all, just look at the way lots of major applications work, they generally just use your email as a username. The way you're currently going about it is a heavy security risk, I'd stop and go another route. Rob -----Original Message----- From: James Holmes [mailto:james.hol...@gmail.com] Sent: 20 March 2009 02:27 To: sql Subject: Re: Get Username from email address The query you wrote does it. However, id the user is logging in with a username, isn't that username going to be in the DB somewhere? How is the authentication checked? What happens if two people have email addresses like f...@bleh.com and f...@whatever.org? mxAjax / CFAjax docs and other useful articles: http://www.bifrost.com.au/blog/ 2009/3/20 Adam Parker <adgpa...@iupui.edu>: > > Hello - > > I have inherited a web application that is secured with a login. The user logs in with a username, but the only way the user is uniquely identified in the is by an email address. > > So if user George logs in with the username george123, how can I query the database for the an email address that contains "george123?" > > Currently, I have > > <cfset user = #session.username#> > > <cfquery name="getUser" datasource="myDSN"> > SELECT firstname, lastname > FROM client > WHERE email like '%#user#%' > </cfquery> > > How may I compare the user variable to the email record in the database table? > > Thank you, > Adam > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/sql/message.cfm/messageid:3204 Subscription: http://www.houseoffusion.com/groups/sql/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.6
