[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

decryption in coldfusion

Posted on 2003-11-21
8
Medium Priority
?
1,250 Views
Last Modified: 2013-12-20
i have a database setup to where i have people log in with userid and passwords.  i generate a random number and encrypt these numbers as passwords and store them into the database. when i query the database and try to decrypt these passwords back to numbers, they are no longer numbers, but rather wierd characteres and jummbled letters.  essentially the decrypted form of the encrypted passwords are all wrong so the users cannot log in.  the only difference though is that when i type in a number, encrypt it, and right after decrypt it, the numbers appear fine.  it is only when i query the database and decrypt what is stored in the database where the passwords get all weird even though the encrypted form of the passwords are the same.
0
Comment
Question by:happydog234
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 9

Expert Comment

by:CFDevHead
ID: 9799649
Lets see your code.
0
 

Author Comment

by:happydog234
ID: 9799685
this works fine:
<cfset password = 2>
<cfset Encrypted = Encrypt(password, key)>
<cfset Decrypt = Decrypt(Encrypted, key)>
#Decrypt#

this doesnt work:
<cfquery name=decrypting datasource=testing>
SELECT password FROM users
</cfquery>

<cfoutput query=decrypting>
      <cfset Decrypt = Decrypt(password, key)>
      #Decrypt#
</cfoutput>
0
 
LVL 9

Expert Comment

by:CFDevHead
ID: 9799703
when you select the password from the DB trim the felid to make sure there is any white space.
0
Understanding Web Applications

Without even knowing it, most of us are using web applications on a daily basis. Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We often confuse these web applications tools for websites.  So, what is the difference?

 
LVL 9

Expert Comment

by:CFDevHead
ID: 9799718
if that doesn't work try using
<cfset password = 2>
<cfset key ='my fav. key!'>
<cfset Encrypted = cfusion_encrypt(password, key)>
<cfset Decrypt = cfusion_decrypt(Encrypted, key)>
<cfoutput>
#Decrypt#

</cfoutput>
0
 
LVL 14

Expert Comment

by:Renante Entera
ID: 9801140
Try this one :

<cfquery name=decrypting datasource=testing>
SELECT password FROM users
</cfquery>

<cfoutput query=decrypting>
     <cfset Decrypt = Decrypt('#password#', key)>
     #Decrypt#
</cfoutput>

Or you can have it this way :

<cfquery name=decrypting datasource=testing>
SELECT password FROM users
</cfquery>

<cfoutput query=decrypting>
     <cfset mypass = '#password#'>
     <cfset Decrypt = Decrypt(mypass, key)>
     #Decrypt#
</cfoutput>

Goodluck!
eNTRANCE2002 :-)
0
 
LVL 17

Expert Comment

by:anandkp
ID: 9801657
Avoid using keywords like : "password" / "decrypt" as ur variable names !

normally the conversion shld be possible & u shld be able to get back ur values decrypted properly ... the reason there may be problems with this is -
1. u may have used different keys ...
2. there wld have been some special characters used [value / key] - which cldnt be formatted correctly while storing in teh DB ... thus the decryption resulted in a error ...
3. as mentioned above - using trim wld allow u to get rid of unwanted spaces - which may go un-noticed & can cause error...
0
 
LVL 12

Accepted Solution

by:
jyokum earned 1000 total points
ID: 9805790
This will resolve your encryption/decryption problem.

http://www.experts-exchange.com/Web/WebDevSoftware/ColdFusion/Q_20746580.html#9417582

to encrypt...
myEncodedText = tobase64(encrypt(myText,"key123"));

to decrypt...
myDecodedText = decrypt(tostring(tobinary(myEncodedText)),"key123");

I wouldn't recommend using cfusion_encrypt and cfusion_decrypt since it is really easy to crack that encryption.
0
 
LVL 6

Expert Comment

by:PE_CF_DEV
ID: 9811131
If you want to securely do this your best way is to hash the password....
so you would do this:
Update passwordtable
set password = #hash(password)#
where whatever

then upon login
select stuff
from passwordtable
where password = #hash(password)#

0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
What You Need to Know when Searching for a Webhost Provider
The purpose of this video is to demonstrate how to insert an Iframe into WordPress. This will be demonstrated using a Windows 8 PC. Go to your WordPress login page. This will look like the following: mywebsite.com/wp-login.php : Open Page or Post…
The purpose of this video is to demonstrate how to manually back up a WordPress Database. This will be demonstrated using a Windows 8 PC. The Host used will be IPage.com Log into your Hosting account. IPage will be used for demonstration : Locat…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question