Question: ColdFusion 9, secret setting

Question

ColdFusion 9, secret setting

Answers 1
Added at 2016-12-19 15:12
Tags
Question

I have a small CF9 app, no database involved. In the configuration I need to store a network password which one of the functions needs, but I don't want to have it stored in the Application.cfc (for example) in human readable form.

What's the best way of storing/reading the password?

Answers
nr: #1 dodano: 2016-12-19 16:12

Step 1: On a web page that is not going into production, run:

 <cfoutput>#hash('My_pa55w0rd')#</cfoutput>

That will show a hash of the password.

Step 2: On a web page that is going into production, add the hash to a variable such as application.pass_hash . Verify against pass_hash as needed.

<cfif hash(form.password) EQ application.pass_hash>
    <p>Successful login!</p>
</cfif>
Source Show
◀ Wstecz