URLDecrypt(nKey [, QueryString])
Last updated October 8, 2002
Version: 3 | Requires: ColdFusion 5 | Library: SecurityLib
Description:
This is actually two functions. The first urlEncrypt("name=value&name=value&name=value",key) you use when you would have a link or an action that you would be setting url variables in. The second urlDecrypt(key) you use on whatever page you are calling, or using as the form action page.
Return Values:
Writes to the URL scope.
Example:
would not be hard coded.
<CFSET Name = "Ray">
<CFSET Age = 28>
<CFSET Key = "MySecretBlah348123190">
<CFSET QS = "name=#Name#&age=#Age#">
<CFSET QS = URLEncrypt(QS,key)>
<CFOUTPUT>
QueryString is #QS#<P>
</CFOUTPUT>
<CFSET URLDecrypt(Key,QS)>
Dump of URL scope:
<CFDUMP VAR="#URL#">
Parameters:
| Name | Description | Required |
|---|---|---|
| nKey | The encryption key to use. | Yes |
| QueryString | Defaults to CGI.Query_String | No |
Full UDF Source:
<cfscript>
/**
* Add security by encrypting and decrypting URL variables. See URLEncrypt.
* Mod by David Heard - added decode
*
* @param nKey The encryption key to use. (Required)
* @param QueryString Defaults to CGI.Query_String (Optional)
* @return Writes to the URL scope.
* @author Timothy Heald (theald@schoollink.net)
* @version 3, October 9, 2002
*/
function urlDecrypt(key){
var queryString = cgi.path_info;
var scope = "url";
var stuff = "";
var oldcheck = "";
var newcheck = "";
var i = 0;
var thisPair = "";
var thisName = "";
var thisValue = "";
// see if a scope is provided if it is set it otherwise set it to url
if(arrayLen(arguments) gt 1){
scope = arguments[2];
}
if ((right(queryString,3) neq "htm") or (findNoCase("&",queryString) neq 0) or (findNoCase("=",queryString) neq 0)){
stuff = '<FONT color="red">not encrypted, or corrupted url</FONT>';
} else {
// remove /index.htm
querystring = replace(queryString, right(queryString,10),'');
// remove the leading slash
querystring = replace(queryString, left(queryString,1),'');
// grab the old checksum
if (len(querystring) GT 2) {
oldcheck = right(querystring, 2);
querystring = rereplace(querystring, "(.*)..", "\1");
}
// check the checksum
newcheck = left(hash(querystring & key),2);
if (newcheck NEQ oldcheck) {
return querystring;
}
//decrypt the passed value
queryString = cfusion_decrypt(queryString, key);
// set the variables
for(i = 0; i lt listLen(queryString, '&'); i = i + 1){
// Break up the list into seprate name=value pairs
thisPair = listGetAt(queryString, i + 1, '&');
// Get the name
thisName = listGetAt(thisPair, 1, '=');
// Get the value
thisValue = listGetAt(thisPair, 2, '=');
// Set the name with the scope
thisName = scope & '.' & thisName;
// Set the variable
setVariable(thisName, thisValue);
}
}
return stuff;
}
</cfscript>
Search CFLib.org
Latest Additions
arrayTrim
10 day(s) ago
longTime
15 day(s) ago
quickSort
25 day(s) ago
GetHostAddress
28 day(s) ago
Top Rated
Rated 5.0, 16 time(s)
Rated 5.0, 13 time(s)
Rated 5.0, 10 time(s)
Rated 5.0, 4 time(s)