Converts a variable-length string to a 32-byte, hexadecimal string, using the MD5 algorithm. The algorithm is a one-way hash-there is no conversion from the hash result back to the source string.
Hash(string)
Parameter |
Description |
---|---|
string |
A string |
The result of the Hash
function can be used for comparison and validation. For example, a developer can store the hash of a password in a database without exposing the password. The developer can check the validity of the password with the following code:
<cfif hash(form.password) is not myQuery.passwordHash>
<cflocation url = "unauthenticated.cfm"> </cfif>
<!-------------------------------------------------------------------- This code shows how to use Hash for password validation. This example assumes that the UserID value is passed to this page with a URL parameter. ----------------------------------------------------------------------> <html> <head> <title>Hash Example</title> </head> <body bgcolor = silver> <h3>Hash Example</h3> <cfquery name = "CheckPerson" datasource = "UserData"> SELECT PasswordHash FROM SecureData WHERE UserID = <cfqueryparam value = "#UserID#" cfsqltype = "CF_SQL_CHARVAR"> </cfquery> <cfif Hash(form.password) is not checkperson.passwordhash> <cflocation url = "unauthenticated.cfm"> <cfelse> ... </cfif> ...