CFML Reference
ColdFusion Functions

Hash

Description

Converts a variable-length string to a 32-byte, hexadecimal string, using the MD5 algorithm. The algorithm is a one-way hash-there is no conversion from the hash result back to the source string.

Category

String functions

Syntax

Hash(string) 

Parameters

Parameter	Description
string	A string

Usage

The result of the Hash function can be used for comparison and validation. For example, a developer can store the hash of a password in a database without exposing the password. The developer can check the validity of the password with the following code:

<cfif hash(form.password) is not myQuery.passwordHash>

  <cflocation url = "unauthenticated.cfm">

</cfif>

Example

<!--------------------------------------------------------------------

This code shows how to use Hash for password validation. This 

example assumes that the UserID value is passed to this page 

with a URL parameter.

---------------------------------------------------------------------->

<html>

<head>

<title>Hash Example</title>

</head>



<body bgcolor = silver>

<h3>Hash Example</h3>



<cfquery name = "CheckPerson" datasource = "UserData">

  SELECT PasswordHash

  FROM SecureData

  WHERE UserID = <cfqueryparam value = "#UserID#"

    cfsqltype = "CF_SQL_CHARVAR"> 

</cfquery>



<cfif Hash(form.password) is not checkperson.passwordhash>

  <cflocation url = "unauthenticated.cfm">

<cfelse>

  ...

</cfif>

...

Copyright © 2001, Macromedia Inc. All rights reserved.

---