Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Assume a login form with username and pasword:
form.user_id and form.password
<cfquery name="loginQuery" datasource="users" maxrows="1">
SELECT password_hash, salt
FROM USERS where user_id = <cfqueryparam cfsqltype="CF_SQL_VARCHAR" value="#form.user_id#" maxlength="12" />
<cfset hashedFormPassword = crypto.computeHash(form.password, loginQuery.salt) />
<cfif loginQuery.password_hash eq hashedFormPassword>
Valid user.
Invalid user.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment