Reputation: 224
Case sensitive coldfusion IF statements
I have a coldfusion application running right now with a login that sends a query to the database looking for a row with the same username and password as what was entered into the form.
Curently, it is completely non-case sensitive. However, I would like to add case sensitivity to the password field, so that users have to have the exact password. Is there a way to do a case sensitive IF statement in coldfusion?
Upvotes: 0
Views: 2253
Answers (3)
Reputation: 3094
Another option:
If your database supports case-sensitivity, set your table to use a case-sensitive collation - then your user lookup query will make case-sensitive comparison of stored and provided username/password. You won't have to do any post-query string comparison using CF then (1 less process to run = good :)
+1 to Leigh's caution about storing passwords in plain-text.
Upvotes: 3
Reputation: 224
As mentioned here: http://www.irt.org/script/3018.htm
seems you can use:
<cfif Compare(string1,string2) eq "0">...</cfif>
Upvotes: 6
Reputation: 1964
You can hash() both values and compare the hashes.
<cfif Hash( DBPassword ) EQ Hash( SubmittedPassword )>
<!--- Login Code --->
</cfif>
Also, you shouldn't be storing passwords as plain-text in the databases as is.
Upvotes: 7
Related Questions
- switch(true) with dynamic cases in coldfusion?
- How to prevent Query of Queries returning case sensitive results from CFC in Coldfusion
- CFCase values with spaces are not found
- Case insensitive highlighting with ColdFusion
- ReplaceNoCase multiple times for a single string
- How do I write a case sensitive query in ColdFusion? I want user name and password to be case sensitive
- Coldfusion - Query a database not case-sensitive
- ColdFusion 10 form variable functionality change relating to case of variables
- Make ColdFusion on Ubuntu case-insensitive
- coldfusion findNoCase not working