Reputation: 3062
How to insert password as Hash to Ms SQL in coldfusion?
I am creating a form that saves a user registration. I want to insert the password to the database as hash or md5.
This is my html form with few coldfusion codes:
<form id="myForm" class="ui form segment" method="post" action="registeraction.cfm">
<p>Let's go ahead and get you signed up.</p>
<div class="field">
<div class="field">
<label>Name</label>
<input placeholder="Name" name="name" type="text">
</div>
</div>
<div class="field">
<div class="field">
<label>Email</label>
<input placeholder="Email" name="email" type="email">
</div>
</div>
<div class="field">
<div class="field">
<label>Password</label>
<input placeholder="Password" name="password" type="password">
</div>
</div>
<input class="ui blue submit button" type="Submit" value="Submit">
</form>
This is the code in registeraction.cfm :
<!--- Insert the new record --->
<cfinsert datasource="mydatasource" tablename="Users">
<h1>User Added</h1>
<cfoutput> You have added #Form.name# #Form.email# to the testdb database.
</cfoutput>
Upvotes: 1
Views: 2152
Answers (3)
Reputation: 1031
You should avoid using MD5, it is considered to be a weak algorithm. See: How weak is MD5 as a password hashing function ?
In addition you should not just hash the password, you should combine the plain text password with a salt. For more info see: OWASP: Password Storage Cheat Sheet
Upvotes: 8
Reputation: 1364
I think this should work for you. in registeraction.cfm just create hash and store it in form.password (I would recommend using CFC for any business logic and use cfm for only presentation )
<cfset form.password = Hash(Form.password, "SHA") >
<!--- Insert the new record --->
<cfinsert datasource="mydatasource" tablename="Users">
<h1>User Added</h1>
<cfoutput> You have added #Form.name# #Form.email# to the testdb database.
</cfoutput>
Upvotes: 3
Reputation: 1828
For well known hashings, you can use SQL Server built-in function HASHBYTES() - it returns VARBINARY
example:
INSERT INTO dbo.table (Password) VALUES (HASHBYTES('MD5', 'plaintext'))
Upvotes: 4
Related Questions
- How do I disable the resizable property of a textarea?
- How can I validate an email address in JavaScript?
- How to add a column with a default value to an existing table in SQL Server?
- How to make a div 100% height of the browser window
- How do I check whether a checkbox is checked in jQuery?
- How do I reduce the opacity of an element's background using CSS?
- How can I horizontally center an element?
- How do I UPDATE from a SELECT in SQL Server?
- How to pass "Null" (a real surname!) to a SOAP web service in ActionScript 3
- How to disable text selection highlighting