Converts a variable-length string to a 32-byte, hexadecimal string, using the MD5 algorithm. (It is not possible to convert the hash result back to the source string.)
32-byte, hexadecimal string
Conversion functions, Other functions, String functions
Hash(string)
| Parameter | Description |
|---|---|
string |
A string or a variable that contains one. |
The result is useful for comparison and validation. For example, a developer can store the hash of a password in a database without exposing the password. The developer can check the validity of the password with the following code:
<cfif hash(form.password) is not myQuery.passwordHash> <cflocation url = "unauthenticated.cfm"> </cfif>
<!--- How to use Hash for password validation. This assumes that UserID
value is passed to this page with a URL parameter. ---> <h3>Hash Example</h3> <cfquery name = "CheckPerson" datasource = "UserData"> SELECT PasswordHash FROM SecureData WHERE UserID = <cfqueryparam value = "#UserID#" cfsqltype = "CF_SQL_CHARVAR"> </cfquery> <cfif Hash(form.password) is not checkperson.passwordHash> <cflocation url = "unauthenticated.cfm"> <cfelse> ... </cfif>