George's Universe | generateKey

This page shows samples of how my generateKey function for ColdFusion works. You can Download the function at the bottom of the page. This function will generate a Security Key for form submissions on a web site. There are three steps to this process: Generate the encrypted key. This should be passed in a hidden form field. Display the decrypted key using HTML Character Codes. Convert the encrypted key to a decrypted form for comparing to the visitor's entered key. === Basic Code for the Form Submission Page === <style> .keycode { background-color:white; padding:5px 10px; border:2px solid black; float:left; font-size:30px; font-family:monospace; letter-spacing:2px; font-weight:bolder; } </style> <form action="Post.cfm" method="POST"> <CFSET strKey = generateKey()> <div class="keycode"> #generateKey(2,strKey)# </div> <input type="hidden" name="key" value="#strKey#"> <br clear="all"> Enter the Security Key displayed above: <input type="text" name="enterkey" value=""> </form> === Basic Code for the Form Processing Page (Post.cfm) === <CFSET strKey = UCase(FORM.key)> <CFSET strEnteredKey = UCase(FORM.enterkey)> <CFSET strDecryptedKey = generateKey(3,strKey)> <CFIF strDecryptedKey EQ strEnteredKey> Process Page <CFELSE> Display Error Message </CFIF> *generateKey( [ intGenerate* as integer ] , [ strDecKey as string ] , [ intASCIIOffset as integer ] )** intGenerate - Optional, Default = 1 - This determines which step in the key generation process to perform. 1 (Default) - Generates Key Code 2 (requires strDecKey) - Generates HTML Code for Key Code. 3 (requires strDecKey) - Converts the encrypted key to plain text. strDecKey - Optional, Default empty string, required for intGenerate = 2 or 3 - This is the encrypted key created in the first step. intASCIIOffset - Optional, Default = 0 - This designates an additional value to use for encryption so that the digits passed in the encrypted key don't match ASCII character codes exactly. Sample: 1P4N84 Enter the Security Key displayed above: ColdFusion Code Entered: <p> <style> .keycode { background-color:white; padding:5px 10px; border:2px solid black; float:left; font-size:30px; font-family:monospace; letter-spacing:2px; font-weight:bolder; } </style> <CFSET strKey = generateKey()> <div class="keycode"> #generateKey(2,strKey)# </div> <input type="hidden" name="key" value="#strKey#"> <br clear="all"> Enter the Security Key displayed above: <input type="text" name="enterkey" value=""> </p> Generated HTML Code (note, this is for a key code of KB74AK, not necessarily what is displayed above): <p> <style> .keycode { background-color:white; padding:5px 10px; border:2px solid black; float:left; font-size:30px; font-family:monospace; letter-spacing:2px; font-weight:bolder; } </style> <div class="keycode"> KB74AK </div> <input type="hidden" name="key" value="75-66-55-52-65-75"> <br clear="all"> Enter the Security Key displayed above: <input type="text" name="enterkey" value=""> </p> And the "key" value using various ASCII Offsets would display: Offset = 0: 75-66-55-52-65-75 Offset = 1: 74-65-54-51-64-74 Offset = 5: 70-61-50-47-60-70 Offset = -2: 77-68-57-54-67-77 This is useful so that the numbers in the "key" don't match the HTML Character Codes that are displayed in the code.

Download generateKey() function: <!--- ============ GENERATEKEY() ============ ---> <CFFUNCTION name="generateKey" returntype="string"> <!--- ################################################### ## Author: George Jaros ## ## Script Name: ColdFusion generateKey Function ## ## Copyright 2007 George Jaros & Web 2 Market ## ## www.georgejaros.com www.web2market.com ## ## This code may be replicated as long as ## ## this header statement is included. The ## ## Instructions below may be removed. ## ################################################### generateKey() will generate a Security Key for form submissions on a web site. There are three steps to this process: 1. Generate the encrypted key. This should be passed in a hidden form field. 2. Display the decrypted key using HTML Character Codes. 3. Convert the encrypted key to a decrypted form for comparing to the visitor's entered key. === Basic Code for the Form Submission Page === <style> .keycode { background-color:white; padding:5px 10px; border:2px solid black; float:left; font-size:30px; font-family:monospace; letter-spacing:2px; font-weight:bolder; } </style> <form action="Post.cfm" method="POST"> <CFSET strKey = generateKey()> <div class="keycode"> #generateKey(2,strKey)# </div> <input type="hidden" name="key" value="#strKey#"> <br clear="all"> Enter the Security Key displayed above: <input type="text" name="enterkey" value=""> </form> === Basic Code for the Form Processing Page (Post.cfm) === <CFSET strKey = UCase(FORM.key)> <CFSET strEnteredKey = UCase(FORM.enterkey)> <CFSET strDecryptedKey = generateKey(3,strKey)> <CFIF strDecryptedKey EQ strEnteredKey> Process Page <CFELSE> Display Error Message </CFIF> generateKey( [ intGenerate as integer ] , [ strDecKey as string ] , [ intASCIIOffset as integer ] ) intGenerate - Optional, Default = 1 - This determines which step in the key generation process to perform. 1 (Default) - Generates Key Code 2 (requires strDecKey) - Generates HTML Code for Key Code. 3 (requires strDecKey) - Converts the encrypted key to plain text. strDecKey - Optional, Default empty string, required for intGenerate = 2 or 3 - This is the encrypted key created in the first step. intASCIIOffset - Optional, Default = 0 - This designates an additional value to use for encryption so that the digits passed in the encrypted key don't match ASCII character codes exactly. ---> <CFARGUMENT name="intGenerate" type="numeric" required="No" default="1" hint="1 = Generate Key Code, 2 = Display Key Code for HTML, 3 = Decrypt Key Code"> <CFARGUMENT name="strDecKey" type="string" required="no" default=""> <CFARGUMENT name="intASCIIOffset" type="numeric" required="no" default="0"> <CFIF intGenerate EQ 1> <CFSET strEncKey = ""> <CFSET ValidChars = "ABCDEFGHIJKLMNPQRSTUVWXYZ123456789"> <CFLOOP INDEX="intIndex" FROM="1" TO="6"> <CFSET strEncKey = strEncKey & Mid(ValidChars,RandRange('1',Len(ValidChars)),'1')> </CFLOOP> <CFSET strEncKey = Left(Trim(strEncKey),6)> <CFSET encrypted = ""> <cfloop index="p" from="1" to="#Len(strEncKey)#"> <cfset encrypted = ListAppend(encrypted,Asc(Mid(strEncKey,p,1)) + intASCIIOffset,"-")> </cfloop> <CFRETURN encrypted> <CFELSEIF intGenerate EQ 2 AND strDecKey NEQ ""> <CFSET strEncKey = ""> <CFLOOP list="#strDecKey#" delimiters="-" index="p"> <CFSET strEncKey = strEncKey & Chr(p)> </CFLOOP> <CFSET strEncKey = Left(Trim(strEncKey),6)> <CFSET encrypted = ""> <cfloop index="p" from="1" to="#Len(strEncKey)#"> <cfset encrypted = encrypted & "&##" & Asc(Mid(strEncKey,p,1)) - intASCIIOffset & ";"> </cfloop> <CFRETURN encrypted> <CFELSEIF intGenerate EQ 3 AND strDecKey NEQ ""> <CFSET decrypted = ""> <cfloop list="#strDecKey#" index="p" delimiters="-"> <cfset decrypted = "#decrypted##Chr(p-intASCIIOffset)#"> </cfloop> <CFRETURN decrypted> <CFELSE> <CFRETURN "ERROR"> </CFIF> </CFFUNCTION> <!--- ============ END GENERATEKEY() ============ --->



<!--- ============ GENERATEKEY() ============ --->
<CFFUNCTION name="generateKey" returntype="string">
	<!---
	###################################################
	## Author: George Jaros                          ##
	## Script Name: ColdFusion generateKey Function  ##
	## Copyright 2007 George Jaros & Web 2 Market    ##
	## www.georgejaros.com  www.web2market.com       ##
	## This code may be replicated as long as        ##
	## this header statement is included.  The       ##
	## Instructions below may be removed.            ##
	###################################################

	generateKey() will generate a Security Key for form submissions on a web site.
	
	There are three steps to this process:
	
	1. Generate the encrypted key.  This should be passed in a hidden form field.
	2. Display the decrypted key using HTML Character Codes.
	3. Convert the encrypted key to a decrypted form for comparing to the visitor's entered key.
	
	=== Basic Code for the Form Submission Page ===
	
	<style>
		.keycode {
			background-color:white;
			padding:5px 10px;
			border:2px solid black;
			float:left;
			font-size:30px;
			font-family:monospace;
			letter-spacing:2px;
			font-weight:bolder;
		}
	</style>
	<form action="Post.cfm" method="POST">
	<CFSET strKey = generateKey()>
	<div class="keycode">
		#generateKey(2,strKey)#
	</div>
	<input type="hidden" name="key" value="#strKey#">
	<br clear="all">
	Enter the Security Key displayed above: <input type="text" name="enterkey" value="">
	</form>
	
	=== Basic Code for the Form Processing Page (Post.cfm) ===
	
	<CFSET strKey = UCase(FORM.key)>
	<CFSET strEnteredKey = UCase(FORM.enterkey)>
	<CFSET strDecryptedKey = generateKey(3,strKey)>

	<CFIF strDecryptedKey EQ strEnteredKey>
		Process Page
	<CFELSE>
		Display Error Message
	</CFIF>
	
	generateKey( [ intGenerate as integer ] , [ strDecKey as string ] , [ intASCIIOffset as integer ] )
		intGenerate - Optional, Default = 1 - This determines which step in the key generation process to perform.
			1 (Default) - Generates Key Code
			2 (requires strDecKey) - Generates HTML Code for Key Code.
			3 (requires strDecKey) - Converts the encrypted key to plain text.
		strDecKey - Optional, Default empty string, required for intGenerate = 2 or 3 - This is the encrypted key created in the first step.
		intASCIIOffset - Optional, Default = 0 - This designates an additional value to use for encryption so that the digits passed in the encrypted key don't match ASCII character codes exactly.

	--->
	<CFARGUMENT name="intGenerate" type="numeric" required="No" default="1" hint="1 = Generate Key Code, 2 = Display Key Code for HTML, 3 = Decrypt Key Code">
	<CFARGUMENT name="strDecKey" type="string" required="no" default="">
	<CFARGUMENT name="intASCIIOffset" type="numeric" required="no" default="0">
	<CFIF intGenerate EQ 1>
		<CFSET strEncKey = "">
		<CFSET ValidChars = "ABCDEFGHIJKLMNPQRSTUVWXYZ123456789">
		<CFLOOP INDEX="intIndex" FROM="1" TO="6">
		     <CFSET strEncKey = strEncKey & Mid(ValidChars,RandRange('1',Len(ValidChars)),'1')>
		</CFLOOP>
		<CFSET strEncKey = Left(Trim(strEncKey),6)>
		<CFSET encrypted = "">
		<cfloop index="p" from="1" to="#Len(strEncKey)#">
			<cfset encrypted = ListAppend(encrypted,Asc(Mid(strEncKey,p,1)) + intASCIIOffset,"-")>
		</cfloop>
		<CFRETURN encrypted>
	<CFELSEIF intGenerate EQ 2 AND strDecKey NEQ "">
		<CFSET strEncKey = "">
		<CFLOOP list="#strDecKey#" delimiters="-" index="p">
		     <CFSET strEncKey = strEncKey & Chr(p)>
		</CFLOOP>
		<CFSET strEncKey = Left(Trim(strEncKey),6)>
		<CFSET encrypted = "">
		<cfloop index="p" from="1" to="#Len(strEncKey)#">
			<cfset encrypted = encrypted & "&##" & Asc(Mid(strEncKey,p,1)) - intASCIIOffset & ";">
		</cfloop>
		<CFRETURN encrypted>
	<CFELSEIF intGenerate EQ 3 AND strDecKey NEQ "">
		<CFSET decrypted = "">
		<cfloop list="#strDecKey#" index="p" delimiters="-">
			<cfset decrypted = "#decrypted##Chr(p-intASCIIOffset)#">
		</cfloop>
		<CFRETURN decrypted>
	<CFELSE>
		<CFRETURN "ERROR">
	</CFIF>
</CFFUNCTION>
<!--- ============ END GENERATEKEY() ============ --->

This page shows samples of how my generateKey function for ColdFusion works. You can Download the function at the bottom of the page.

This page shows samples of how my generateKey function for ColdFusion works.
You can Download the function at the bottom of the page.