I am working with some legacy code trying to replace the cfusion_encrypt and decrypt that was deprecated in ColdFusion 11. I am receiving the following error:
An error occurred while trying to encrypt or decrypt your input string: The input and output encodings are not same..
I have been working with the answers found in the following thread: Hide/Encrypt URL variables in ColdFusion
The encryption side seems to be working the way I would expected due to my URL ending in something like .cfm?LS=%2A2%20J%2FNV16Q%25%5EWJ%40%20%20
The decrypt side seems to be giving me problems and I am not sure what I am looking for. Here is some of the code I am working with
This is how the encrypt is being set in the files and where the cfusion_encrypt was removed from.
<a href="Menu.cfm?<cfoutput>LS=#URLEncodedFormat(Encrypt(LS, key))#</cfoutput>"
In my application.cfm file there is currently this code
<cfif isDefined('url.LS')>
<CFSET URLDecrypt(Key,LS)>
I tried replacing with this
<cfif isDefined('url.LS')>
<CFSET url.LS = #Decrypt("#Key#",url.LS)#>
and the code calls this function in a global file shared by all the applications.
<cfscript>
function urlDecrypt(key, LS){
scope = "url";
i = 0;
thisPair = "";
thisName = "";
thisValue = "";
// Check for valid key
if (not isDefined('LS'))
LS = #cgi.Query_String#;
LS = cfusion_Decrypt(#LS#, key); // Decrypt the Link string back into LS
//writeoutput(ls); // for DEBUGGING
// set the variables
for(i = 0; i lt listLen(LS, '&'); i = i + 1)
{
// Break up the list into seprate name=value pairs
thisPair = listGetAt(LS, i + 1, '&');
// Get the name
thisName = listGetAt(thisPair, 1, '=');
// Get the value
thisValue = listGetAt(thisPair, 2, '=');
// Set the name with the scope
thisName = scope & '.' & thisName;
// Set the variable
setVariable(thisName, thisValue);
}
}
I know the function still has the deprecated cfusion_decrypt in it. I am unsure how that should be replaced.
