如何在ColdFusion中编写区分大小写的查询?我希望用户名和密码区分大小写

时间:2013-08-30 03:29:46

标签: mysql coldfusion

如何在ColdFusion中编写区分大小写的查询?我希望用户名和密码区分大小写。这就是我所拥有的:

<cfquery datasource="myDataSource" name="qVerify">
    SELECT *
      FROM tblUsers
     WHERE userName = '#userName#' 
       AND password = '#password#'
</cfquery>
<cfif qVerify.RecordCount>
    <cfset session.allowin = "True" />
    <cfset session.ID = qVerify.ID />
    { "login" : "valid" }
<cfelse>
    { "login" : "invalid" }
</cfif>

所以如果用户Dave(因为它在数据库中)以dave身份登录,那么它将无效...

2 个答案:

答案 0 :(得分:2)

这应该将列视为区分大小写,但您应该确实将密码问题存储为纯文本。

<!--- MS SQL Server ---> 
<cfquery datasource="myDataSource" name="qVerify">
SELECT *
FROM tblUsers
WHERE userName = <cfqueryparam cfsqltype="cf_sql_varchar" value="#userName#"> COLLATE SQL_Latin1_General_CP1_CS_A
AND password = <cfqueryparam cfsqltype="cf_sql_varchar" value="#password#"> COLLATE SQL_Latin1_General_CP1_CS_A
</cfquery>

(从评论中更新)

确切的归类名称取决于数据库。对于MySQL:

<!--- MySQL ---> 
<cfquery datasource="myDataSource" name="qVerify">
SELECT *
FROM tblUsers
WHERE userName = <cfqueryparam cfsqltype="cf_sql_varchar" value="#userName#"> COLLATE latin1_general_cs
AND password = <cfqueryparam cfsqltype="cf_sql_varchar" value="#password#"> COLLATE latin1_general_cs
</cfquery>

有关详细信息,请参阅documentation on charset/collate

答案 1 :(得分:1)

将查询中的字段强制转换为区分大小写的类型或使用区分大小写的编码。

相关问题
最新问题