Possible to define variables outside source code?

Report · Apr 23, 2009

Hello everyone,

I'm using the coldfusion encryption functions (like decrypt()) to save some credit card info on a database. However, the problem is that the password is in plain sight as part of the coldfusion code.

So my question is, is there a way to define an Application.level variable from the Coldfusion Administrator, and then access that variable from my coldfusion code?

Could it be possible to pass the variable as a JVM argument? If yes, how would I specify it and how would I read it from Coldfusion code?

This seems like a no-brainer thing for coldfusion to have, but I cannot seem to find this feature in the documentation.

- JC

Report · Apr 24, 2009

Password in plain sight? Password for what?

By the way, even if you could set an application variable in the administrator, it would still be visible when debugging is turned on.

Report · Apr 24, 2009

You know you can encrypt/obfuscate your CF source code so that its run-able on the server, but appears as gibberish for anyone viewing the CFM file via a text editor. Do a google search for "encrypt CF template"

Of course, if you are storing sensitive information on a server but don't trust the people who have physical access to the machine then you may have bigger issues to deal with...

Hope that helps!

-Michael

Adobe Community

Possible to define variables outside source code?