ColdFusion RAID databases (or database pools)

Posted At : April 28, 2007 4:30 PM | Posted By : Justin Mclean
Related Categories: Scalability,Database,Singleton,ColdFusion

You've tuned your databases queries, added all of the indexes you can think of and cached all of the queries you can but your database still isn't giving you the performance you need.

So it's time to split up your database into several databases and move each of these new databases off onto separate database servers. Or perhaps a RAID database is the solution to your performance issues.

[More]

Comments (12) |

Send | 2273 Views

ColdFusion Securely Storing Passwords

Posted At : March 31, 2007 4:44 PM | Posted By : Justin Mclean
Related Categories: ColdFusion,Database,Security

Consider the following code that implements a simple login.

<cfquery name="user" datasource="#request.dns#">
select * from users
where name = '#form.login#' and password = '#form.password#'
</cfquery>

// if login failed go back to login page
<cfif user.recordcount is 0>
<cflocation url="login.cfm">
</cfif>

One of the issues with this is that the password is stored in the database as plain text. Anything with access to the database (including your ColdFusion application) could possibly be used to get a list of all users and their passwords.

[More]

Comments (2) |

Send | 2125 Views