1、驗證碼的作用
驗證碼是目前大多網站所支持并使用于注冊登錄的,就在于其作用能有效防止暴力攻擊、惡意登錄注冊,驗證碼每次都不同,
這就可以排除,用其他病毒或者軟體自動申請用戶及自動登陸.有效防止這種問題,
2、原理及知識點分析
1.原理
驗證碼于服務器端生成,發送給客戶端,并以影像格式顯示,客戶端提交所顯示的驗證碼,客戶端接收并進行比較,若比對失敗則不能實作登錄或注冊,反之成功后跳轉相應界面,
2.主要知識
服務器端的相關實作,前端運用 HTML 5,CSS 3 ,(可空白留給美工實作,須有 HTML 基礎知識),
主要是三部分:
(提交界面, 成功及失敗的) jsp
(后臺對應提交 jsp 驗證提交內容的) servlet (生成驗證碼的) servlet
XML 檔案
3、驗證碼實作
前臺代碼:
<a style="cursor: hand" onclick="reload()">
<img alt="加載中..." src="${pageContext.request.contextPath }/CheckCodeServlet" id="img" border="1">
</a>
<script type="text/javascript">
function reload(){
document.getElementById("img").src
= document.getElementById("img").src+"?aa="+new Date().getTime();//nocache
}
</script>java代碼:
package com.school.controller;
import java.awt.Color;
import java.awt.Graphics;
import java.awt.Image;
import java.awt.image.BufferedImage;
import java.io.File;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Random;
import javax.imageio.ImageIO;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javafx.scene.text.Font;
/**
*驗證碼
*/
@WebServlet("/CheckCodeServlet")
public class CheckCodeServlet extends HttpServlet {
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//設定快取
response.setHeader("pragma", "No-cache");
response.setHeader("Cache-Control", "No-cache");
response.setDateHeader("Expires", 0);
//設定回傳資料的型別
response.setContentType("image/gif");
//設定畫板大小
int width = 100;
int height = 40;
BufferedImage image = new BufferedImage(width, height, BufferedImage.TYPE_INT_BGR);
//畫筆
Graphics g = image.getGraphics();
java.awt.Font font = new java.awt.Font("宋體",java.awt.Font.BOLD,25);
g.setFont(font);
String imagePath = request.getServletContext().getRealPath("/img/codeBackg.jpg");
Image image1 = ImageIO.read(new File(imagePath));
g.drawImage(image1,0,0,100,40,null);
String source = "0123456789abcdefghijklmABCDEFGH好人壞人";
String infor = "";
for (int i = 0; i < 4; i++) {
//隨機取一個字符
int index = new Random().nextInt(source.length()-1);
char myCode = source.charAt(index);
//讓字的顏色隨機
Random random = new Random();
g.setColor(new Color(20+random.nextInt(120),20+random.nextInt(120),20+random.nextInt(120)));
//畫入文字
g.drawString(myCode+"", 15+i*20, 20+new Random().nextInt(10));
//畫入干擾線
g.drawLine(random.nextInt(100), random.nextInt(40), random.nextInt(100), random.nextInt(40));
infor += myCode;
}
//記錄到session,以備將來匹配
request.getSession().setAttribute("infor", infor);
//釋放資源
g.dispose();
OutputStream out = response.getOutputStream();
ImageIO.write(image,"gif", out);
out.flush();
out.close();
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
doGet(request, response);
}
}
//接收輸入的驗證碼
String code = request.getParameter("code");
//接收java生成的驗證碼
String infor = (String) request.getSession().getAttribute("infor");
//用equalsIgoreCase()方法判斷是否相等,不區分大小寫
if(!code.equalsIgnoreCase(infor)){
//不正確
loginError.put("code", "驗證碼不正確");
}轉載請註明出處,本文鏈接:https://www.uj5u.com/houduan/342192.html
標籤:java
上一篇:Java——陣列的定義和使用