驗證碼的作用:防止惡意破解密碼、刷票、論壇灌水、刷頁。
有效防止某個黑客對某一個特定注冊用戶用特定程序暴力破解方式進行不斷的登錄嘗試,實際上使用驗證碼是現在很多網站通行的方式(比如招商銀行的網上個人銀行,百度社區),我們利用比較簡易的方式實現了這個功能。雖然登錄麻煩一點,但是對網友的密碼安全來說這個功能還是很有必要,也很重要。但我們還是 提醒大家要保護好自己的密碼 ,盡量使用混雜了數字、字母、符號在內的6位以上密碼,不要使用諸如1234之類的簡單密碼或者與用戶名相同、類似的密碼 ,免得你的賬號被人盜用給自己帶來不必要的麻煩。
驗證碼通常使用一些線條和一些不規則的字符組成,主要作用是為了防止一些黑客把密碼數據化盜取。
大多數網站的驗證碼都是需要點擊一下填寫框,然后會自動彈出驗證碼圖片擊驗證碼旁邊紅色字樣即可更換
由於驗證碼是隨機產生的,有很大幾率會出現無法清楚識別的驗證碼圖片,所以需要注意的是,一般網站都會有相應的提示,如“看不清,換一張”等,如果沒有提示,則直接點擊當前的驗證碼圖片,可以完成驗證碼的更換。
下面這將使用Jsp+Servle+JavaBean來實現驗證碼:
直接上代碼:
RandomValidateCode.java
package com.oumyye.util; /* * 作者:oumyye */ import java.awt.Color; import java.awt.Font; import java.awt.Graphics; import java.awt.image.BufferedImage; import java.util.Random; import javax.imageio.ImageIO; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class RandomValidateCode { public static final String RANDOMCODEKEY = "RANDOMVALIDATECODEKEY";//放到session中的key private Random random = new Random(); private String randString = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";//隨機產生的字符串 private int width = 120;//圖片寬 private int height = 40;//圖片高 private int lineSize = 40;//干擾線數量 private int stringNum = 6;//隨機產生字符數量 /* * 獲得字體 */ private Font getFont(){ return new Font("Fixedsys",Font.CENTER_BASELINE,20); } /* * 獲得顏色 */ private Color getRandColor(int fc,int bc){ if(fc > 255) fc = 255; if(bc > 255) bc = 255; int r = fc + random.nextInt(bc-fc-16); int g = fc + random.nextInt(bc-fc-14); int b = fc + random.nextInt(bc-fc-18); return new Color(r,g,b); } /** * 生成隨機圖片 */ public void getRandcode(HttpServletRequest request, HttpServletResponse response) { HttpSession session = request.getSession(); //BufferedImage類是具有緩沖區的Image類,Image類是用於描述圖像信息的類 BufferedImage image = new BufferedImage(width,height,BufferedImage.TYPE_INT_BGR); Graphics g = image.getGraphics();//產生Image對象的Graphics對象,改對象可以在圖像上進行各種繪制操作 g.fillRect(0, 0, width, height); g.setFont(new Font("Times New Roman",Font.ROMAN_BASELINE,20)); g.setColor(getRandColor(100, 133)); //繪制干擾線 for(int i=0;i<=lineSize;i++){ drowLine(g); } //繪制隨機字符 String randomString = ""; for(int i=1;i<=stringNum;i++){ randomString=drowString(g,randomString,i); } session.removeAttribute(RANDOMCODEKEY); session.setAttribute(RANDOMCODEKEY, randomString); System.out.println(randomString); g.dispose(); try { ImageIO.write(image, "JPEG", response.getOutputStream());//將內存中的圖片通過流動形式輸出到客戶端 } catch (Exception e) { e.printStackTrace(); } } /* * 繪制字符串 */ private String drowString(Graphics g,String randomString,int i){ g.setFont(getFont()); g.setColor(new Color(random.nextInt(101),random.nextInt(111),random.nextInt(121))); String rand = String.valueOf(getRandomString(random.nextInt(randString.length()))); randomString +=rand; g.translate(random.nextInt(3), random.nextInt(3)); g.drawString(rand, 13*i, 30); return randomString; } /* * 繪制干擾線 */ private void drowLine(Graphics g){ int x = random.nextInt(width); int y = random.nextInt(height); int xl = random.nextInt(10); int yl = random.nextInt(15); g.drawLine(x, y, x+xl, y+yl); } /* * 獲取隨機的字符 */ public String getRandomString(int num){ return String.valueOf(randString.charAt(num)); } }
ImageServlet .java
package com.oumyye.servlet; /** * 作者:oumyye */ import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import com.oumyye.util.RandomValidateCode; public class ImageServlet extends HttpServlet { /** * Constructor of the object. */ public ImageServlet() { super(); } /** * Destruction of the servlet. <br> */ public void destroy() { super.destroy(); // Just puts "destroy" string in log // Put your code here } /** * The doGet method of the servlet. <br> * * This method is called when a form has its tag value method equals to get. * * @param request the request send by the client to the server * @param response the response send by the server to the client * @throws ServletException if an error occurred * @throws IOException if an error occurred */ public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("image/jpeg");//設置相應類型,告訴瀏覽器輸出的內容為圖片 response.setHeader("Pragma", "No-cache");//設置響應頭信息,告訴瀏覽器不要緩存此內容 response.setHeader("Cache-Control", "no-cache"); response.setDateHeader("Expire", 0); RandomValidateCode randomValidateCode = new RandomValidateCode(); try { randomValidateCode.getRandcode(request, response);//輸出圖片方法 } catch (Exception e) { e.printStackTrace(); } } /** * The doPost method of the servlet. <br> * * This method is called when a form has its tag value method equals to post. * * @param request the request send by the client to the server * @param response the response send by the server to the client * @throws ServletException if an error occurred * @throws IOException if an error occurred */ public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } /** * Initialization of the servlet. <br> * * @throws ServletException if an error occurs */ public void init() throws ServletException { // Put your code here } }
配置文件web.xml
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0"> <display-name>0001web</display-name> <servlet> <description>ImageCreate</description> <display-name>ImageCreate</display-name> <servlet-name>ImageServlet</servlet-name> <servlet-class>com.oumyye.servlet.ImageServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>ImageServlet</servlet-name> <url-pattern>/servlet/ImageServlet</url-pattern> </servlet-mapping> </web-app>
index.jsp
<!DOCTYPE html> <html> <head> <title>驗證碼</title> <!-- Bootstrap --> <meta charset="utf-8"> <link href="bootstrap/css/bootstrap.min.css" rel="stylesheet" media="screen"> <link href="bootstrap/css/bootstrap-responsive.min.css" rel="stylesheet" media="screen"> <link href="assets/styles.css" rel="stylesheet" media="screen"> <!-- HTML5 shim, for IE6-8 support of HTML5 elements --> <!--[if lt IE 9]> <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script> <![endif]--> <script src="vendor/modernizr-2.6.2-respond-1.1.0.min.js"></script> <script type="text/javascript"> function refresh(obj) { obj.src = "servlet/ImageServlet?"+Math.random(); } </script> </head> <body id="login"> <input type="text" placeholder="驗證碼" name="imageCode" id="randomCode" onblur="checkImage()" style="width:58%;" required> <img title="點擊更換" onclick="javascript:refresh(this);" src="servlet/ImageServlet" style="margin-top:-16px;"><br/> <div id="checkBody"> </div> <!-- /container --> <script src="vendors/jquery-1.9.1.min.js"></script> <script src="bootstrap/js/bootstrap.min.js"></script> <script type="text/javascript"> var xmlHttp ; function createXMLHttpRequest(){ if(window.ActiveXOBject){ xmlHttp = new ActiveXObject("Microsoft.XMLHTTP"); }else if(window.XMLHttpRequest){ xmlHttp = new XMLHttpRequest(); } } function checkImage(){ var imageCode = document.getElementById("randomCode").value; if(imageCode==""||imageCode==null){ document.getElementById("checkBody").innerHTML="" + "<div class='alert alert-danger' role='alert'>請輸入驗證碼!</div> " ; document.getElementById("randomCode").focus() ; return false ; } var url = "userCheckCodeAction.action?imageCode="+imageCode; createXMLHttpRequest(); xmlHttp.onreadystatechange = processorCheckImage; xmlHttp.open("POST",url,true); xmlHttp.send(); } function processorCheckImage(){ var responseContext ; if(xmlHttp.readyState==4){ if(xmlHttp.status==200){ responseContext = xmlHttp.responseText; if(responseContext.indexOf("failure")!=-1){ document.getElementById("checkBody").innerHTML="" + "<div class='alert alert-danger' role='alert'>驗證碼錯誤!</div> " ; document.getElementById("randomCode").focus() ; return false ; }else{ document.getElementById("checkBody").innerHTML="" + "<div class='alert alert-success' role='alert'>驗證碼正確 !</div> " ; document.getElementById("submitBtn").innerHTML="" + "<button class='btn btn-large btn-primary' type='submit' style='width:80%;' >登 陸</button>" ; return true ; } } } } </script> </body> </html>
界面如下
點擊圖片可以刷新