关于验证码的问题
来源:互联网 发布:linux qt多进程 编辑:程序博客网 时间:2024/04/25 14:58
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
为防止暴力登录而采用的随机验证码在很多网站的登录上经常见到,我这里用Struts+Servlet简单实现登录验证码,贴出来与大家一起交流。
原理就是利用在Servlet中产生4个数字与字母随机组合的验证码,存放到request的Session中,当用户加载登录页面的同时,发送一个请求给Servlet产生随机的验证码,并在登录页面以图片的形式展示在用户面前,当用户填完登录信息提交时,由Struts的Action从用户的请求中获得用户在界面上输入的验证码,并与session中的验证码进行比对,如果两者不一致则返回到登录界面,并刷新验证码,如果两者一致则继续进行后续的其它验证。当用户在界面看到的验证码不清晰,可以重复单击刷新验证码,直到看到清晰的图片为止,刷新验证码图片是通过页面JavaScript脚本控制的,其实就是重新发送一次请求给Servlet,重新产生随机验证码并更换Session中的旧验证码。 登录页面login.jsp的代码如下:<%...@ page language="Java" pageEncoding="UTF-8"%>
<%...@ taglib uri="http://jakarta.apache.org/struts/tags-html" prefix="html"%>
<html>
<head>
<title>登录页面</title>
<script type="text/Javascript">...
// 刷新验证码图片
function refresh(obj)...{
obj.src="check";
}
</script>
</head>
<body>
<html:form action="/login">
用户名 : <html:text property="userName" />
<html:errors property="userName" />
<br />
验证码:<input name="checkCode" id="checkCode" />
<img src="check" onclick="refresh(this)"
title="看不清?单击换一张图片">
<html:errors property="checkCodeErr" /><p/>
<html:submit value="登录" />
</html:form>
</body>
</html>注意:验证码的图片标签<img>中的src属性值为产生随机验证码的Servlet对应的映射路径,这样只要一打开页面图片就会显示,刷新也是一样。<html:errors property="checkCodeErr" />用来显示验证出错的提示信息产生随机验证码的Servlet代码如下,是从张孝祥老师的一本书中参考略做修改得来的,具体哪本书记不起来了。package com.yame.utils;import Java.awt.Color;
import Java.awt.Font;
import Java.awt.Graphics;
import Java.awt.image.BufferedImage;
import Java.io.ByteArrayOutputStream;
import Java.io.IOException;
import Javax.imageio.ImageIO;
import Javax.servlet.ServletException;
import Javax.servlet.ServletOutputStream;
import Javax.servlet.http.HttpServlet;
import Javax.servlet.http.HttpServletRequest;
import Javax.servlet.http.HttpServletResponse;
import Javax.servlet.http.HttpSession;@SuppressWarnings("serial")
public class CheckCodeServlet extends HttpServlet ...{
private static int WIDTH=60;
private static int HEIGHT=20;
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException ...{
HttpSession session = request.getSession();
response.setContentType("image/jpeg");
ServletOutputStream sos = response.getOutputStream();
response.setHeader("Pragma", "No-cache");
response.setHeader("Cache-Control", "no-cache");
response.setDateHeader("Expires", 0);
BufferedImage image = new BufferedImage(WIDTH,HEIGHT,BufferedImage.TYPE_INT_RGB);
Graphics g=image.getGraphics();
char[] rands = generateCheckCode();
drawBackground(g);
drawRands(g,rands);
g.dispose();
ByteArrayOutputStream bos= new ByteArrayOutputStream();
ImageIO.write(image,"JPEG",bos);
byte[] buf = bos.toByteArray();
response.setContentLength(buf.length);
sos.write(buf);
bos.close();
sos.close();
session.setAttribute("check_code", new String(rands));
}
private void drawBackground(Graphics g) ...{
g.setColor(new Color(0xDCDCDC));
g.fillRect(0, 0, WIDTH, HEIGHT);
for(int i=0;i<120;i++)...{
int x = (int)(Math.random()*WIDTH);
int y = (int)(Math.random()*HEIGHT);
int red = (int)(Math.random()*255);
int green = (int)(Math.random()*255);
int blue = (int)(Math.random()*255);
g.setColor(new Color(red,green,blue));
g.drawOval(x, y, 1, 0);
}
} private void drawRands(Graphics g, char[] rands) ...{
g.setColor(Color.BLACK);
g.setFont(new Font(null,Font.ITALIC|Font.BOLD,18));
g.drawString(""+rands[0], 1, 17);
g.drawString(""+rands[1], 16, 15);
g.drawString(""+rands[2], 31, 18);
g.drawString(""+rands[3], 46, 16);
} private char[] generateCheckCode() ...{
String chars = "0123456789abcdefghijklmnopqrstuvwxyz";
char[] rands = new char[4];
for(int i=0;i<4;i++)...{
int rand = (int)(Math.random()*36);
rands[i]=chars.charAt(rand);
}
return rands;
} public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException ...{
this.doGet(request, response);
}
}CheckCodeServlet.Java在web.Xml中的映射路径设置:<servlet>
<servlet-name>CheckCodeServlet</servlet-name>
<servlet-class>com.yame.utils.CheckCodeServlet</servlet-class>
</servlet><servlet-mapping>
<servlet-name>CheckCodeServlet</servlet-name>
<url-pattern>/check</url-pattern>
</servlet-mapping>负责处理对比用户输入的验证码与session中验证码的Action代码如下:package com.yame.struts.action;import Javax.servlet.http.HttpServletRequest;
import Javax.servlet.http.HttpServletResponse;
import Javax.servlet.http.HttpSession;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionMessage;
import org.apache.struts.action.ActionMessages;public class LoginAction extends Action ...{
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) ...{
// 验证随机验证码是否填写正确
String checkCode=request.getParameter("checkCode");
HttpSession session = request.getSession();
if(!checkCode.equals((String)session.getAttribute("check_code")))...{
// 加入错误提示信息
ActionMessages errors=new ActionMessages();
errors.add("checkCodeErr", new ActionMessage("error.checkCodeError"));
this.addErrors(request, errors);
// 出错则回到登录界面
return mapping.findForward("index");
}else
return mapping.findForward("success");
}
}
Struts配置文件:struts-config.Xml<?Xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE struts-config PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 1.2//EN" "http://struts.apache.org/dtds/struts-config_1_2.dtd"><struts-config>
<data-sources />
<form-beans >
<form-bean name="loginForm" type="com.yame.struts.form.LoginForm" /></form-beans><global-exceptions />
<global-forwards />
<action-mappings >
<action
attribute="loginForm"
input="/login.jsp"
name="loginForm"
path="/login"
scope="request"
type="com.yame.struts.action.LoginAction" >
<forward name="index" path="/login.jsp" />
<forward name="success" path="/welcome.jsp" />
</action>
</action-mappings><message-resources parameter="com.yame.struts.ApplicationResources" />
</struts-config>
资源文件ApplicationResources.properties中就一句:error.checkCodeError=<font color=red>/u9a8c/u8bc1/u7801/u6709/u8bef!</font>因为这里主要是为了介绍验证码,没对其它字段进行任何验证,当验证码出错则回到登录界面,并显示错误信息,正确则跳转到welcome.jsp,随便打印一句话。welcome.jsp:<%...@ page language="Java" import="Java.util.*" pageEncoding="UTF-8"%>
<%...
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>My JSP 'welcome.jsp' starting page</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
--></head>
<body>
验证码验证成功!!
</body>
</html>
*/
package com.hungon.myapp.util;
import java.awt.Color;
import java.awt.Font;
import java.awt.Graphics;
import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import javax.imageio.ImageIO;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
* @author qsy
*/
@SuppressWarnings("serial")
public class CheckCodeServlet extends HttpServlet {
private static int WIDTH = 60;
private static int HEIGHT = 20;
@Override
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException{
HttpSession session = request.getSession();
response.setContentType("image/jpeg");
ServletOutputStream sos = response.getOutputStream();
response.setHeader("Pragma", "No-cache");
response.setHeader("Cache-Control", "no-cache");
response.setDateHeader("Expires", 0);
BufferedImage image = new BufferedImage(WIDTH, HEIGHT, BufferedImage.TYPE_INT_RGB);
Graphics g = image.getGraphics();
char[] rands = generateCheckCode();
drawBackground(g);
drawRands(g, rands);
g.dispose();
ByteArrayOutputStream bos = new ByteArrayOutputStream();
ImageIO.write(image, "JPEG", bos);
byte[] buf = bos.toByteArray();
response.setContentLength(buf.length);
sos.write(buf);
bos.close();
sos.close();
session.setAttribute("rand", new String(rands));
}
private void drawBackground(Graphics g) {
g.setColor(new Color(0xDCDCDC));
g.fillRect(0, 0, WIDTH, HEIGHT);
for (int i = 0; i < 120; i++) {
int x = (int) (Math.random() * WIDTH);
int y = (int) (Math.random() * HEIGHT);
int red = (int) (Math.random() * 255);
int green = (int) (Math.random() * 255);
int blue = (int) (Math.random() * 255);
g.setColor(new Color(red, green, blue));
g.drawOval(x, y, 1, 0);
}
}
private void drawRands(Graphics g, char[] rands) {
g.setColor(Color.BLACK);
g.setFont(new Font(null, Font.ITALIC | Font.BOLD, 18));
g.drawString("" + rands[0], 1, 17);
g.drawString("" + rands[1], 16, 15);
g.drawString("" + rands[2], 31, 18);
g.drawString("" + rands[3], 46, 16);
}
private char[] generateCheckCode(){
String chars = "0123456789abcdefghijklmnopqrstuvwxyz";
char[] rands = new char[4];
for (int i = 0; i < 4; i++) {
int rand = (int) (Math.random() * 36);
rands[i] = chars.charAt(rand);
}
return rands;
}
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException{
this.doGet(request, response);
}
}
- 关于验证码的问题
- 关于验证码的问题
- 关于随机生成验证码的问题
- 关于验证码图片的获取问题
- 关于验证码的破解问题
- 关于短信验证码的问题
- 关于xUtil3服务器图片验证码验证失败的问题。
- 关于validwhen验证的问题
- 关于headers验证的问题
- 关于验证状态的问题
- 关于验证码刷新问题
- 关于asp.net (C#)验证码的问题
- 关于验证码的问题(更新中)
- 关于thinkphp验证码不显示的问题
- 关于"无法验证数据"的问题
- 关于验证用户名是否存在的问题
- 关于密码输入与验证的问题
- 关于jsp页面验证的问题
- C++友元
- 利用flex builder 来开发php
- json.org例子
- xml operation
- 太 他 吗 的经典了!乐了您就顶一个!
- 关于验证码的问题
- (转)2010强暴开场
- docin转swf(vc源码)修正,更新下载!
- 美国官司专业户再次出手 国内大小网站噤若寒蝉
- 八种方法排除网络连接故障
- UNIX Domain Sockets
- Java取时间(12小时制和24小时制)
- 深入了解字符集和编码(转)
- MySQL表损坏预防与修复