(servelet)验证码
来源:互联网 发布:wan端口断开 编辑:程序博客网 时间:2024/06/07 01:44
验证码的作用
- 为了防止机器人的破坏操作,可以使用验证码技术来防止恶意的发送数据。
- 验证码本质上是一张动态产生的图片。
- 图片的内容会随着程序的运行而随机产生。
验证码的绘制
- 验证码图片的生成需要使用java提供的与绘图有关的一系列API。
- 想要绘图,需要画板,画笔,颜料,背景色,字体等多种类对象配合完成。
验证码图片的绘制步骤
- 1、创建一个内存画板对象
- 2、获取画笔
- 3、为画笔指定颜色
- 4、为画板设置背景色
- 5、绘制一个随机的字符串
- 6、修改画笔颜色
- 7、绘制多条干扰线
- 8、压缩图片并输出到客户端
package com.verificationCode.servelet;import java.awt.Color;import java.awt.Font;import java.awt.Graphics;import java.awt.image.BufferedImage;import java.io.IOException;import java.io.OutputStream;import java.util.Random;import javax.imageio.ImageIO;import javax.servlet.ServletException;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;public class ValidateCode extends HttpServlet { private static final long serialVersionUID = 1L; public ValidateCode() { super(); } protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doPost(request, response); } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { //0、创建空白图片 BufferedImage image = new BufferedImage(100, 30, BufferedImage.TYPE_INT_RGB); //1、获取图片画笔 Graphics g = image.getGraphics(); Random r = new Random(); //2、设置画笔颜色 g.setColor(new Color(r.nextInt(255), r.nextInt(255), r.nextInt(255))); //3、绘制矩形的背景 g.fillRect(0, 0, 100, 30); //4、调用自定义的方法,获取长度为5的字母数字组合的字符串 String number = getNumber(5); HttpSession session = request.getSession(); session.setAttribute("code", number); g.setColor(new Color(0, 0, 0)); g.setFont(new Font(null, Font.BOLD, 24)); //5、设置颜色字体后,绘制字符串 g.drawString(number, 5, 25); //6、绘制8条干扰线 for(int i = 0;i<8;i++){ g.setColor(new Color(r.nextInt(255), r.nextInt(255), r.nextInt(255), r.nextInt(255))); g.drawLine(r.nextInt(100), r.nextInt(30), r.nextInt(100), r.nextInt(30)); } response.setContentType("image/jpeg"); OutputStream ops = response.getOutputStream(); ImageIO.write(image, "jpeg", ops); ops.close(); } private String getNumber(int size){ String str = "ASDFGHJLPOIUYTREWQZXCVBNM"; String number = ""; Random r = new Random(); for(int i = 0 ; i<size;i++){ number += str.charAt(r.nextInt(str.length())); } return number; }}
验证码的验证流程
- 请求带有验证码的页面时:
- 通过img标签的src属性获取验证码图片
- 服务器端生成随机字符串,并绘制
- 服务器端将生成的随机字符串绑定到session中
- 提交表单及填写的验证码内容时:
- 处理程序将session中绑定的正确的验证码字符串取出来
- 获取表单提交时填写的验证码内容
- 比较两者,根据结果做出判断
package com.verificationCode.servelet;import java.io.IOException;import java.io.PrintWriter;import javax.servlet.ServletException;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;public class ActionServlet extends HttpServlet { private static final long serialVersionUID = 1L; public ActionServlet() { super(); } protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doPost(request, response); } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.setCharacterEncoding("UTF-8"); response.setContentType("text/html;charset=UTF-8"); PrintWriter out = response.getWriter(); String uri = request.getRequestURI(); String action = uri.substring(uri.lastIndexOf("/")+1, uri.lastIndexOf(".")); //判断动作是否为登录 if(action.equals("login")){ String name = request.getParameter("uname"); String pwd = request.getParameter("pwd"); String number = request.getParameter("vcode"); HttpSession session = request.getSession(); String code = session.getAttribute("code").toString(); if(number.equals(code)&&name.equals("111")&&pwd.equals("111")){ //编程式--设定session超时时间为10秒 //session.setMaxInactiveInterval(10); session.setAttribute("uname", name); //重定向到首页 //response.sendRedirect("index.jsp"); response.sendRedirect(response.encodeRedirectUrl("index.jsp")); } else{ //登录失败 request.setAttribute("msg", "用户名或密码错误"); request.getRequestDispatcher("login.jsp").forward(request, response); } }else if(action.equals("logout")){ HttpSession session = request.getSession(); //session失效 session.invalidate(); response.sendRedirect("login.jsp"); } out.close(); }}
login.jsp代码
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><script type="text/javascript"></script><style type="text/css"> .s1 { cursor: pointer; }</style></head><body> <form action="" method="post"> 姓名:<input type="text" /><br> 密码:<input type="password" /><br> 验证码:<input type="text" /> <img src="code" onclick="this.src='code?'+Math.random()" class="s1" title="点击更换"><br> <input type="submit" value="提交" /> </form></body></html>
web.xml代码
<?xml version="1.0" encoding="UTF-8"?><web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5"> <display-name>verificationCode</display-name> <servlet> <servlet-name>ValidateCode</servlet-name> <servlet-class>com.verificationCode.servelet.ValidateCode</servlet-class> </servlet> <servlet-mapping> <servlet-name>ValidateCode</servlet-name> <url-pattern>/code</url-pattern> </servlet-mapping> <servlet> <servlet-name>ActionServlet</servlet-name> <servlet-class>com.verificationCode.servelet.ActionServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>ActionServlet</servlet-name> <url-pattern>*.do</url-pattern> </servlet-mapping></web-app>
0 0
- (servelet)验证码
- Servelet
- Servelet基本概念
- java servelet
- Servelet注意
- Servelet基础
- 第一个Servelet
- filter servelet 相关
- servelet的学习
- tomcat(3) Servelet生命周期
- Servelet 如何访问数据库
- servelet何时被初始化
- Apache HttpClient之Servelet
- Servelet线程安全问题。
- Servelet的总结
- servelet监听分类
- Jsp&Servelet 学习笔记-写出一个 servelet 程序
- Servelet注册登录案例 及Servelet请求流程
- NYOJ 100 1的个数
- Mysql基本命令
- NSURLRequestCachePolicy
- 上班第二天
- Java中二进制、十进制、十六进制及ASCII码与String及字节数组与十六进制之间的转换
- (servelet)验证码
- [Android5 系列—] 3. 支持不同的设备
- Mysql双主同步
- 数字信号处理公式变程序(四)——巴特沃斯滤波器(上)
- STM32W108无线射频模块中断控制器(NVIC)
- OC中的类和对象
- Squid正向代理
- 在主机屋的虚拟主机上安装Discuz_X3.2
- 简单的Android页面跳转