验证码的作用
- 为了防止机器人的破坏操作,可以使用验证码技术来防止恶意的发送数据。
- 验证码本质上是一张动态产生的图片。
- 图片的内容会随着程序的运行而随机产生。
验证码的绘制
- 验证码图片的生成需要使用java提供的与绘图有关的一系列API。
- 想要绘图,需要画板,画笔,颜料,背景色,字体等多种类对象配合完成。
验证码图片的绘制步骤
- 1、创建一个内存画板对象
- 2、获取画笔
- 3、为画笔指定颜色
- 4、为画板设置背景色
- 5、绘制一个随机的字符串
- 6、修改画笔颜色
- 7、绘制多条干扰线
- 8、压缩图片并输出到客户端
package com.verificationCode.servelet;import java.awt.Color;
import java.awt.Font;
import java.awt.Graphics;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Random;import javax.imageio.ImageIO;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class ValidateCode extends HttpServlet {
private static final long serialVersionUID = 1L;public ValidateCode() {super();}protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {doPost(request, response);}protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {BufferedImage image = new BufferedImage(100, 30, BufferedImage.TYPE_INT_RGB);Graphics g = image.getGraphics();Random r = new Random();g.setColor(new Color(r.nextInt(255), r.nextInt(255), r.nextInt(255)));g.fillRect(0, 0, 100, 30);String number = getNumber(5);HttpSession session = request.getSession();session.setAttribute("code", number);g.setColor(new Color(0, 0, 0));g.setFont(new Font(null, Font.BOLD, 24));g.drawString(number, 5, 25);for(int i = 0;i<8;i++){g.setColor(new Color(r.nextInt(255), r.nextInt(255), r.nextInt(255), r.nextInt(255)));g.drawLine(r.nextInt(100), r.nextInt(30), r.nextInt(100), r.nextInt(30));}response.setContentType("image/jpeg");OutputStream ops = response.getOutputStream();ImageIO.write(image, "jpeg", ops);ops.close();}private String getNumber(int size){String str = "ASDFGHJLPOIUYTREWQZXCVBNM";String number = "";Random r = new Random();for(int i = 0 ; i<size;i++){number += str.charAt(r.nextInt(str.length()));}return number;}
}
验证码的验证流程
- 请求带有验证码的页面时:
- 通过img标签的src属性获取验证码图片
- 服务器端生成随机字符串,并绘制
- 服务器端将生成的随机字符串绑定到session中
- 提交表单及填写的验证码内容时:
- 处理程序将session中绑定的正确的验证码字符串取出来
- 获取表单提交时填写的验证码内容
- 比较两者,根据结果做出判断
package com.verificationCode.servelet;import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class ActionServlet extends HttpServlet {
private static final long serialVersionUID = 1L;public ActionServlet() {super();}protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {doPost(request, response);}protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {request.setCharacterEncoding("UTF-8");response.setContentType("text/html;charset=UTF-8");PrintWriter out = response.getWriter();String uri = request.getRequestURI();String action = uri.substring(uri.lastIndexOf("/")+1, uri.lastIndexOf("."));if(action.equals("login")){String name = request.getParameter("uname");String pwd = request.getParameter("pwd");String number = request.getParameter("vcode");HttpSession session = request.getSession();String code = session.getAttribute("code").toString();if(number.equals(code)&&name.equals("111")&&pwd.equals("111")){session.setAttribute("uname", name);response.sendRedirect(response.encodeRedirectUrl("index.jsp"));} else{request.setAttribute("msg", "用户名或密码错误");request.getRequestDispatcher("login.jsp").forward(request, response);}}else if(action.equals("logout")){HttpSession session = request.getSession();session.invalidate();response.sendRedirect("login.jsp");}out.close();}
}
login.jsp代码
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<script type="text/javascript"></script>
<style type="text/css">.s1 {cursor: pointer;} </style>
</head><body><form action="" method="post">姓名:<input type="text" /><br> 密码:<input type="password" /><br>验证码:<input type="text" /> <img src="code" onclick="this.src='code?'+Math.random()" class="s1" title="点击更换"><br><input type="submit" value="提交" /></form>
</body>
</html>
web.xml代码
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5"><display-name>verificationCode</display-name><servlet><servlet-name>ValidateCode</servlet-name><servlet-class>com.verificationCode.servelet.ValidateCode</servlet-class></servlet><servlet-mapping><servlet-name>ValidateCode</servlet-name><url-pattern>/code</url-pattern></servlet-mapping><servlet><servlet-name>ActionServlet</servlet-name><servlet-class>com.verificationCode.servelet.ActionServlet</servlet-class></servlet><servlet-mapping><servlet-name>ActionServlet</servlet-name><url-pattern>*.do</url-pattern></servlet-mapping>
</web-app>