关闭

(servelet)验证码

标签: 验证码servlet
238人阅读 评论(0) 收藏 举报
分类:

验证码的作用

  • 为了防止机器人的破坏操作,可以使用验证码技术来防止恶意的发送数据。
  • 验证码本质上是一张动态产生的图片。
  • 图片的内容会随着程序的运行而随机产生。

验证码的绘制

  • 验证码图片的生成需要使用java提供的与绘图有关的一系列API。
  • 想要绘图,需要画板,画笔,颜料,背景色,字体等多种类对象配合完成。

验证码图片的绘制步骤

  • 1、创建一个内存画板对象
  • 2、获取画笔
  • 3、为画笔指定颜色
  • 4、为画板设置背景色
  • 5、绘制一个随机的字符串
  • 6、修改画笔颜色
  • 7、绘制多条干扰线
  • 8、压缩图片并输出到客户端
package com.verificationCode.servelet;

import java.awt.Color;
import java.awt.Font;
import java.awt.Graphics;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Random;

import javax.imageio.ImageIO;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class ValidateCode extends HttpServlet {
    private static final long serialVersionUID = 1L;
    public ValidateCode() {
        super();
    }
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        doPost(request, response);
    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        //0、创建空白图片
        BufferedImage image = new BufferedImage(100, 30, BufferedImage.TYPE_INT_RGB);
        //1、获取图片画笔
        Graphics g = image.getGraphics();
        Random r = new Random();
        //2、设置画笔颜色
        g.setColor(new Color(r.nextInt(255), r.nextInt(255), r.nextInt(255)));
        //3、绘制矩形的背景
        g.fillRect(0, 0, 100, 30);
        //4、调用自定义的方法,获取长度为5的字母数字组合的字符串
        String number = getNumber(5);
        HttpSession session = request.getSession();
        session.setAttribute("code", number);
        g.setColor(new Color(0, 0, 0));
        g.setFont(new Font(null, Font.BOLD, 24));
        //5、设置颜色字体后,绘制字符串
        g.drawString(number, 5, 25);
        //6、绘制8条干扰线
        for(int i = 0;i<8;i++){
            g.setColor(new Color(r.nextInt(255), r.nextInt(255), r.nextInt(255), r.nextInt(255)));
            g.drawLine(r.nextInt(100), r.nextInt(30), r.nextInt(100), r.nextInt(30));
        }
        response.setContentType("image/jpeg");
        OutputStream ops = response.getOutputStream();
        ImageIO.write(image, "jpeg", ops);
        ops.close();
    }

    private String getNumber(int size){
        String str = "ASDFGHJLPOIUYTREWQZXCVBNM";
        String number = "";
        Random r = new Random();
        for(int i = 0 ; i<size;i++){
            number += str.charAt(r.nextInt(str.length()));
        }
        return number;
    }
}

验证码的验证流程

  • 请求带有验证码的页面时:
    • 通过img标签的src属性获取验证码图片
    • 服务器端生成随机字符串,并绘制
    • 服务器端将生成的随机字符串绑定到session中
  • 提交表单及填写的验证码内容时:
    • 处理程序将session中绑定的正确的验证码字符串取出来
    • 获取表单提交时填写的验证码内容
    • 比较两者,根据结果做出判断
package com.verificationCode.servelet;

import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class ActionServlet extends HttpServlet {
    private static final long serialVersionUID = 1L;
    public ActionServlet() {
        super();
    }
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        doPost(request, response);
    }


    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        request.setCharacterEncoding("UTF-8");
        response.setContentType("text/html;charset=UTF-8");
        PrintWriter out = response.getWriter();
        String uri = request.getRequestURI();
        String action = uri.substring(uri.lastIndexOf("/")+1, uri.lastIndexOf("."));
        //判断动作是否为登录
        if(action.equals("login")){
            String name = request.getParameter("uname");
            String pwd = request.getParameter("pwd");
            String number = request.getParameter("vcode");
            HttpSession session = request.getSession();
            String code = session.getAttribute("code").toString();
            if(number.equals(code)&&name.equals("111")&&pwd.equals("111")){
                //编程式--设定session超时时间为10秒
                //session.setMaxInactiveInterval(10);
                session.setAttribute("uname", name);
                //重定向到首页
                //response.sendRedirect("index.jsp");
                response.sendRedirect(response.encodeRedirectUrl("index.jsp"));
            } else{
                //登录失败
                request.setAttribute("msg", "用户名或密码错误");
                request.getRequestDispatcher("login.jsp").forward(request, response);
            }
        }else if(action.equals("logout")){
            HttpSession session = request.getSession();
            //session失效
            session.invalidate();
            response.sendRedirect("login.jsp");
        }
        out.close();
    }
}
login.jsp代码
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<script type="text/javascript"></script>
<style type="text/css">
    .s1 {
        cursor: pointer;
    }
</style>
</head>

<body>
    <form action="" method="post">
        姓名:<input type="text" /><br> 
        密码:<input type="password" /><br>
        验证码:<input type="text" /> 
        <img src="code" onclick="this.src='code?'+Math.random()" class="s1" title="点击更换"><br>
        <input type="submit" value="提交" />
    </form>
</body>
</html>
web.xml代码
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
  <display-name>verificationCode</display-name>

  <servlet>
    <servlet-name>ValidateCode</servlet-name>
    <servlet-class>com.verificationCode.servelet.ValidateCode</servlet-class>
  </servlet>

  <servlet-mapping>
    <servlet-name>ValidateCode</servlet-name>
    <url-pattern>/code</url-pattern>
  </servlet-mapping>

  <servlet>
    <servlet-name>ActionServlet</servlet-name>
    <servlet-class>com.verificationCode.servelet.ActionServlet</servlet-class>
  </servlet>

  <servlet-mapping>
    <servlet-name>ActionServlet</servlet-name>
    <url-pattern>*.do</url-pattern>
  </servlet-mapping>
</web-app>
0
0

查看评论
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
    个人资料
    • 访问:62749次
    • 积分:1988
    • 等级:
    • 排名:第19673名
    • 原创:123篇
    • 转载:53篇
    • 译文:1篇
    • 评论:5条