验证码的作用
- 为了防止机器人的破坏操作,可以使用验证码技术来防止恶意的发送数据。
- 验证码本质上是一张动态产生的图片。
- 图片的内容会随着程序的运行而随机产生。
验证码的绘制
- 验证码图片的生成需要使用java提供的与绘图有关的一系列API。
- 想要绘图,需要画板,画笔,颜料,背景色,字体等多种类对象配合完成。
验证码图片的绘制步骤
- 1、创建一个内存画板对象
- 2、获取画笔
- 3、为画笔指定颜色
- 4、为画板设置背景色
- 5、绘制一个随机的字符串
- 6、修改画笔颜色
- 7、绘制多条干扰线
- 8、压缩图片并输出到客户端
package com.verificationCode.servelet;
import java.awt.Color;
import java.awt.Font;
import java.awt.Graphics;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Random;
import javax.imageio.ImageIO;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class ValidateCode extends HttpServlet {
private static final long serialVersionUID = 1L;
public ValidateCode() {
super();
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
BufferedImage image = new BufferedImage(100, 30, BufferedImage.TYPE_INT_RGB);
Graphics g = image.getGraphics();
Random r = new Random();
g.setColor(new Color(r.nextInt(255), r.nextInt(255), r.nextInt(255)));
g.fillRect(0, 0, 100, 30);
String number = getNumber(5);
HttpSession session = request.getSession();
session.setAttribute("code", number);
g.setColor(new Color(0, 0, 0));
g.setFont(new Font(null, Font.BOLD, 24));
g.drawString(number, 5, 25);
for(int i = 0;i<8;i++){
g.setColor(new Color(r.nextInt(255), r.nextInt(255), r.nextInt(255), r.nextInt(255)));
g.drawLine(r.nextInt(100), r.nextInt(30), r.nextInt(100), r.nextInt(30));
}
response.setContentType("image/jpeg");
OutputStream ops = response.getOutputStream();
ImageIO.write(image, "jpeg", ops);
ops.close();
}
private String getNumber(int size){
String str = "ASDFGHJLPOIUYTREWQZXCVBNM";
String number = "";
Random r = new Random();
for(int i = 0 ; i<size;i++){
number += str.charAt(r.nextInt(str.length()));
}
return number;
}
}
验证码的验证流程
- 请求带有验证码的页面时:
- 通过img标签的src属性获取验证码图片
- 服务器端生成随机字符串,并绘制
- 服务器端将生成的随机字符串绑定到session中
- 提交表单及填写的验证码内容时:
- 处理程序将session中绑定的正确的验证码字符串取出来
- 获取表单提交时填写的验证码内容
- 比较两者,根据结果做出判断
package com.verificationCode.servelet;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class ActionServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
public ActionServlet() {
super();
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
request.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
String uri = request.getRequestURI();
String action = uri.substring(uri.lastIndexOf("/")+1, uri.lastIndexOf("."));
if(action.equals("login")){
String name = request.getParameter("uname");
String pwd = request.getParameter("pwd");
String number = request.getParameter("vcode");
HttpSession session = request.getSession();
String code = session.getAttribute("code").toString();
if(number.equals(code)&&name.equals("111")&&pwd.equals("111")){
session.setAttribute("uname", name);
response.sendRedirect(response.encodeRedirectUrl("index.jsp"));
} else{
request.setAttribute("msg", "用户名或密码错误");
request.getRequestDispatcher("login.jsp").forward(request, response);
}
}else if(action.equals("logout")){
HttpSession session = request.getSession();
session.invalidate();
response.sendRedirect("login.jsp");
}
out.close();
}
}
login.jsp代码
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<script type="text/javascript"></script>
<style type="text/css">
.s1 {
cursor: pointer;
}
</style>
</head>
<body>
<form action="" method="post">
姓名:<input type="text" /><br>
密码:<input type="password" /><br>
验证码:<input type="text" />
<img src="code" onclick="this.src='code?'+Math.random()" class="s1" title="点击更换"><br>
<input type="submit" value="提交" />
</form>
</body>
</html>
web.xml代码
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>verificationCode</display-name>
<servlet>
<servlet-name>ValidateCode</servlet-name>
<servlet-class>com.verificationCode.servelet.ValidateCode</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>ValidateCode</servlet-name>
<url-pattern>/code</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>ActionServlet</servlet-name>
<servlet-class>com.verificationCode.servelet.ActionServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>ActionServlet</servlet-name>
<url-pattern>*.do</url-pattern>
</servlet-mapping>
</web-app>