后台生成验证码并往客户端和后台各发一份,进行下一步登录判断
package cn.hncu.servlet;
import java.awt.Color;
import java.awt.Font;
import java.awt.Graphics;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.util.Random;
import javax.imageio.ImageIO;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class imgDemo extends HttpServlet {
@Override
protected void service(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
// ☆1☆--相比纯java方式有变化的地方
resp.setContentType("image/jpeg");// 设置http响应头---告诉浏览器我现在发的是这个图片格式的数据,你用相应的方式来解析
// 定义图片的宽和高
int w = 60;
int h = 30;
// 声明一个RGB格式的内存中的图片
BufferedImage img = new BufferedImage(w, h, BufferedImage.TYPE_INT_RGB);
Graphics g = img.getGraphics();
// 把背景变白色
g.setColor(Color.white);
g.fillRect(0, 0, w, h);
// 设置字体
g.setFont(new Font("aa", Font.BOLD, 18));
// 产生并draw出4个随机数字
Random r = new Random();
String code = "";
for (int i = 0; i < 4; i++) {
int a = r.nextInt(10);// 生成0~9之间的随机整数
int y = 15 + r.nextInt(20);// 产生随机的垂直位置
// 产生随机颜色
Color c = new Color(r.nextInt(256), r.nextInt(256), r.nextInt(256));
g.setColor(c);
g.drawString("" + a, i * 15, y);
code += a;//生成真正的验证码
}
req.getSession().setAttribute("code", code);//把真正的验证码发送
// 画几条干扰线
for (int i = 0; i < 10; i++) {
// 产生随机颜色
Color c = new Color(r.nextInt(256), r.nextInt(256), r.nextInt(256));
g.setColor(c);
g.drawLine(r.nextInt(60), r.nextInt(30), r.nextInt(60),
r.nextInt(30));
}
g.dispose();// 类似于IO中的flush(),把图形数据刷到img中
// 把内存图片img对象保存到一个jpg文件
ImageIO.write(img, "JPEG", resp.getOutputStream());// ☆2☆
}
}
将后台发来的验证码code和前端发送请求的验证码code进行比较,正确则输出登录成功,否则失败,在进行每次操作后,需要把当前session销毁,否则,验证码是不会更新的
package cn.hncu.servlet2;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class LoginServlet2 extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">");
out.println("<HTML>");
out.println(" <HEAD><TITLE>A Servlet</TITLE></HEAD>");
out.println(" <BODY>");
// 获取用户上传参数中的验证码--待测数据
String code = request.getParameter("code");
// 获取session中的验证码的标准答案
String scode = (String) request.getSession().getAttribute("code");
request.getSession().removeAttribute("code");//把旧的验证码失效,无论这次是否成功都要失效
if (scode == null || !scode.equals(code)) {
out.println("验证码输入错误!");
} else {// 验证码正确的情况
// 把用户名和密码提交给后台数据库去校验
String name = request.getParameter("name");
String pwd = request.getParameter("pwd");
if (name != null && name.trim().equals(pwd)) {
out.println("登录成功");
} else {
out.println("登录失败");
}
}
out.println(" </BODY>");
out.println("</HTML>");
out.flush();
out.close();
}
}