1.验证码及其作用
验证码:就是将一串随机产生的数字或符号,生成一幅图片, 图片里加上一些干扰象素(防止OCR),由用户肉眼识别其中的验证码信息,输入表单提交网站验证,验证成功后才能使用某项功能。
作用:验证码一般是防止有人利用机器人自动批量注册、对特定的注册用户用特定程序暴力破解方式进行不断的登陆、灌水。因为验证码是一个混合了数字或符号的图片,人眼看起来都费劲,机器识别起来就更困难。像百度贴吧未登录发贴要输入验证码大概是防止大规模匿名回帖的发生。
2.示例目录结构
3.详细代码
AuthCode.java
- public class AuthCode {
- public static final int AUTHCODE_LENGTH = 5; //验证码长度
- public static final int SINGLECODE_WIDTH = 15; //单个验证码宽度
- public static final int SINGLECODE_HEIGHT = 30; //单个验证码高度
- public static final int SINGLECODE_GAP = 4; //单个验证码之间间隔
- public static final int IMG_WIDTH = AUTHCODE_LENGTH * (SINGLECODE_WIDTH + SINGLECODE_GAP);
- public static final int IMG_HEIGHT = SINGLECODE_HEIGHT;
- public static String getAuthCode() {
- String authCode = "";
- for(int i = 0; i < AUTHCODE_LENGTH; i++) {
- authCode += (new Random()).nextInt(10);
- }
- return authCode;
- }
- public static BufferedImage getAuthImg(String authCode) {
- //设置图片的高、宽、类型
- //RGB编码:red、green、blue
- BufferedImage img = new BufferedImage(IMG_WIDTH, IMG_HEIGHT, BufferedImage.TYPE_INT_BGR);
- //得到图片上的一个画笔
- Graphics g = img.getGraphics();
- //设置画笔的颜色,用来做背景色
- g.setColor(Color.YELLOW);
- //用画笔来填充一个矩形,矩形的左上角坐标,宽,高
- g.fillRect(0, 0, IMG_WIDTH, IMG_HEIGHT);
- //将画笔颜色设置为黑色,用来写字
- g.setColor(Color.BLACK);
- //设置字体:宋体、不带格式的、字号
- g.setFont(new Font("宋体", Font.PLAIN, SINGLECODE_HEIGHT + 5));
- //输出数字
- char c;
- for(int i = 0; i < authCode.toCharArray().length; i++) {
- //取到对应位置的字符
- c = authCode.charAt(i);
- //画出一个字符串:要画的内容,开始的位置,高度
- g.drawString(c + "", i * (SINGLECODE_WIDTH + SINGLECODE_GAP)+ SINGLECODE_GAP / 2, IMG_HEIGHT);
- }
- Random random = new Random();
- //干扰素
- for(int i = 0; i < 20; i++) {
- int x = random.nextInt(IMG_WIDTH);
- int y = random.nextInt(IMG_HEIGHT);
- int x2 = random.nextInt(IMG_WIDTH);
- int y2 = random.nextInt(IMG_HEIGHT);
- g.drawLine(x, y, x + x2, y + y2);
- }
- return img;
- }
- }
- public class getAuthCodeServlet extends HttpServlet {
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- String authCode = AuthCode.getAuthCode();
- request.getSession().setAttribute("authCode", authCode); //将验证码保存到session中,便于以后验证
- try {
- //发送图片
- ImageIO.write(AuthCode.getAuthImg(authCode), "JPEG", response.getOutputStream());
- } catch (IOException e){
- e.printStackTrace();
- }
- }
- }
- <%@ page language="java" contentType="text/html; charset=UTF-8"
- pageEncoding="UTF-8"%>
- <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
- <html>
- <head>
- <script>
- function refresh() {
- document.getElementById("authImg").src = "getAuthCode.do";
- }
- </script>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <title>Insert title here</title>
- </head>
- <body>
- <form action="checkCode.jsp" method="post">
- <img src="getAuthCode.do" id="authImg"/><a href="#" onClick="refresh()">看不清</a><br>
- <input type="text" name="inputCode"><br>
- <input type="submit" value="提交">
- </form>
- </body>
- </html>
checkCode.jsp
- <%@ page language="java" contentType="text/html; charset=UTF-8"
- pageEncoding="UTF-8"%>
- <%
- if(request.getParameter("inputCode").equals(session.getAttribute("authCode"))) {
- out.print("输入正确");
- }else{
- out.print("输入错误");
- }
- %>
- <a href="javascript:history.go(-1)">返回</a>