<p>目前,不少网站为了防止用户利用机器人自动注册、登录、灌水,都采用了验证码技术。Java中可由以下代码生成验证码:</p> <p>编写一个Servlet,用于生成验证码图片: </p> <div style="padding-bottom: 0px; margin: 0px; padding-left: 0px; padding-right: 0px; display: inline; float: none; padding-top: 0px" id="scid:9D7513F9-C04C-4721-824A-2B34F0212519:084fea2b-ea79-4959-9a7c-42e2f8836033" class="wlWriterEditableSmartContent"><pre class="brush: java; gutter: true; first-line: 1; tab-size: 4; toolbar: true; width: 894px; height: 575px;" style=" width: 894px; height: 575px;overflow: auto;">package flybug.hq.vcode;
import java.awt.Color; import java.awt.Font; import java.awt.Graphics; import java.awt.image.BufferedImage; import java.io.IOException; import java.util.Random;
import javax.imageio.ImageIO; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession;
public class GenImageServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doPost(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.setCharacterEncoding("UTF-8");
response.setContentType("image/jpeg");
//创建图像
int width = 80;
int height = 40;
BufferedImage image = new BufferedImage(width, height, BufferedImage.TYPE_INT_RGB);
//创建图层,获得画笔
Graphics g = image.getGraphics();
//设置颜色
g.setColor(Color.BLACK);
//画出矩形
g.fillRect(0, 0, width, height);
//画出边框
g.setColor(Color.WHITE);
g.fillRect(1, 1, width-2, height-2);
//填充字符
String data = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890";
//设置字体
g.setFont(new Font("宋体", Font.BOLD, 30));
Random random = new Random();
StringBuffer buff = new StringBuffer();
//随机生成4个字符
for (int i = 0; i < 4; i++) {
int index = random.nextInt(62);
String str = data.substring(index, index + 1);
g.setColor(new Color(random.nextInt(255), random.nextInt(255), random.nextInt(255)));
g.drawString(str, 20 * i, 30);
buff.append(str);
}
//将得到的字符串保存到session中
HttpSession session = request.getSession();
session.setAttribute("vCode", buff.toString());
//画出10条干扰线
for (int i = 0; i < 10; i++) {
g.setColor(new Color(random.nextInt(255), random.nextInt(255), random.nextInt(255)));
g.drawLine(random.nextInt(width), random.nextInt(height), random.nextInt(width), random.nextInt(height));
}
g.dispose();
ImageIO.write(image, "jpg", response.getOutputStream());
}
} </pre><!-- Code inserted with Steve Dunn's Windows Live Writer Code Formatter Plugin. http://dunnhq.com --></div>
<p> </p>
<p>编写一个jsp页面,用于显示该验证码: </p>
<div style="padding-bottom: 0px; margin: 0px; padding-left: 0px; padding-right: 0px; display: inline; float: none; padding-top: 0px" id="scid:9D7513F9-C04C-4721-824A-2B34F0212519:6e6bbe8a-a52f-4aad-bb8c-e4362cd8118c" class="wlWriterEditableSmartContent"><pre class="brush: xml; gutter: true; first-line: 1; tab-size: 4; toolbar: true; width: 936px; height: 575px;" style=" width: 936px; height: 575px;overflow: auto;"><%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>">
<title>My JSP 'index.jsp' starting page</title>
<script type="text/javascript">
function _changeImage() {
var url = document.getElementById("img");
url.src = "<c:url value='/GenImageServlet' />";
}
</script>
</head>
<body> <form action="<c:url value='ValidateServlet' />" method="post"> <input type="text" name="vCode" /><img src="<c:url value='/GenImageServlet' />"> <a href="javascript:_changeImage();">看不清</a><br /> <input type="submit" value="提交" /> </form> </body>
</html> </pre><!-- Code inserted with Steve Dunn's Windows Live Writer Code Formatter Plugin. http://dunnhq.com --></div>
<p>显示结果样例:</p>
<p><a href="http://static.oschina.net/uploads/img/201309/09181447_lKRG.png"><img style="background-image: none; border-right-width: 0px; margin: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px; padding-top: 0px" title="image" border="0" alt="image" src="http://static.oschina.net/uploads/img/201309/09181450_bGKt.png" width="244" height="72" /></a></p>
<p> </p>
<p>如上图,点击看不清,更换验证码。在上述jsp代码中的js脚本,图片请求的URL没有变,浏览器默认缓存的情况下,点击看不清,验证码刷新不了;为此可以添加一个过滤器,用于设置浏览器不缓存该图片,代码如下: </p>
<div style="padding-bottom: 0px; margin: 0px; padding-left: 0px; padding-right: 0px; display: inline; float: none; padding-top: 0px" id="scid:9D7513F9-C04C-4721-824A-2B34F0212519:5fb5d6c0-a3da-45d3-8f67-b9de58824601" class="wlWriterEditableSmartContent"><pre class="brush: java; gutter: true; first-line: 1; tab-size: 4; toolbar: true; width: 936px; height: 575px;" style=" width: 936px; height: 575px;overflow: auto;">package flybug.hq.vcode;
import java.io.IOException;
import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletResponse;
public class CacheCtrlFilter implements Filter {
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp,
FilterChain chain) throws IOException, ServletException {
//强转
HttpServletResponse response = (HttpServletResponse)resp;
//设置不缓存的响应头
response.setHeader("expires", "-1");
response.setHeader("pragma", "no-cache");
response.setHeader("cache-control", "no-cache, no-store,must-revalidate");
//放行
chain.doFilter(req, resp);
}
public void init(FilterConfig config) throws ServletException {
}
} </pre><!-- Code inserted with Steve Dunn's Windows Live Writer Code Formatter Plugin. http://dunnhq.com --></div>
<p>在web.xml文件中配置:</p>
<div style="padding-bottom: 0px; margin: 0px; padding-left: 0px; padding-right: 0px; display: inline; float: none; padding-top: 0px" id="scid:9D7513F9-C04C-4721-824A-2B34F0212519:c85c5382-6764-4eb0-b047-0ceab1626109" class="wlWriterEditableSmartContent"><pre class="brush: xml; gutter: true; first-line: 1; tab-size: 4; toolbar: true; width: 936px; height: 575px;" style=" width: 936px; height: 575px;overflow: auto;"><?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <display-name></display-name>
<filter> <filter-name>CacheCtrlFilter</filter-name> <filter-class>flybug.hq.vcode.CacheCtrlFilter</filter-class> </filter>
<filter-mapping> <filter-name>CacheCtrlFilter</filter-name> <url-pattern>/GenImageServlet</url-pattern> </filter-mapping> <servlet> <description> </description> <display-name> </display-name> <servlet-name>GenImageServlet</servlet-name> <servlet-class>flybug.hq.vcode.GenImageServlet</servlet-class> </servlet> <servlet> <description> </description> <display-name> </display-name> <servlet-name>ValidateServlet</servlet-name> <servlet-class>flybug.hq.vcode.ValidateServlet</servlet-class> </servlet>
<servlet-mapping> <servlet-name>GenImageServlet</servlet-name> <url-pattern>/GenImageServlet</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>ValidateServlet</servlet-name> <url-pattern>/ValidateServlet</url-pattern> </servlet-mapping>
<welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> </web-app> </pre><!-- Code inserted with Steve Dunn's Windows Live Writer Code Formatter Plugin. http://dunnhq.com --></div>
<ul> <li>web.xml中还配置了用来验证输入的验证码是否正确的ValidateServlet,且每个验证码只能用一次,返回就应该失效: </li> </ul>
<div style="padding-bottom: 0px; margin: 0px; padding-left: 0px; padding-right: 0px; display: inline; float: none; padding-top: 0px" id="scid:9D7513F9-C04C-4721-824A-2B34F0212519:241e1951-6dda-4549-b2e4-7e3ed79ceb2e" class="wlWriterEditableSmartContent"><pre class="brush: java; gutter: true; first-line: 1; tab-size: 4; toolbar: true; width: 936px; height: 575px;" style=" width: 936px; height: 575px;overflow: auto;">package flybug.hq.vcode;
import java.io.IOException; import java.io.PrintWriter;
import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession;
public class ValidateServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doPost(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.setCharacterEncoding("UTF-8");
response.setContentType("text/html; charset=utf-8");
PrintWriter out = response.getWriter();
//获得用户填写的验证码
String userVCode = request.getParameter("vCode");
//获得session中验证码
HttpSession session = request.getSession();
String genVCode = (String)session.getAttribute("vCode");
//判断是否相同
if(genVCode != null) {
if(genVCode.equalsIgnoreCase(userVCode)) {
out.println("验证通过!");
} else {
out.println("验证码错误!");
}
//验证码只允许用一次
session.removeAttribute("vCode");
} else {
out.println("验证码失效!");
}
}
} </pre><!-- Code inserted with Steve Dunn's Windows Live Writer Code Formatter Plugin. http://dunnhq.com --></div>
<p> </p>
<p> </p>
<blockquote> <p>注:该过滤器中设置的头信息在Firefox中有些问题,在网上查了很久也没有找到有效设置Firefox不缓存的头信息。若要达到更换验证码的效果,可以将js脚本改为:</p>
<div style="padding-bottom: 0px; margin: 0px; padding-left: 0px; padding-right: 0px; display: inline; float: none; padding-top: 0px" id="scid:9D7513F9-C04C-4721-824A-2B34F0212519:80641dd0-423b-4def-a994-3546477ef682" class="wlWriterEditableSmartContent"><pre class="brush: xml; gutter: true; first-line: 1; tab-size: 4; toolbar: true; width: 936px; height: 128px;" style=" width: 936px; height: 128px;overflow: auto;"> <script type="text/javascript"> function _changeImage() { var url = document.getElementById("img"); url.src = "<c:url value='/GenImageServlet' />?" + new Date().getMilliseconds(); } </script></pre><!-- Code inserted with Steve Dunn's Windows Live Writer Code Formatter Plugin. http://dunnhq.com --></div>
<p>但这样做的话,可能会使浏览器缓存膨胀。菜鸟一枚,bug众多,努力,学习中……若有好的解决方法,欢迎指点!</p></blockquote>