这个是在user.php下的一个action:
function scode(){
//include_once( __DIR__.'/include.php' );
Header("Content-type: image/gif");
$border = 1; //是否要边框 1要:0不要
$how = 4; //验证码位数
$w = $how*15; //图片宽度
$h = 20; //图片高度
$fontsize = 5; //字体大小
$alpha = "abcdefghijkmnopqrstuvwxy
z"; //验证码内容1:字母
$number = "023456789"; //验证码内容2:数字
$randcode = ""; //验证码字符串初始化
srand((double)microtime()*1000000); //初始化随机数种子
$im = ImageCreate($w, $h); //创建验证图片
$bgcolor = ImageColorAllocate($im, 255, 255, 255); //设置背景颜色
ImageFill($im, 0, 0, $bgcolor); //填充背景色
if($border)
{
$black = ImageColorAllocate($im, 0, 0, 0); //设置边框颜色
ImageRectangle($im, 0, 0, $w-1, $h-1, $black);//绘制边框
}
for($i=0; $i<$how; $i++)
{
$alpha_or_number = mt_rand(0, 1); //字母还是数字
//
$alpha_or_number = 0;
$str = $alpha_or_number ? $alpha : $number;
$which = mt_rand(0, strlen($str)-1); //取哪个字符
if ( $which == 0 || $which=='o' || $which == "O") {
$i--;
continue;
}
$code = substr($str, $which, 1); //取字符
$j = !$i ? 4 : $j+15; //绘字符位置
$color3 = ImageColorAllocate($im, mt_rand(0,100), mt_rand(0,100), mt_rand(0,100)); //字符随即颜色
ImageChar($im, $fontsize, $j, 3, $code, $color3); //绘字符
$randcode .= $code; //逐位加入验证码字符串
}
for($i=0; $i<$how*40; $i++)//绘背景干扰点
{
$color2 = ImageColorAllocate($im, mt_rand(100,200), mt_rand(100,200), mt_rand(100,200)); //干扰点颜色
ImageSetPixel($im, mt_rand(0,$w), mt_rand(0,$h), $color2); //干扰点
}
//把验证码字符串写入session
// if(!session_id())session_start();
XSession::set('security_code', $randcode);
XSession::set('security_code_time', time());
//$_SESSION['randcode'] = $randcode;
// $_SESSION['randcode_time'] = time();
Imagegif($im);
ImageDestroy($im);
}
访问某个页面时的action中植入如下代码:
$flag = check_ip();
$msg = '';
if(!$flag&&isset($_REQUEST['scode'])&&isset($_SESSION['security_code']) ){
$scode = $_REQUEST['scode'];
if((time()-XSession::get('security_code_time'))>180){
$msg = '
验证码超时';
$flag = false;
}
if(!$scode or $scode!=XSession::get('security_code')){
$msg = '
验证码输入错误';
$flag = false;
}else{
allow_ip();
$flag=true;
}
}
if(!$flag){
if(isset($_REQUEST['wid'])){
$k = 'wid';
$v = $_REQUEST['wid'];
}elseif(isset($_REQUEST['wname'])){
$k = 'wname';
$v = $_REQUEST['wname'];
}
echo '';
echo $msg;
echo ' 请输入验证码:
换一张?
';
echo '';
exit(0);
}
。
关于IP地址的监测:
function check_ip(){
return false;
}
function allow_ip(){
$mmc=memcache_init();
if($mmc==false)
echo "mc init failed\n";
else
{
$ip = $_SERVER["REMOTE_ADDR"];
$key = dechex(ip2long($ip));
memcache_set($mmc,$key,1,0,60);
}
return false;
}