ASP and Verification code

Verification Code

Now you have to apply for a QQ number, you need to enter a very complex verification code: The verification code consists of a number of Chinese characters, plus the background of the Flower Mile Bluff, making some Chinese characters are really difficult to identify. Tencent did so in order to prevent people from using software to get QQ number----each commit to input randomly generated verification code, which is difficult to do software.

The initial verification code is just a few randomly generated numbers. But while Outsmart, who soon had the ability to identify digital software, "collectors" use the software to get their accounts in batches or to detect passwords, because the software can continually submit them tirelessly. So, there is a picture of the form of the verification code, but also to add an irregular background, since the human eyes are difficult to distinguish, want to distinguish between the software is a certain degree of difficulty. But Tencent began to use Chinese characters to do the verification code, is not meant to crack the verification code of the technology has made new progress, with the background of the digital or letter-image form of the verification code, can also be resolved by the software?

And no matter how many, let's talk about ASP generate verification code.

Or from the simplest example, to understand the basic idea of verification code.

The first example, when the form is displayed, generates a 4-bit random number as the verification code, passing the verification code using the session, in the data processing page, than the user entered the verification code and the value in the session is consistent. By the way, I've seen some confused guys. Using the hidden type input control to pass the authentication code, the data is exposed by viewing the page source code. There is also the same data in the password type of input.

<%
'**********************************
' * NAME:post.asp *
' * Code:netops (www.netop.cc) *
' * Use: Verification code example ONE: digital type *
' * time:2005.7 *
'**********************************
Response.Buffer = True
Dim Checkcode

Response.Write "' ======*** form submitted after: ***======
If Request.ServerVariables ("request_method") = "POST" Then
Dim founderr,callform,msg
Founderr = False ' Whether any errors occurred
Callform = False ' whether to invoke the form
msg = "" ' hint info

   ' ============== verification code validation start ===========
   Dim Sessioncode
   Sessioncode = Session ("Chkcode")
   session ("Chkcode") = ""
   Checkcode = Trim (Request.Form ("Chkcode"))
   If Checkcode = "" Then
      msg = msg + "< Li> please fill in the Verification code "
      Founderr = True
      Callform = True
   ElseIf CStr (checkcode) <> CStr (sessioncode) then  
       MSG = msg + <li> authenticode incorrect
      Founderr = True
       Callform = True
   End If
   ' ================== verification code verification Ending = = ======

If Founderr = True Then
Call Message ("500")
If Callform = True Then call MyForm ()
Else
msg = "<li> operation successful!" "
Call Message ("500")
End If

' ======*** page initialization (before form submission) ***======
Else
Checkcode = ""
Call MyForm ()
End If

Response.Write "</body>

REM child process, defining form
Sub MyForm ()
Response.Write "<table width=500 border=1 cellspacing=0 cellpadding=5" align=center>
"<form name=form1 method=post action=post.asp>" &_
"<tr height=30><td rowspan=2 width=100 align=center> Verification Code </td>" &_
"<td><input type=text name=chkcode size=10>" &_
Getchkcode () & "</td></tr>" &_
"<tr height=30><td> please fill in the text box to the right of the CAPTCHA code </td></tr>" &_
"<tr height=30><td colspan=2 align=center>" &_
"<input type=submit name=submit value= submission ></td></tr>" &_
"</form></table>"
End Sub

Rem child function, generating verification code (four-bit random number)
function Getchkcode ()
Dim rannum
Randomize
Rannum=int (9000*RND) +1000
Session ("Chkcode") = Rannum
Getchkcode = Rannum
End Function

rem hint
sub Message (w)
   Response.Write "<table width=" &w & "Border=1 cellspacing=0 cellpadding=5 align=center>" &_
                   "<TR height=30><td> hint information </td></ Tr> "&_
                   "<tr valign=top><td style=" "color:red;" > &msg& </td></tr></table>
End Sub
%>

The above code shows the general idea of generating the verification code, generating a four-bit random number as the verification code, which is the simplest and most unsafe method.
Perhaps you think of it, you can use each digit corresponding to a picture, generate a picture of the verification code, like a picture counter that deal with. This is not a good idea, it is not essentially different from the numeric verification code, and it does not improve security.
Below, describes how to generate a picture-type verification code.
First of all, you can generate XBM type of authentication code through ASP, this is indeed a picture of the XBM format, and you can set the size of the picture arbitrarily. For the sake of simplicity, we still take figures for example.
The code that generates the CAPTCHA can be created independently, named checkcode.asp:

<%
'**********************************************
' * NAME:checkcode.asp *
' * Code:netops (www.netop.cc) *
' * Use: Generate verification code for XBM format *
' * time:2005.7 *
'**********************************************
On Error Resume Next
Dim i
Dim countdata
Countdata= "1234567890"
Dim Rou,chkcode,chklen
Chkcode= ""
Chklen = 4
Randomize
For I=1 to 4
rou = Int (rnd*10)
Chkcode = Chkcode + CStr (ROU)
Next

Dim strdigits
Strdigits = Array (_
"0", "0x3c", "0x66", "0x66", "0x66", "0x66", "0x66", "0x66", "0x66", "0x66", "0x3c", _
"1", "0x30", "0x38", "0x30", "0x30", "0x30", "0x30", "0x30", "0x30", "0x30", "0x30", _
"2", "0x3c", "0x66", "0x60", "0x60", "0x30", "0x18", "0x0c", "0x06", "0x06", "0x7e", _
"3", "0x3c", "0x66", "0x60", "0x60", "0x38", "0x60", "0x60", "0x60", "0x66", "0x3c", _
"4", "0x30", "0x30", "0x38", "0x38", "0x34", "0x34", "0x32", "0x7e", "0x30", "0x78", _
"5", "0x7e", "0x06", "0x06", "0x06", "0x3e", "0x60", "0x60", "0x60", "0x66", "0x3c", _
"6", "0x38", "0x0c", "0x06", "0x06", "0x3e", "0x66", "0x66", "0x66", "0x66", "0x3c", _
"7", "0x7e", "0x66", "0x60", "0x60", "0x30", "0x30", "0x18", "0x18", "0x0c", "0x0c", _
"8", "0x3c", "0x66", "0x66", "0x66", "0x3c", "0x66", "0x66", "0x66", "0x66", "0x3c", _
"9", "0x3c", "0x66", "0x66", "0x66", "0x66", "0x7c", "0x60", "0x60", "0x30", "0x1c")

Dim icharwidth,icharheight,thebit,thenum,irow,k,theoffset
Dim imagestr
Imagestr = ""

Icharwidth = 8
icharheight= 10*1
Response.ContentType = "Image/x-xbitmap"
Response.Expires =0
Response.Write "#define Counter_width" &AMP;ICHARWIDTH*CHKLEN&AMP;CHR & Chr (10)
Response.Write "#define Counter_height" &AMP;ICHARHEIGHT&AMP;CHR & Chr (10)
Response.Write "Static unsigned char counter_bits[]={"
For Irow=0 to ICharHeight-1
For I=1 to Chklen
Thebit=mid (chkcode,i,1)
K=0
Do While K<ubound (strdigits)
If Strdigits (k) = Thebit then Exit Do
K=k+icharheight+1
Loop
If K>=ubound (strdigits) then k=0
Theoffset = k + 1
Imagestr = Imagestr + (strdigits (theoffset+irow)) & ","
Next
Next

Imagestr = Left (Imagestr, (Len (IMAGESTR)-1))
Response.Write Imagestr

Response.Write "};"
Session ("Chkcode") = Chkcode
%>

In post.asp, when you define a form, the corresponding code is changed to:

REM child process, defining form
Sub MyForm ()
Response.Write "<table width=500 border=1 cellspacing=0 cellpadding=5" align=center>
"<form name=form1 method=post action=default.asp>" &_
"<tr height=30><td rowspan=2 width=100 align=center> Verification Code </td>" &_
"<td><input type=text name=chkcode size=10>" &_
"</td></tr> "&_
"<tr height=30><td> please fill in the text box to the right of the CAPTCHA code </td></tr>" &_
"<tr height=30><td colspan=2 align=center>" &_
"<input type=submit name=submit value= submission ></td></tr>" &_
"</form></table>"
End Sub

The above is the simplest type of XBM verification code. However, the authentication code for this format is not visible to users of Windows XP SP2 because XP SP2 cancels support for XBM format files. However, you can fix the problem by modifying the registry: Open the registry, find HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security, add a DWORD value with the right key, and rename it BLOCKXBM, whose value is 00000000. When you're done, reopen the browser. You can also edit a file with the file editor as follows:

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security]
"BLOCKXBM" =dword:00000000

Save the file as a registry file with the extension reg, and then double-click the file.
In addition to the XBM format of the verification code, you can also use the ADODB.stream object, the development of more complex BMP verification code, can be obtained from the http://www.netop.cc/downloads/bmpchkcode.rar program. Using this program, you can generate numbers, letters mixed, color, and a color background of the verification code.
The use of Third-party components is a big limitation for friends who rent space. If you have your own server, you can try using the ASP drawing component Shotgraph to generate the verification code, which is in GIF format, has a wide range of versatility. This component can be obtained from Http://www.netop.cc/downloads/shotgraph.zip . There are detailed sample programs and documentation in the ZIP package.
In short, there are many ways to generate a captcha, and now there are a lot of third-party components to help you generate a variety of styles of verification code, online look for it.