Web effects do not use picture validation and service-side detection verification code method
Many source code is to match the authentication code by requesting the server
It suddenly occurred to me that if the browser matches the ciphertext (on the page) after the SALT+MD5 mixed encryption, the local
Know if the verification code is correct
var seccode_hash = ' xxxxxx '; 32-Bit encrypted authentication code
var seccode_salt = ' xxsxxx '; Random characters
var seccode_count = 255; Number of encryption
When the user submits, the authentication code is encrypted and matched to the cipher:
8-bit English (case ignored) + number of verification code, poor lift about > 2 trillion
var hash = ' 12345678 ';
hash = MD5 (hash + seccode_salt);
for (var i = 0; i < Seccode_count; ++i) {
hash = MD5 (hash);
}
if (hash!= seccode_hash) {
Alert (' Authentication code Error! ');
}else{
Alert (' through ');
}
The validation code is submitted to the server in clear text and detected again on the service side
To refresh the authentication code, you need to request an interface via Ajax,
Returns the ciphertext of the new CAPTCHA, and the base64 of the Verification Code picture, which allows gzip compression to reduce traffic
Instead of using a URL request to verify code pictures