Detailed description of the typical Asp.net verification code creation instance code

I. Functions of ASP. NET verification Codes
For a web form to prevent attacks, the verification code is usually a common measure. For some pages in the public area, for example, a logon form, if there are no necessary security measures, it is likely to be under brute force cracking attack of simulated logon, you can either easily obtain the login information of a specific account, or increase the load on the server, affecting normal services. The solution is generally to provide a random message (Verification Code) before logon, which is displayed on the page, asking the user to fill in to ensure that the user can log on normally through the web page, unauthorized non-web attackers cannot view the verification code and refuse to log on to the website. In this case, many attackers may intercept web pages and search for verification codes. In this way, verification and protection measures are meaningless. Generally, we can display the authentication information as image information on the web, so that illegal attackers can not access the authentication information through HTML search. This is the purpose and significance of the verification code.
Ii. ASP. NET verification code implementation

Traditional Verification Code images generally use CGI and ISAPIProgramAdd some EncryptionCodeASP mostly uses COM components to dynamically generate images, which is quite hard.

It is quite easy to implement dynamic verification codes in ASP. NET.

Focus on viewimg. aspx. There is no code in the foreground. You need to add the following code in the background:
// Import the required package
Using system. drawing;
Using system. Drawing. imaging;
Using system. IO;
// Add the following code in the load event
Protected void page_load (Object sender, eventargs E)
{
String chkcode = string. empty;

// Color list for verification code, noise, and noise
Color [] color = {color. Black, color. Red, color. Blue, color. Green, color. Orange,

Color. Brown, color. darkblue };

// Font list for verification code
String [] font = {"Times New Roman", "Ms mincho", "Book antiqua", "gungsuh ",

"Pmingliu", "impact "};

// The Character Set of the Verification Code. Some confusing characters are removed.
Char [] character = {'2', '3', '4', '5', '6', '8', '9', 'A ', 'B', 'C', 'D', 'E ',

'F', 'G', 'h', 'J', 'k', 'l', 'M', 'n', 'P', 'R ', 'S ', 't', 'w', 'x', 'y '};

Random RND = new random ();

// Generate a verification code string
For (INT I = 0; I <4; I ++)
{
Chkcode + = character [RND. Next (character. Length)];
}

// Cookie for saving the verification code
Httpcookie anycookie = new httpcookie ("validatecookie ");

Anycookie. Values. Add ("chkcode", chkcode );

Httpcontext. Current. response. Cookies ["validatecookie"]. Values ["chkcode"] =

Chkcode;

Bitmap BMP = new Bitmap (150, 30 );

Graphics G = graphics. fromimage (BMP );

G. Clear (color. White );

// draw a noise line
for (INT I = 0; I <5; I ++)
{< br> int X1 = RND. next (150);
int Y1 = RND. next (30);
int X2 = RND. next (150);
int y2 = RND. next (30);
color CLR = color [RND. next (color. length)];
G. drawline (new pen (CLR), X1, Y1, X2, Y2);
}

// Draw the verification code string
For (INT I = 0; I <chkcode. length; I ++)
{
String fnt = font [RND. Next (font. Length)];
Font Ft = new font (fnt, 16 );
Color CLR = color [RND. Next (color. Length)];
G. drawstring (chkcode [I]. tostring (), FT, new solidbrush (CLR), (float) I * 20 +

20, (float) 6 );
}

// Draw Noise
For (INT I = 0; I <100; I ++)
{
Int x = RND. Next (BMP. width );
Int y = RND. Next (BMP. Height );
Color CLR = color [RND. Next (color. Length)];
BMP. setpixel (X, Y, CLR );
}
// Clear the output cache of this page and set no cache for this page
Response. Buffer = true;

Response. expiresabsolute = system. datetime. Now. addmilliseconds (0 );

Response. expires = 0;

Response. cachecontrol = "no-Cache ";

Response. appendheader ("Pragma", "No-Cache ");

// Write the verification code image to the memory stream and output it in "image/PNG" Format
Memorystream MS = new memorystream ();

try
{< br> BMP. save (MS, imageformat. PNG);
response. clearcontent ();
response. contenttype = "image/PNG";
response. binarywrite (Ms. toarray ();
}< br> finally
{< br> // explicitly release the resource
BMP. dispose ();
G. dispose ();
}< BR >}

After the code is added, a color verification code can be generated on this page.
On the page to be verified, you only need to add to the code.
Request. Cookies ["validatecookie"]. Values ["chkcode"]. tostring (); can be used for verification.

 

Protected void button#click (Object sender, eventargs E)
{
String text = This. textbox1.text. tostring (); // obtain the verification code entered by the user
String chkcode = request. Cookies ["validatecookie"]. Values ["chkcode"]. tostring (); // obtain the verification code generated by the system
If (! String. isnullorempty (text )&&! String. isnullorempty (chkcode ))
{
If (! Chkcode. Equals (chkcode. toupper () // converts a chkcode to a large write mode if it is not generated in uppercase.
Chkcode. toupper ();
If (text. toupper (). Trim (). Equals (chkcode. Trim () // converts the entered verification code to uppercase and compares it with the one generated by the system.
This. label1.text = "this is right ";
Else
{
This. label1.text = "this is not right ";
}
}
Else if (string. isnullorempty (text ))
{
This. label1.text = "Please input checkcode !! ";
}

}