1 Function of verification code
Verification code is to distinguish between people and machines, if there is no verification code mechanism, Web sites or applications will encounter many problems, as follows:
① website easy to be violent login password, can make an automatic program constantly try to login, password is easily cracked, the system easily paralyzed;
② hackers can create automatic programs to constantly register accounts, constantly posting, constantly swipe tickets, consume server resources, generate a lot of junk information;
The verification code is divided into two parts: Picture and input Box
<HTML><BR/><Imagesrc= ' images/logo1.jpg '/><HR/><Head><BR/><title>Login</title> <BR/><H1>Welcome to Login</H1></Head> <BR/><Body> <BR/><formAction= '/loginvalid/loginverify 'Method= ' Post '>User id:<inputtype= ' text 'name= ' UserID 'value= ' '> <BR/>User password:<inputtype= ' Password 'name= ' Password 'value= ' '> <BR/><BR/>Verification Code:<inputtype= ' text 'name= ' Inputcode 'value= ' '/> <imgsrc= '/loginvalid/createcode2 '/><BR/><inputtype= ' Submit 'value= ' Login '/><BR/></form></Body> <BR/></HTML>
Createcode Real-time image generation
1 Private Static Final intimg_w=82;2 Private Static Final intImg_h=25;3 Private Static Final intNum_chs=5;4 Private Static Char[] CHS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890". ToCharArray ();5 Private StaticRandom Rand =NewRandom ();6 7 Public voiddoget (httpservletrequest request, httpservletresponse response)8 throwsservletexception, IOException {9 Ten //prevent browser from caching random pictures OneResponse.setdateheader ("Expires", 1); AResponse.setheader ("Cache-control", "No-cache"); -Response.setheader ("Pragma", "No-cache"); - the //notifies the client to open a picture to send past data -Response.setheader ("Content-type", "Image/jpeg"); - - //Creating an Image object +BufferedImage image =Newbufferedimage (img_w, Img_h, Bufferedimage.type_int_rgb); -Graphics g =image.getgraphics (); + A //CAPTCHA picture background color atColor CO =NewColor (200,200,255); - G.setcolor (CO); - -G.fillrect (0, 0, img_w, img_h); - //Save Captcha characters -StringBuilder SB =NewStringBuilder (); in intIndex=0; - for(inti=0; i<num_chs; i++) to { + //get a random subscript -index =Rand.nextint (chs.length); the //give the brush a random color *G.setcolor (NewColor (Rand.nextint), Rand.nextint, Rand.nextint (150))); $ //Draw a characterPanax Notoginsengg.DrawString (chs[index]+ "", 15*i+3, 18); - sb.append (Chs[index]); the } + A //Save the verification code to session theRequest.getsession (). SetAttribute ("Checkcode", sb.tostring ()); +Imageio.write (image, "JPG", Response.getoutputstream ()); -}
Verify that the verification code entered by the user is the same as saved in the session:
1 Public voiddoget (httpservletrequest request, httpservletresponse response)2 throwsservletexception, IOException {3 4Response.setcontenttype ("Text/html;charset=utf-8");5Request.setcharacterencoding ("Utf-8");6PrintWriter out =Response.getwriter ();7 8HttpSession session =request.getsession ();9String secode = (string) session.getattribute ("Checkcode");TenString inputcode = (string) request.getparameter ("Inputcode"); One if(Secode.equals (inputcode)) A { -Request.getrequestdispatcher ("/main"). Forward (request, response); - } the Else - { -Request.getrequestdispatcher ("/err"). Forward (request, response); - } + -}
Java Simple Login Verification Code