PHP Instance ———— Implementation Verification code function

As we all know, the verification code in the website registration, login and a lot of times are necessary features. Without a verification code, the security of the site is largely compromised. Therefore, the verification code is an indispensable function in the development process of the website, the effect of verification code directly affects the security of the website. (Here Bo master also by the way spit trough, verification code this function really egg ache, is going to lose a verification code, look really upset. A period of time 12306 also a dynamic verification code, I want to say that no one in the dormitory can enter the correct. Just want to come up with an alternative function, end this motherfucker function, I think few users like all day to the verification Code bar). All right, no more nonsense.

First, use the mind map to clarify the whole idea:

Use the GD library in auth.php to paint, lay out the captcha background, add the randomly generated string to the background, and save the string to the session to ensure that the verification code can be keyed out on any page. Write a simple login form in form.html, with the emphasis on verifying code links and loading the verification code in the auth.php with the tag. The data is then submitted to the submit.php page. In submit.php, the Verification Code verification (not discussed here username and password), to see the string stored in the session and form.html the verification code submitted by the string is the same, before here in order to not case-sensitive, all the string to lowercase. If the string is the same, the page jumps. If different, return to the login page.

1.auth.php

<?phpheader ("Content-type:text/html;charset=utf-8");//Open Sessionsession_start ();//Prepare Canvas $im= Imagecreatetruecolor (50,25);//preparation of paint $black=imagecolorallocate ($im, 0,0,0); $gray =imagecolorallocate ($im, 200,200,200)///Background fill Imagefill ($im, 0,0, $gray);//text centered $x= (50-10*4)/2; $y = (25-5)/2+5;//Prepare text $arr=array_merge (range ( 0,9), Range (' A ', ' Z '), Range (' A ', ' Z ')), Shuffle ($arr), $str =implode (Array_slice ($arr, 0,4));//Put $STR into session, Convenient to call $_session[' Vstr ']= $str in all pages; $file = "FONTS/SIMSUN.TTC"; Imagettftext ($im, 10,0, $x, $y, $black, $file, $STR);// Output to Browser or save header ("Content-type:image/png"); Imagepng ($im);//Close Canvas imagedestory ($IM); >

(1) header can not have any output in front of the head

(2) session must be opened before using the session

2.form.html

(1) method is submitted in the form of post
(2) Try to ensure the coordination of text box and verification code
3.submit.php
<?phpheader ("Content-type:text/html;charset=utf-8"); Session_Start (); $code =strtolower ($_post[' Vcode ']); $str = Strtolower ($_session[' vstr ')), if ($code = = $str) {//page jump echo "<script>location= ' http://www.baidu.com ' </ Script> ";} Else{echo "<script>alert (' Verification Code input error ');</script>"; echo "<a href= ' form.html ' > Return to login Page </a>";}? >
(1) Use Strtolower () to convert all strings to lowercase, eliminating the hassle of case-sensitive verification codes. 
(2) Use the IF statement to determine whether two strings are equal to true.
(3) Add a little bit of JS, in the <script>location= ' </script> quotation mark added the need to jump to the address, you can jump directly. Of course, the header () is OK, but the header () can not have output, the limitations are too large. It's better to use JS.





PHP Instance ———— Implementation Verification code function