Brief introduction:
The role of verification code: mainly in order to effectively prevent malicious registration of the machine, a specific registered user with a specific program of brute force to make a continuous attempt to log in. Verification code is now a lot of website Registration/login is required, although the user may be a bit of trouble, but the site/community This function is very necessary, but also very important, many websites in order to prevent users to use the robot automatic registration, login, irrigation, are using the verification code technology. The so-called verification Code, is a series of randomly generated numbers or symbols, to generate a picture, the picture with some interference pixels (to prevent OCR), by the user to identify the identification of the verification code information, input form submitted to the site verification, verification success to use a function. Here to remind you to protect your password, try to use a mix of numbers, letters, symbols, including more than 6 password, do not use a simple password such as 1234 or the same as the user name, similar password. Do not set a password at any time anywhere, protecting your own password and protecting yourself from the unnecessary hassle of stealing your account.
Common Verification Code:
1. Four digits, a random number string, the most original verification code, the verification function is almost zero.
2. CSDN Website User login is a GIF format, the current commonly used random digital image verification code. The characters on the picture are quite good, the verification function is better than the previous. People who do not have basic graphics and image knowledge can not be broken! Unfortunately read its program, in CSDN use it on the first day, as if it was published in the Forum.
3. QQ site users log in with the PNG format, the image with random numbers + random capital letters, the whole composition a little publicity, every refresh, each character will change position! Sometimes the pictures come out, the human eye can not recognize, very bad ah ...
4.MS Hotmail application time is BMP format, random number + random Capital English letter + random interference pixel + random position.
5.Google Gmail registration time is JPG format, random English letter + random color + random position + random length. 6, the other major forums are XBM format, content random.
Implementation code:
Generate a Captcha picture (dlimage.jsp):
1<%@ page contenttype= "Image/jpeg"Import= "java.awt.*,java.awt.image.*,java.util.*,javax.imageio.*" pageencoding= "UTF-8"%>22 <%! Color Getrandcolor (intFcintBC) {//get random colors for a given range33 Random random =NewRandom ();44if(FC > 255)55 FC = 255;66if(BC > 255)77 BC = 255;88intr = FC + random.nextint (BC-FC);99intg = FC + random.nextint (BC-FC);Ten10intB = fc + random.nextint (BC-FC); One11return NewColor (R, G, b); A}%> -<% -14//Settings page does not cache theResponse.setheader ("Pragma", "No-cache"); -Response.setheader ("Cache-control", "No-cache"); -Response.setdateheader ("Expires", 0); -18 +19//Create an image in memory -20intwidth = 32, height =; +BufferedImage image =Newbufferedimage (width, height, A22Bufferedimage.type_int_rgb); at23 -24//Get the graphics context -Graphics g =image.getgraphics (); -26 -27//Generating Random classes -Random random =NewRandom (); in29 -30//Set Background color toG.setcolor (Getrandcolor (200, 250)); +G.fillrect (0, 0, width, height); -33 the34//Set Font *G.setfont (NewFont ("Times New Roman", Font.Bold, 18));//18 is the font size set $36Panax Notoginseng37//Draw Border -G.setcolor (NewColor (0, 0, 0)); theG.drawrect (0, 0, width-1, height-1);//border range of thin lines +40 A41//randomly generates 155 lines of interference so that the authentication code in the image is not easily detected by other programs theG.setcolor (Getrandcolor (160, 200)); +43 for(inti = 0; I < 155; i++) { -44intx =random.nextint (width); $45inty =random.nextint (height); $46intXL = Random.nextint (12); -47intYL = Random.nextint (12); -G.drawline (x, y, X + xl, y +yl); the49 } -50Wuyi51//randomly generated authentication code (4 digits) theSRand String = ""; -53 for(inti = 0; I < 4; i++) { WuSi-String rand =NULL; -55//randomly generate numbers or letters About56if(Random.nextint) > 5) { $string.valueof Rand = (Char) (Random -Nextint (10) + 48)); -59}Else { -Rand = String.valueof ((Char) (Random ANextint (26) + 65)); +62 } theSRand + =Rand; -64//Display the authentication code to the image $G.setcolor (NewColor (Random.nextint (80), Random theNextint (+), Random.nextint (80))); the67//The call function comes out with the same color, possibly because the seed is too close, so it can only be generated directly theg.DrawString (Rand, * i + 10, 16); the69 } -70 in71//Save authentication Code to session theSession.setattribute ("Rand"), SRand); the73 About74//Image Effective the75g.dispose (); the76 the77//output image to page +Imageio.write (Image, "JPEG", Response.getoutputstream ()); -%>
To reference the generated CAPTCHA image in the registration or landing page:
<!--verification code image generation--><a href= "#" onclick= "Javascript:var dt=new Date (); document.getElementById (' Code '). src= ' dlimage.jsp?dt= ' +dt; >
</a> (* case- sensitive letters)
Verify that the verification code is entered correctly or not:
<%@ page contenttype= "text/html; Charset=utf-8 "Language=" Java "Import= "java.sql.*" errorpage= ""%>String Rand= (String) session.getattribute ("Rand"); <!-system randomly generated verification code--String input= Request.getparameter ("Rand");<!--User-entered verification code--if(Input.equals (Rand)) {%><!--Verification Code is correct--<jsp:forward page= "dl.jsp"/> <!--the page redirected here can be changed to a page that can be entered after successful login--<%}ElseThe verification code generated by the {%> system is: <%= Rand%><br/> The verification code you entered is: <%= input%><br/>
<!--verification Code error---authentication failed, please return to the login screen, re-enter the verification code!<br/> <a href= "dl.jsp" > Return to the Login interface </a><%}%></body >The function and code implementation of registration/login Interface Verification Code