java web 实现验证码

验证码的作用：通常的登录或者注册系统时，都会要求用户输入验证码，以此区别用户行为和计算机程序行为，目的是有人防止恶意注册、暴力破解密码等。

实现验证码的思路：用 server 实现随机生成数字和字母组成图片的功能，用 jsp 页面实现显示验证码和用户输入验证码的功能，再用 server 类分别获取图片和用户输入的数据，判断两个数据是否一致。

代码实现

1.编写数字、英文随机生成的 server 类，源码：

  1 package com;
  2
  3 import java.awt.Color;
  4 import java.awt.Font;
  5 import java.awt.Graphics;
  6 import java.awt.image.BufferedImage;
  7 import java.io.ByteArrayOutputStream;
  8 import java.io.IOException;
  9 import java.io.PrintWriter;
 10
 11 import javax.imageio.ImageIO;
 12 import javax.servlet.ServletException;
 13 import javax.servlet.ServletOutputStream;
 14 import javax.servlet.http.HttpServlet;
 15 import javax.servlet.http.HttpServletRequest;
 16 import javax.servlet.http.HttpServletResponse;
 17 import javax.servlet.http.HttpSession;
 18
 19 public class logcheck extends HttpServlet {
 20
 21     public logcheck() {
 22         super();
 23     }
 24
 25
 26     public void destroy() {
 27         super.destroy();
 28     }
 29
 30     public void doGet(HttpServletRequest request, HttpServletResponse response)
 31             throws ServletException, IOException {
 32
 33         doPost(request, response);
 34     }
 35
 36
 37     /*实现的核心代码*/
 38     public void doPost(HttpServletRequest request, HttpServletResponse response)
 39             throws ServletException, IOException {
 40
 41         response.setContentType("image/jpeg");
 42         HttpSession session=request.getSession();
 43         int width=60;
 44         int height=20;
 45
 46         //设置浏览器不要缓存此图片
 47         response.setHeader("Pragma", "No-cache");
 48         response.setHeader("Cache-Control", "no-cache");
 49         response.setDateHeader("Expires", 0);
 50
 51         //创建内存图像并获得图形上下文
 52         BufferedImage image=new BufferedImage(width, height,BufferedImage.TYPE_INT_RGB);
 53         Graphics g=image.getGraphics();
 54
 55         /*
 56          * 产生随机验证码
 57          * 定义验证码的字符表
 58          */
 59         String chars="0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
 60         char[] rands=new char[4];
 61         for(int i=0;i<4;i++){
 62             int rand=(int) (Math.random() *36);
 63             rands[i]=chars.charAt(rand);
 64         }
 65
 66         /*
 67          * 产生图像
 68          * 画背景
 69          */
 70         g.setColor(new Color(0xDCDCDC));
 71         g.fillRect(0, 0, width, height);
 72
 73         /*
 74          * 随机产生120个干扰点
 75          */
 76
 77         for(int i=0;i<120;i++){
 78             int x=(int)(Math.random()*width);
 79             int y=(int)(Math.random()*height);
 80             int red=(int)(Math.random()*255);
 81             int green=(int)(Math.random()*255);
 82             int blue=(int)(Math.random()*255);
 83             g.setColor(new Color(red,green,blue));
 84             g.drawOval(x, y, 1, 0);
 85         }
 86         g.setColor(Color.BLACK);
 87         g.setFont(new Font(null, Font.ITALIC|Font.BOLD,18));
 88
 89         //在不同高度输出验证码的不同字符
 90         g.drawString(""+rands[0], 1, 17);
 91         g.drawString(""+rands[1], 16, 15);
 92         g.drawString(""+rands[2], 31, 18);
 93         g.drawString(""+rands[3], 46, 16);
 94         g.dispose();
 95
 96         //将图像传到客户端
 97         ServletOutputStream sos=response.getOutputStream();
 98         ByteArrayOutputStream baos=new ByteArrayOutputStream();
 99         ImageIO.write(image, "JPEG", baos);
100         byte[] buffer=baos.toByteArray();
101         response.setContentLength(buffer.length);
102         sos.write(buffer);
103         baos.close();
104         sos.close();
105
106         session.setAttribute("checkcode", new String(rands));
107     }
108
109
110     public void init() throws ServletException {
111         // Put your code here
112     }
113
114 }

2.用于显示验证码的页面：

 1 <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
 2 <%
 3 String path = request.getContextPath();
 4 String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
 5 %>
 6
 7 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 8 <html>
 9   <head>
10     <base href="<%=basePath%>">
11
12     <title>index</title>
13     <meta http-equiv="pragma" content="no-cache">
14     <meta http-equiv="cache-control" content="no-cache">
15     <meta http-equiv="expires" content="0">
16     <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
17     <meta http-equiv="description" content="This is my page">
18     <!--
19     <link rel="stylesheet" type="text/css" href="styles.css">
20     -->
21   </head>
22
23   <body>
24   <form action="yanzheng" method="post">
25       <input type="text" name="name" size="5" maxlength="4">
26     <a href="index.jsp"><img border="0" src="logcheck"></a><br><br>
27     &nbsp&nbsp&nbsp&nbsp&nbsp<input type="submit" value="提交">
28   </form>
29   </body>
30 </html>

3.用于检验输入的验证码是否正确：

 1 package com;
 2
 3 import java.io.IOException;
 4 import java.io.PrintWriter;
 5
 6 import javax.jms.Session;
 7 import javax.servlet.ServletException;
 8 import javax.servlet.http.HttpServlet;
 9 import javax.servlet.http.HttpServletRequest;
10 import javax.servlet.http.HttpServletResponse;
11 import javax.servlet.http.HttpSession;
12
13 public class yanzheng extends HttpServlet {
14
15     public yanzheng() {
16         super();
17     }
18
19     public void destroy() {
20         super.destroy();
21     }
22
23     public void doGet(HttpServletRequest request, HttpServletResponse response)
24             throws ServletException, IOException {
25
26         doPost(request, response);
27     }
28     /*核心代码*/
29     public void doPost(HttpServletRequest request, HttpServletResponse response)
30             throws ServletException, IOException {
31
32         String info=null;
33         /*获取输入的值*/
34         String value1=request.getParameter("name");
35
36         /*获取图片的值*/
37         HttpSession session=request.getSession();
38         String value2=(String)session.getAttribute("checkcode");
39
40         /*对比两个值（字母不区分大小写）*/
41         if(value2.equalsIgnoreCase(value1)){
42             info="验证码输入正确";
43         }else{
44             info="验证码输入错误";
45         }
46         System.out.println(info);
47         request.setAttribute("info", info);
48         request.getRequestDispatcher("/login.jsp").forward(request, response);
49     }
50
51
52     public void init() throws ServletException {
53         // Put your code here
54     }
55
56 }

4.显示输入结构界面（输入验证码是否正确）：

 1 <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
 2 <%
 3 String path = request.getContextPath();
 4 String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
 5 %>
 6
 7 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 8 <html>
 9   <head>
10     <base href="<%=basePath%>">
11
12     <title>My JSP ‘login.jsp‘ starting page</title>
13
14     <meta http-equiv="pragma" content="no-cache">
15     <meta http-equiv="cache-control" content="no-cache">
16     <meta http-equiv="expires" content="0">
17     <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
18     <meta http-equiv="description" content="This is my page">
19     <!--
20     <link rel="stylesheet" type="text/css" href="styles.css">
21     -->
22
23   </head>
24
25   <body>
26     <%=request.getAttribute("info") %>
27   </body>
28 </html>

5.项目结构、效果截图：