验证码(CAPTCHA)是“Completely Automated Public Turing test to tell Computers and Humans Apart”(全自动区分计算机和人类的图灵测试)的缩写,是一种区分用户是计算机还是人的公共全自动程序。可以防止:恶意破解密码、刷票、论坛灌水,有效防止某个黑客对某一个特定注册用户用特定程序暴力破解方式进行不断的登陆尝试,实际上用验证码是现在很多网站通行的方式,我们利用比较简易的方式实现了这个功能。这个问题可以由计算机生成并评判,但是必须只有人类才能解答。由于计算机无法解答CAPTCHA的问题,所以回答出问题的用户就可以被认为是人类。
今天我们也可以用简单的方式实现验证码校验
步骤说明:1、代码请参考——第十一篇JDBC操作数据库之Filter过滤器(登录验证)。
2、在第十一篇基础上继续实现功能——第十二篇JDBC操作数据库之验证码校验。
一.login,jsp
1.添加验证码功能
2.实现验证码刷新
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <% String path = request.getContextPath(); String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>登录界面</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <!-- <link rel="stylesheet" type="text/css" href="styles.css"> --> <script type="text/javascript"> //刷新验证码 function changeImg(){ document.getElementById("validateCodeImg").src = document.getElementById("validateCodeImg").src + "?time" + (new Date()); } </script> </head> <body> <form action="<%=request.getContextPath()%>/Login" method="post"> <table> <tr> <td>用户名:</td> <td><input type="text" name="username"> </td> </tr> <tr> <td>密码:</td> <td><input type="password" name="password"> </td> </tr> <tr> <td>验证码:</td> <td><input type="text" name="checkcode"> <img src="<%=request.getContextPath()%>/DrawImage" alt="看不清,换一张" id="validateCodeImg" οnclick="changeImg()"> </td> </tr> <tr> <td><input type="submit" value="登录"> </td> </tr> </table> </form> </body> </html>二.DrawImage.java
详细看注解
package com.control; import javax.imageio.ImageIO; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.awt.*; import java.awt.image.BufferedImage; import java.io.IOException; import java.util.Random; /** * Created by Ray on 2018/3/13 0013. **/ public class DrawImage extends HttpServlet { public static final int WIDTH = 120; //生成图片的宽度 public static final int HEIGHT = 30; //生成图片的高度 protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request,response); } protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String createTypeFlag = request.getParameter("createTypeFlag"); //接受客户端传递的createTypeFlag标识 //1.在内存中创建一张图片 BufferedImage bufferedImage = new BufferedImage(WIDTH,HEIGHT,BufferedImage.TYPE_INT_RGB); //2.生成图片 Graphics graphics = bufferedImage.getGraphics(); //3.设置图片的背景色 setBackGround(graphics); //4.设置图片的边框 setBorder(graphics); //5.在图片上画干扰线 drawRandomLine(graphics); //6.写在图片上随机数 String random = drawRandomNum((Graphics2D)graphics,createTypeFlag); //7.将随机数保存在session中 request.getSession().setAttribute("checkcode",random); //8.设置相应头通知浏览器以图片的形式打开 response.setContentType("image/jpeg"); //等同于response.setHeader("Content-Type","image/jpeg"); //9.设置响应头控制浏览器不要缓存 response.setDateHeader("expries",-1); response.setHeader("Cache-Control","no-cache"); response.setHeader("Pragma","no-cache"); //10.将图片写给浏览器 ImageIO.write(bufferedImage,"jpg",response.getOutputStream()); } /** * @Author: Ray * @Date: 2018/3/13 0013 * @Description: 设置图片的背景图 * @Return: */ private void setBackGround(Graphics graphics){ //1.设置颜色 graphics.setColor(Color.WHITE); //2.填充区域 graphics.fillRect(0,0,WIDTH,HEIGHT); } /** * @Author: Ray * @Date: 2018/3/13 0013 * @Description: 设置图片的边框 * @Return: */ private void setBorder(Graphics graphics){ //1.设置边框颜色 graphics.setColor(Color.BLUE); //2.设置区域 graphics.drawRect(1,1,WIDTH-2,HEIGHT-2); } /** * @Author: Ray * @Date: 2018/3/13 0013 * @Description: 在图片上画随机线条 * @Return: */ private void drawRandomLine(Graphics graphics){ //1.设置颜色 graphics.setColor(Color.GREEN); //2.设置线条个数并画线 for(int i = 0; i < 5; i++){ int x1 = new Random().nextInt(WIDTH); int y1 = new Random().nextInt(HEIGHT); int x2 = new Random().nextInt(WIDTH); int y2 = new Random().nextInt(HEIGHT); graphics.drawLine(x1,y1,x2,y2); } } /** * @Author: Ray * @Date: 2018/3/13 0013 * @Description: 创建随机字符 * @Return: String */ private String createRandomChar(Graphics2D graphics2D,String baseChar){ StringBuffer stringBuffer = new StringBuffer(); int x = 5; String ch = ""; //控制字数 for(int i = 0; i < 4; i++){ //设置字体旋转角度 int degree = new Random().nextInt() % 30; ch = String.valueOf(baseChar.charAt(new Random().nextInt(baseChar.length())) + ""); stringBuffer.append(ch); //正向角度 graphics2D.rotate(degree * Math.PI / 180, x, 20); graphics2D.drawString(ch,x,20); //反向角度 graphics2D.rotate(-degree * Math.PI / 180, x ,20); x += 30; } return stringBuffer.toString(); } /** * @Author: Ray * @Date: 2018/3/13 0013 * @Description: 画随机字符 * @Return: String */ private String drawRandomNum(Graphics2D graphics2D,String... createTypeFlag){ //1.设置颜色 graphics2D.setColor(Color.RED); //2.设置字体 graphics2D.setFont(new Font("微软雅黑",Font.BOLD,20)); // 常用的汉字 String baseChineseChar = "\u7684\u4e00\u4e86\u662f\u6211\u4e0d\u5728\u4eba\u4eec\u6709\u6765\u4ed6\u8fd9\u4e0a\u7740\u4e2a\u5730\u5230\u5927\u91cc\u8bf4\u5c31\u53bb\u5b50\u5f97\u4e5f\u548c\u90a3\u8981\u4e0b\u770b\u5929\u65f6\u8fc7\u51fa\u5c0f\u4e48\u8d77\u4f60\u90fd\u628a\u597d\u8fd8\u591a\u6ca1\u4e3a\u53c8\u53ef\u5bb6\u5b66\u53ea\u4ee5\u4e3b\u4f1a\u6837\u5e74\u60f3\u751f\u540c\u8001\u4e2d\u5341\u4ece\u81ea\u9762\u524d\u5934\u9053\u5b83\u540e\u7136\u8d70\u5f88\u50cf\u89c1\u4e24\u7528\u5979\u56fd\u52a8\u8fdb\u6210\u56de\u4ec0\u8fb9\u4f5c\u5bf9\u5f00\u800c\u5df1\u4e9b\u73b0\u5c71\u6c11\u5019\u7ecf\u53d1\u5de5\u5411\u4e8b\u547d\u7ed9\u957f\u6c34\u51e0\u4e49\u4e09\u58f0\u4e8e\u9ad8\u624b\u77e5\u7406\u773c\u5fd7\u70b9\u5fc3\u6218\u4e8c\u95ee\u4f46\u8eab\u65b9\u5b9e\u5403\u505a\u53eb\u5f53\u4f4f\u542c\u9769\u6253\u5462\u771f\u5168\u624d\u56db\u5df2\u6240\u654c\u4e4b\u6700\u5149\u4ea7\u60c5\u8def\u5206\u603b\u6761\u767d\u8bdd\u4e1c\u5e2d\u6b21\u4eb2\u5982\u88ab\u82b1\u53e3\u653e\u513f\u5e38\u6c14\u4e94\u7b2c\u4f7f\u5199\u519b\u5427\u6587\u8fd0\u518d\u679c\u600e\u5b9a\u8bb8\u5feb\u660e\u884c\u56e0\u522b\u98de\u5916\u6811\u7269\u6d3b\u90e8\u95e8\u65e0\u5f80\u8239\u671b\u65b0\u5e26\u961f\u5148\u529b\u5b8c\u5374\u7ad9\u4ee3\u5458\u673a\u66f4\u4e5d\u60a8\u6bcf\u98ce\u7ea7\u8ddf\u7b11\u554a\u5b69\u4e07\u5c11\u76f4\u610f\u591c\u6bd4\u9636\u8fde\u8f66\u91cd\u4fbf\u6597\u9a6c\u54ea\u5316\u592a\u6307\u53d8\u793e\u4f3c\u58eb\u8005\u5e72\u77f3\u6ee1\u65e5\u51b3\u767e\u539f\u62ff\u7fa4\u7a76\u5404\u516d\u672c\u601d\u89e3\u7acb\u6cb3\u6751\u516b\u96be\u65e9\u8bba\u5417\u6839\u5171\u8ba9\u76f8\u7814\u4eca\u5176\u4e66\u5750\u63a5\u5e94\u5173\u4fe1\u89c9\u6b65\u53cd\u5904\u8bb0\u5c06\u5343\u627e\u4e89\u9886\u6216\u5e08\u7ed3\u5757\u8dd1\u8c01\u8349\u8d8a\u5b57\u52a0\u811a\u7d27\u7231\u7b49\u4e60\u9635\u6015\u6708\u9752\u534a\u706b\u6cd5\u9898\u5efa\u8d76\u4f4d\u5531\u6d77\u4e03\u5973\u4efb\u4ef6\u611f\u51c6\u5f20\u56e2\u5c4b\u79bb\u8272\u8138\u7247\u79d1\u5012\u775b\u5229\u4e16\u521a\u4e14\u7531\u9001\u5207\u661f\u5bfc\u665a\u8868\u591f\u6574\u8ba4\u54cd\u96ea\u6d41\u672a\u573a\u8be5\u5e76\u5e95\u6df1\u523b\u5e73\u4f1f\u5fd9\u63d0\u786e\u8fd1\u4eae\u8f7b\u8bb2\u519c\u53e4\u9ed1\u544a\u754c\u62c9\u540d\u5440\u571f\u6e05\u9633\u7167\u529e\u53f2\u6539\u5386\u8f6c\u753b\u9020\u5634\u6b64\u6cbb\u5317\u5fc5\u670d\u96e8\u7a7f\u5185\u8bc6\u9a8c\u4f20\u4e1a\u83dc\u722c\u7761\u5174\u5f62\u91cf\u54b1\u89c2\u82e6\u4f53\u4f17\u901a\u51b2\u5408\u7834\u53cb\u5ea6\u672f\u996d\u516c\u65c1\u623f\u6781\u5357\u67aa\u8bfb\u6c99\u5c81\u7ebf\u91ce\u575a\u7a7a\u6536\u7b97\u81f3\u653f\u57ce\u52b3\u843d\u94b1\u7279\u56f4\u5f1f\u80dc\u6559\u70ed\u5c55\u5305\u6b4c\u7c7b\u6e10\u5f3a\u6570\u4e61\u547c\u6027\u97f3\u7b54\u54e5\u9645\u65e7\u795e\u5ea7\u7ae0\u5e2e\u5566\u53d7\u7cfb\u4ee4\u8df3\u975e\u4f55\u725b\u53d6\u5165\u5cb8\u6562\u6389\u5ffd\u79cd\u88c5\u9876\u6025\u6797\u505c\u606f\u53e5\u533a\u8863\u822c\u62a5\u53f6\u538b\u6162\u53d4\u80cc\u7ec6"; // 数字和大小写字母的组合 String baseNumLetter = "0123456789ABCDEFGHJKLMNOPQRSTUVWXYZabcdefghjklmnopqrstuvwxyz"; // 纯数字 String baseNum = "0123456789"; // 纯大写字母 String baseUpper = "ABCDEFGHJKLMNOPQRSTUVWXYZ"; // 纯小写字母 String baseLower = "abcdefghjklmnopqrstuvwxyz"; // 所有集合 String baseAll = baseChineseChar + baseNumLetter + baseNum + baseUpper + baseLower; // createTypeFlag[0]==null表示没有传递参数 if (createTypeFlag.length > 0 && null != createTypeFlag[0]) { if(createTypeFlag[0].equals("ch")){ // 截取汉字 return createRandomChar(graphics2D,baseChineseChar); } else if (createTypeFlag[0].equals("nul")) { // 截取数字和大小写字母的组合 return createRandomChar(graphics2D, baseNumLetter); } else if (createTypeFlag[0].equals("n")) { // 截取数字 return createRandomChar(graphics2D, baseNum); } else if (createTypeFlag[0].equals("u")) { // 截取大写字母 return createRandomChar(graphics2D, baseUpper); } else if (createTypeFlag[0].equals("l")){ // 截取小写字母 return createRandomChar(graphics2D, baseLower); } } else { // 默认截取数字和大小写字母的组合 return createRandomChar(graphics2D, baseNumLetter); } return ""; } }三.web.xml配置文件
注意:<param-value>login.jsp;fail.jsp;Login;ErrorFilter;DrawImage</param-value>
<?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <servlet> <servlet-name>BookList</servlet-name> <servlet-class>com.control.BookList</servlet-class> </servlet> <servlet-mapping> <servlet-name>BookList</servlet-name> <url-pattern>/BookList</url-pattern> </servlet-mapping> <servlet> <servlet-name>BookAdd</servlet-name> <servlet-class>com.control.BookAdd</servlet-class> </servlet> <servlet-mapping> <servlet-name>BookAdd</servlet-name> <url-pattern>/BookAdd</url-pattern> </servlet-mapping> <servlet> <servlet-name>BookUpdate</servlet-name> <servlet-class>com.control.BookUpdate</servlet-class> </servlet> <servlet-mapping> <servlet-name>BookUpdate</servlet-name> <url-pattern>/BookUpdate</url-pattern> </servlet-mapping> <servlet> <servlet-name>BookDoUpdate</servlet-name> <servlet-class>com.control.BookDoUpdate</servlet-class> </servlet> <servlet-mapping> <servlet-name>BookDoUpdate</servlet-name> <url-pattern>/BookDoUpdate</url-pattern> </servlet-mapping> <servlet> <servlet-name>BookDelete</servlet-name> <servlet-class>com.control.BookDelete</servlet-class> </servlet> <servlet-mapping> <servlet-name>BookDelete</servlet-name> <url-pattern>/BookDelete</url-pattern> </servlet-mapping> <servlet> <servlet-name>BookDoDelete</servlet-name> <servlet-class>com.control.BookDoDelete</servlet-class> </servlet> <servlet-mapping> <servlet-name>BookDoDelete</servlet-name> <url-pattern>/BookDoDelete</url-pattern> </servlet-mapping> <servlet> <servlet-name>BookBatchAdd</servlet-name> <servlet-class>com.control.BookBatchAdd</servlet-class> </servlet> <servlet-mapping> <servlet-name>BookBatchAdd</servlet-name> <url-pattern>/BookBatchAdd</url-pattern> </servlet-mapping> <servlet> <servlet-name>BookBatchDelete</servlet-name> <servlet-class>com.control.BookBatchDelete</servlet-class> </servlet> <servlet-mapping> <servlet-name>BookBatchDelete</servlet-name> <url-pattern>/BookBatchDelete</url-pattern> </servlet-mapping> <servlet> <servlet-name>BookFind</servlet-name> <servlet-class>com.control.BookFind</servlet-class> </servlet> <servlet-mapping> <servlet-name>BookFind</servlet-name> <url-pattern>/BookFind</url-pattern> </servlet-mapping> <!--验证码功能--> <servlet> <servlet-name>Login</servlet-name> <servlet-class>com.control.Login</servlet-class> </servlet> <servlet-mapping> <servlet-name>Login</servlet-name> <url-pattern>/Login</url-pattern> </servlet-mapping> <servlet> <servlet-name>DrawImage</servlet-name> <servlet-class>com.control.DrawImage</servlet-class> </servlet> <servlet-mapping> <servlet-name>DrawImage</servlet-name> <url-pattern>/DrawImage</url-pattern> </servlet-mapping> <!--登录拦截--> <filter> <filter-name>LoginFilter</filter-name> <filter-class>com.Filter.LoginFilter</filter-class> <init-param> <param-name>noLoginPaths</param-name> <param-value>login.jsp;fail.jsp;Login;ErrorFilter;DrawImage</param-value> </init-param> </filter> <filter-mapping> <filter-name>LoginFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <!--配置过滤器--> <filter> <filter-name>CharSetFilter</filter-name> <filter-class>com.Filter.CharSetFilter</filter-class> <init-param> <!--用来指定一个具体的字符集--> <param-name>charset</param-name> <param-value>UTF-8</param-value> </init-param> </filter> <!--映射过滤器--> <filter-mapping> <filter-name>CharSetFilter</filter-name> <!--“/*”表示拦截所有的请求 --> <url-pattern>/*</url-pattern> </filter-mapping> <!--拦截404,500页面--> <error-page> <error-code>404</error-code> <location>/error/error404.jsp</location> </error-page> <error-page> <error-code>500</error-code> <location>/error/error500.jsp</location> </error-page> <filter> <filter-name>ErrorFilter</filter-name> <filter-class>com.Filter.ErrorFilter</filter-class> </filter> <filter-mapping> <filter-name>ErrorFilter</filter-name> <url-pattern>/error.jsp</url-pattern> <dispatcher>ERROR</dispatcher> </filter-mapping> </web-app>四.页面效果
ok!
