通过Session案例分析一次性验证码登录
程序员文章站
2024-03-05 21:34:07
验证码的实现原理:
在一个servlet中生成验证,并把验证码上的数据保存在session,用户提交验证码之后,会提交给另外一个servlet程序。在获取用...
验证码的实现原理:
在一个servlet中生成验证,并把验证码上的数据保存在session,用户提交验证码之后,会提交给另外一个servlet程序。在获取用户提交数据的servlet中的从session中把验证码取出,在取出的同时从session中把验证码删除。
1.注册页面:register.jsp
<%@ page language="java" import="java.util.*" pageencoding="utf-8"%> <%string path = request.getcontextpath(); string basepath = request.getscheme()+"://"+request.getservername()+":"+request.getserverport()+path+"/"; %> <!doctype html public "-//w3c//dtd html 4.01 transitional//en"> <html> <head> <base href="<%=basepath%>" rel="external nofollow" > <title>my jsp 'login.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="this is my page"> <!-- <link rel="stylesheet" type="text/css" href="styles.css" rel="external nofollow" > --> <script type="text/javascript"> function _changimg(){ document.getelementbyid("myimg").src = "/day11/checkimg?" + new date().getmilliseconds(); } </script> </head> <body> <center> <form action="/day11/regist" method="post"> <table> <tr> <td>用户名<font color="red">*</font></td> <td><input type="text" name="name"/></td> </tr> <tr> <td>密码</td> <td><input type="password" name="password"/></td> </tr> <tr> <td>输入验证码</td> <td> <input type="text" name="form_checkcode" /> <img style="cursor: pointer;" alt="" src="/day11/checkimg" id="myimg" onclick="_changimg();"/> <a href="javascript:void(0);" rel="external nofollow" onclick="_changimg();">看不清,换一张</a> <font color="red">${imgerror }</font> </td> </tr> <tr> <td><input type="submit" value="注册" /></td> </tr> </table> </form> </center> </body> </html>
2.生成验证码参考:cn.itcast.session.checkimgservlet
public class checkimgservlet extends httpservlet { public void doget(httpservletrequest request, httpservletresponse response) throws servletexception, ioexception { int width = 120; int height = 40; // 先生成一张纸 bufferedimage bufi = new bufferedimage(width, height, bufferedimage.type_int_rgb); // 画笔 graphics g = bufi.getgraphics(); // 设置背景颜色 // 修改画笔颜色 g.setcolor(color.white); // 填充 g.fillrect(0, 0, width, height); // 绘制边框 // 设置边框颜色 g.setcolor(color.red); // 画边框 g.drawrect(0, 0, width - 1, height - 1); // 准备一些数据 string data = "abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrstuvwxyz"; // 生成随机对象 random r = new random(); string checkcode = ""; // 生成4个随机的数字 for (int i = 0; i < 4; i++) { // 生成随机颜色 g.setcolor(new color(r.nextint(255), r.nextint(255), r.nextint(255))); // 设置字体 g.setfont(new font("宋体", font.italic, 25)); string c = data.charat(r.nextint(data.length())) + ""; g.drawstring(c, 10 + (20 * i), 30); checkcode += c; } // 将生成的验证码放到 session中 request.getsession().setattribute("session_checkcode", checkcode); // 画干扰线 for (int i = 0; i < 8; i++) { // 设置随机颜色 g.setcolor(new color(r.nextint(255), r.nextint(255), r.nextint(255))); // 画线 两点确定一线 g.drawline(r.nextint(width), r.nextint(height), r.nextint(width), r.nextint(height)); } // 将图片输出到浏览器 imageio.write(bufi, "jpg", response.getoutputstream()); } public void dopost(httpservletrequest request, httpservletresponse response) throws servletexception, ioexception { } }
3.验证码的验证参考:cn.itcast.session.registservlet
public class registservlet extends httpservlet { public void doget(httpservletrequest request, httpservletresponse response) throws servletexception, ioexception { } public void dopost(httpservletrequest request, httpservletresponse response) throws servletexception, ioexception { // 校验验证码的有效性: 服务端生成的验证码 和 表单提交的验证码一致才算有效 // 服务端生成的验证码 保存在 session容器中 // 获得session中的验证码 httpsession session = request.getsession(); string session_checkcode = (string) session.getattribute("session_checkcode"); // 使用完后,迅速清除session中验证码的属性 session.removeattribute("session_checkcode"); // 获得表单提交的验证码 string form_checkcode = request.getparameter("form_checkcode"); // 判断什么是非法 如果非法,终止 if (session_checkcode == null || !session_checkcode.equals(form_checkcode)) { // 说明验证码错误 request.setattribute("imgerror", "验证码错误!"); // 将request对象转发给 login.jsp request.getrequestdispatcher("/login.jsp").forward(request, response); // 结束当前方法 return; } // 如果合法, 继续校验用户名和密码的有效 string username = request.getparameter("username"); string password = request.getparameter("password"); } }
以上所述是小编给大家介绍的通过session案例分析一次性验证码登录问题,希望对大家有所帮助