用户登录注册之验证码技术实现
对于一些恶意强暴破解密码的行为(即通过硬性尝试用户名密码进行破解),可以采用验证码对其进行抵御,对于一些程序可以识别验证码,则需要对验证码形式进行多样化设计。
注!!!!!拿到的页面是只有图片,需要用另一个页面引用图片页面示例:用户登录时设置验证码代码实现:页面function_change({
varimgEle=document.getElementById("img";imgEle.src=
"${pageContext.request.contextPath}/user_getVerify.action?a="
+newDate(.getTime(;}
action="${pageContext.request.contextPath}/user_login.action"method="post">
style="HEIGHT:28px">验证码:
size="1"/>
src="${pageContext.request.contextPath}/user_getVerify.action">
换一张
28px">style="FONT-WEIGHT:bold;VISIBILITY:hidden;COLOR:white">请输入验证码|
2.action操作//获得验证码
publicvoidgetVerify(throwsIOException{
HttpServletRequest
request=ServletActionContext.getRequest(;
HttpServletResponse
response=ServletActionContext.getResponse(;
request.getSession(.setAttribute("session_vcode",vc.g
VerifyCodevc=newVerifyCode(;
BufferedImageimage=vc.getImage(;//获得图片
etText(;//将验证码内容放在域对象里面
VerifyCode.output(image,
response.getOutputStream(;}
publicStringlogin({
HttpServletRequest
request=ServletActionContext.getRequest(;
StringsessionCode=(String
request.getSession(.getAttribute("session_vcode";
StringparamCode=
request.getParameter("verifyCode";
if(!paramCode.equalsIgnoreCase(sessionCode{}
UseruserExit=userService.login(user;if(userExit!=null{
if(!userExit.isState({
request.setAttribute("msg","您尚未激活,请到request.setAttribute("msg","验证码错误!";return"login";
邮箱"+userExit.getEmail(+"激活!";}
request=ServletActionContext.getRequest(;request.getSession(.setAttribute("user",return"loginerror";
userExit;}
return"loginsuccess";
}else{}
return"login";
3.验证码代码实现importjava.awt.BasicStroke;
importjava.awt.Color;importjava.awt.Font;importjava.awt.Graphics2D;
importjava.awt.image.BufferedImage;importjava.io.IOException;importjava.io.OutputStream;importjava.util.Random;importjavax.imageio.ImageIO;
publicclassVerifyCode{
privateintw=70;privateinth=35;
privateRandomr=newRandom(;
//{"宋体","华文楷体","黑体","华文新魏","华文隶书","微软雅黑","楷体_GB2312"}
privateString[]fontNames={"宋体","华文楷体|
