关于图片验证码的若干问题

图片验证码是在登录、注册中防止机器注册、灌水等的常用一种小技术。现在贴出我的一种实现代码，也是借鉴别人的。现在主要的java类如下：

public class RandImgCreater { private static final String CODE_LIST = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890"; private HttpServletResponse response = null; private static final int HEIGHT = 20; private static final int FONT_NUM = 4; private int width = 0; private int iNum = 0; private String codeList = ""; private boolean drawBgFlag = false; private int rBg = 0; private int gBg = 0; private int bBg = 0; public RandImgCreater(HttpServletResponse response) { this.response = response; this.width = 13 * FONT_NUM 12; this.iNum = FONT_NUM; this.codeList = CODE_LIST; } public RandImgCreater(HttpServletResponse response,int iNum,String codeList) { this.response = response; this.width = 13 * iNum 12; this.iNum = iNum; this.codeList = codeList; } public String createRandImage(){ BufferedImage image = new BufferedImage(width, HEIGHT, BufferedImage.TYPE_INT_RGB); Graphics g = image.getGraphics(); Random random = new Random(); if ( drawBgFlag ){ g.setColor(new Color(rBg,gBg,bBg)); g.fillRect(0, 0, width, HEIGHT); }else{ g.setColor(getRandColor(200, 250)); g.fillRect(0, 0, width, HEIGHT); for (int i = 0; i < 155; i ) { g.setColor(getRandColor(140, 200)); int x = random.nextInt(width); int y = random.nextInt(HEIGHT); int xl = random.nextInt(12); int yl = random.nextInt(12); g.drawLine(x, y, x xl, y yl); } } g.setFont(new Font("Times New Roman", Font.PLAIN, 18)); String sRand=""; for (int i=0;i int rand=random.nextInt(codeList.length()); String strRand=codeList.substring(rand,rand 1); sRand =strRand; g.setColor(new Color(20 random.nextInt(110),20 random.nextInt(110),20 random.nextInt(110))); g.drawString(strRand,13*i 6,16); }

g.dispose();

try{ ImageIO.write(image, "JPEG", response.getOutputStream()); }catch(IOException e){ } return sRand; } public void setBgColor(int r,int g,int b){ drawBgFlag = true; this.rBg = r; this.gBg = g; this.bBg = b; }

private Color getRandColor(int fc, int bc) { Random random = new Random(); if (fc > 255) fc = 255; if (bc > 255) bc = 255; int r = fc random.nextInt(bc - fc); int g = fc random.nextInt(bc - fc); int b = fc random.nextInt(bc - fc); return new Color(r, g, b); } }

凭java类就可以生成相应的代码，建立一个img.jsp就可以调用：具体代码如下：

<%@ page import="com.register.img.RandImgCreater" %> http://www.w3.org/1999/xhtml"> <%@ page contentType="text/html;charset=GBK"%> <% out.clear(); response.setHeader("Pragma","No-cache"); response.setHeader("Cache-Control","no-cache"); response.setDateHeader("Expires", 0);

RandImgCreater rc = new RandImgCreater(response); String rand = rc.createRandImage();

//如果没有下面两句代码，将会出现getOutputStream() has already been called for this response异常 out.clear(); out = pageContext.pushBody(); session.setAttribute("rand",rand); %>

在这里提出几个问题，第一个，文中红线处，很重要，就这一句out.clear能有效防止在resin服务器下的乱码。没有这句，在tomcat服务器下是不存在问题的。还有下面红线句调用时能防止getOutputStream的异常错误。

第二个问题，就是在调用验证码的时候，不能在本页面调用，如果这样，得到的验证码总会比输出的验证码慢半拍，即得到的是上次的验证码。并且第一次得到的就是空的，会抛异常。这样的话，如果只是刷页面，并且不会得到验证码。所以最好的办法是另外建一个action，在action中进行验证。代码也很简单，如下：

//得到验证码的值 String img=request.getParameter("code"); String rand=session.getAttribute("rand").toString();

if(img.equals(rand)==false) { %> alert("验证码错误") history.go(-1) <% }else{ %>alert("验证码正确")<%

}

编程算法验证码 servlet http https

0 人点赞