1、在访问登录页面时,需要生产验证码。从而防止用户使用程序恶意操作。

2、验证码的本质是图片。

3、生成验证码的工具Servlet,直接复制粘贴即可使用

import java.awt.Color;
import java.awt.Font;
import java.awt.Graphics;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.util.Random;

import javax.imageio.ImageIO;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;


@WebServlet("/check")
public class CheckCodes extends HttpServlet {
    
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        
        doPost(request,response);
    }

    
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        //设定长和宽
        int height = 25;
        int width = 80;
        String data = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
        Random random = new Random();
        //创建一个图片
        BufferedImage image = new BufferedImage(width, height, BufferedImage.TYPE_INT_RGB);
        //获得画板
        Graphics g = image.getGraphics();
        //填充一个矩形
        g.setColor(Color.RED);
        g.fillRect(0, 0, width, height);
        
        g.setColor(Color.WHITE);
        g.fillRect(1, 1, width-2, height-2);
        //设置字体
        g.setFont(new Font("宋体", Font.BOLD|Font.ITALIC, 25));
        //写随机字
        String code="";
        for(int i = 0 ; i < 4 ; i ++){
            // 设置颜色--随机数
            g.setColor(new Color(random.nextInt(255), random.nextInt(255), random.nextInt(255)));
            // 获得随机字
            int index = random.nextInt(data.length());
            String str = data.substring(index, index + 1);
            code += str;
            // 写入
            g.drawString(str, width / 6 * (i + 1), 20);
        }
        //利用会话跟踪技术,将验证码传入作用域,可以用于验证用户登录
        HttpSession session = request.getSession();
        session.setAttribute("code", code);

        //干扰线
        for(int i = 0 ; i < 3 ; i ++){
            // 设置颜色--随机数
            g.setColor(new Color(random.nextInt(255), random.nextInt(255), random.nextInt(255)));
            // 随机绘制先
            g.drawLine(random.nextInt(width), random.nextInt(height), random.nextInt(width),random.nextInt(height));
            // 随机点
            g.drawOval(random.nextInt(width), random.nextInt(height), 2, 2);
        }
        //将图片返回给浏览器
        ImageIO.write(image, "jpg", response.getOutputStream());
    }

}

4、网页调用

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
<script type="text/javascript">
    function checkcodeChange(){
        //最后加随机属性是为了刷新路径,不然不会重复刷新验证码
        document.getElementById("checkcode").src="check?test="+Math.random();
    }
</script>
</head>
<body>
<h1 style="color:red;">${error}</h1>
<form action="login" method="post">
    用户名:<input type="text" name="username"/><br/>&nbsp;&nbsp;&nbsp;码:<input type="text" name="password" /><br/>
    验证码:<input type="text" name="checkcode" size="4"/>
        <img src="check" onclick="checkcodeChange()"id="checkcode"/><br/>
    <input type="submit" value="提交"/>
</form>
</body>
</html>

5、登录验证代码

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.bean.User;


@WebServlet("/login")
public class LoginServlet extends HttpServlet {
   
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        this.doPost(request, response);
    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        response.setContentType("text/html;charset=utf-8");
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        String checkcode = request.getParameter("checkcode");
        
        
        HttpSession session = request.getSession();
        String code = (String)session.getAttribute("code");

        if(!checkcode.equalsIgnoreCase(code)) {
            session.setAttribute("error", "验证码错误");
            response.sendRedirect("login.html");
            return;
        }
        if ("root".equals(username) && "1234".equals(password)) {
            User user = new User(username, password);
            session.setAttribute("user", user);
            response.sendRedirect("aaa/main.jsp");
        } else {
            session.setAttribute("error", "账户名或密码错误");
            response.sendRedirect("login.html");
        }
        
    }

}        

 

posted on 2019-08-25 11:11  幸福的小耗子  阅读(349)  评论(0编辑  收藏  举报