Reprinted from: https://www.cnblogs.com/nanyangke-cjz/p/7049281.html
We all know that in order to prevent our website from being maliciously attacked by some people and hackers, such as the registration page of our website, if we do not add a verification code box when users register, others can write a script to perform operations on your website. Malicious registration, such as registering your website n times per minute, then your website will be attacked and crashed. When we add the verification code, when others write the script, they must first identify your verification code, but it is not so easy to identify the content in the image verification code, which can effectively prevent our website from being malicious. registration attack. Without further ado, let's go directly to the code.
A tool class for generating verification codes and verification code pictures
1 package com.utils; 2 3 import java.awt.Color; 4 import java.awt.Font; 5 import java.awt.Graphics; 6 import java.awt.image.BufferedImage; 7 import java.awt.image.RenderedImage; 8 import java.io.FileOutputStream; 9 import java.io.OutputStream; 10 import java.util.HashMap; 11 import java.util.Map; 12 import java.util.Random; 13 14 import javax.imageio.ImageIO; 15 16 public class CodeUtil { 17 private static int width = 90;// Define the width of the picture 18 private static int height = 20;// Define the height of the picture 19 private static int codeCount = 4;// Define the number of verification codes displayed on the picture 20 private static int xx = 15; 21 private static int fontHeight = 18; 22 private static int codeY = 16; 23 private static char[] codeSequence = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 24 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9' }; 25 26 /** 27 * Generate a map collection 28 * code is the generated verification code 29 * codePic is the generated verification code BufferedImage object 30 * @return 31 */ 32 public static Map<String,Object> generateCodeAndPic() { 33 // Define the image buffer 34 BufferedImage buffImg = new BufferedImage(width, height, BufferedImage.TYPE_INT_RGB); 35 // Graphics2D gd = buffImg.createGraphics(); 36 // Graphics2D gd = (Graphics2D) buffImg.getGraphics(); 37 Graphics gd = buffImg.getGraphics(); 38 // Create a random number generator class 39 Random random = new Random(); 40 // fill the image with white 41 gd.setColor(Color.WHITE); 42 gd.fillRect(0, 0, width, height); 43 44 // Create a font, the size of the font should be determined according to the height of the image. 45 Font font = new Font("Fixedsys", Font.BOLD, fontHeight); 46 // Set the font. 47 gd.setFont(font); 48 49 // Draw the border. 50 gd.setColor(Color.BLACK); 51 gd.drawRect(0, 0, width - 1, height - 1); 52 53 // Generate 40 interference lines randomly, so that the authentication code in the image is not easy to be detected by other programs. 54 gd.setColor(Color.BLACK); 55 for (int i = 0; i < 30; i++) { 56 int x = random.nextInt(width); 57 int y = random.nextInt(height); 58 int xl = random.nextInt(12); 59 int yl = random.nextInt(12); 60 gd.drawLine(x, y, x + xl, y + yl); 61 } 62 63 // randomCode is used to save the randomly generated verification code for verification after the user logs in. 64 StringBuffer randomCode = new StringBuffer(); 65 int red = 0, green = 0, blue = 0; 66 67 // Randomly generate a verification code of codeCount numbers. 68 for (int i = 0; i < codeCount; i++) { 69 // Get the randomly generated verification code number. 70 String code = String.valueOf(codeSequence[random.nextInt(36)]); 71 // Generate random color components to construct the color value, so that the color value of each digit output will be different. 72 red = random.nextInt(255); 73 green = random.nextInt(255); 74 blue = random.nextInt(255); 75 76 // Draw the captcha into the image with a randomly generated color. 77 gd.setColor(new Color(red, green, blue)); 78 gd.drawString(code, (i + 1) * xx, codeY); 79 80 // Combine the four random numbers generated. 81 randomCode.append(code); 82 } 83 Map<String,Object> map =new HashMap<String,Object>(); 84 //Store verification code 85 map.put("code", randomCode); 86 //Store the generated verification code BufferedImage object 87 map.put("codePic", buffImg); 88 return map; 89 } 90 91 public static void main(String[] args) throws Exception { 92 //Create a file output stream object 93 OutputStream out = new FileOutputStream("D://img/"+System.currentTimeMillis()+".jpg"); 94 Map<String,Object> map = CodeUtil.generateCodeAndPic(); 95 ImageIO.write((RenderedImage) map.get("codePic"), "jpeg", out); 96 System.out.println("The value of the verification code is: "+map.get("code")); 97 } 98 }
Next is an application demo using jsp and servlet
1.jsp page code
1 <%@ page language="java" contentType="text/html; charset=UTF-8" 2 pageEncoding="UTF-8"%> 3 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 4 <html> 5 <head> 6 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 7 <title>Captcha page</title> 8 <script type="text/javascript" 9 src="${pageContext.request.contextPath}/js/jquery.min.js"></script> 10 </head> 11 <body> 12 <form action="${pageContext.request.contextPath}/checkCode" method="post"> 13 Please enter the verification code: <input type="text" name="code" style="width: 80px;" /> <img id="imgObj" alt="Verification Code" 14 src="${pageContext.request.contextPath}/getCode"><a href="#" onclick="changeImg()">换一张</a><br/> <input 15 type="submit" value="提交" /> 16 </form> 17 18 </body> 19 <script type="text/javascript"> 20 $(function() { 21 22 }); 23 24 function changeImg() { 25 var imgSrc = $("#imgObj"); 26 var src = imgSrc.attr("src"); 27 imgSrc.attr("src", chgUrl(src)); 28 } 29 30 // timestamp 31 // In order to make the image generated each time inconsistent, that is, to prevent the browser from reading the cache, it is necessary to add a timestamp 32 function chgUrl(url) { 33 var timestamp = (new Date()).valueOf(); 34 url = url.substring(0, 20); 35 if ((url.indexOf("&") >= 0)) { 36 url = url + "×tamp=" + timestamp; 37 } else { 38 url = url + "?timestamp=" + timestamp; 39 } 40 return url; 41 } 42 43 </script> 44 </html>
2. The servlet that generates the verification code in the background
package com.code; import java.awt.image.RenderedImage; import java.io.IOException; import java.util.Map; import javax.imageio.ImageIO; import javax.servlet.ServletException; import javax.servlet.ServletOutputStream; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import com.utils.CodeUtil; /** * Servlet implementation class CodeServlet */ @WebServlet("/getCode") public class CodeServlet extends HttpServlet { private static final long serialVersionUID = 1L; protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { // Call the verification code and verification code image generated by the tool class Map<String, Object> codeMap = CodeUtil.generateCodeAndPic(); // Save the four-digit verification code to the Session. HttpSession session = req.getSession(); session.setAttribute("code", codeMap.get("code").toString()); // Disable image caching. resp.setHeader("Pragma", "no-cache"); resp.setHeader("Cache-Control", "no-cache"); resp.setDateHeader("Expires", -1); resp.setContentType("image/jpeg"); // Output the image to the servlet output stream. ServletOutputStream sos; try { sos = resp.getOutputStream(); ImageIO.write((RenderedImage) codeMap.get("codePic"), "jpeg", sos); sos.close(); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace (); } } }
3. The servlet that checks the verification code
package com.code; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; @WebServlet("/checkCode") public class CheckCode extends HttpServlet { private static final long serialVersionUID = 1L; protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String code = request.getParameter("code"); // Verify verification code String sessionCode = request.getSession().getAttribute("code").toString(); if (code != null && !"".equals(code) && sessionCode != null && !"".equals(sessionCode)) { if (code.equalsIgnoreCase(sessionCode)) { response.getWriter().println("Verified!"); } else { response.getWriter().println("Validation failed!"); } } else { response.getWriter().println("Validation failed!"); } } }