图片验证码作用分析:(人机交互)
项目思路:
1.将login.jsp页面和CodeServlet进行连接,产生相关的图片验证码,并返回图片到login.jsp页面
2.在LoginServlet.java中进行判定(session保存的图片验证码和login.jsp输入的checkCode)判断是否相等
相关源码:
package com.servlet; import java.awt.Color; import java.awt.Font; import java.awt.Graphics; import java.awt.image.BufferedImage; import java.io.IOException; import java.util.Random; import javax.imageio.ImageIO; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * Servlet implementation class CodeServlet */ @WebServlet("/CodeServlet") public class CodeServlet extends HttpServlet { /** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // TODO Auto-generated method stub //response.getWriter().append("Served at: ").append(request.getContextPath()); int length=100; int height=20; //1.创建一对象,验证码图片对象 BufferedImage image = new BufferedImage(length, height, BufferedImage.TYPE_INT_RGB); //2.美化图片,填充背景色 Graphics gra = image.getGraphics(); //设置背景填充颜色 gra.setColor(Color.white);//设置填充颜色 gra.fillRect(0,0,length,height);//设置填充范围 //设置字体、加粗、斜体、大小 gra.setFont(new Font("微软雅黑",Font.BOLD,20)); //设置字体的随机颜色数组 Color[] colors= new Color[]{Color.BLUE,Color.GREEN,Color.RED}; //创建要出现的验证码字符串 String str="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890"; Random random = new Random(); for (int i = 1; i <=4; i++) { //生成随机角标索引 int index = random.nextInt(str.length()); //获取随机字符 char c = str.charAt(index); //设置随机字符的字体随机颜色 gra.setColor(colors[random.nextInt(colors.length)]); //写验证码,以及验证码应该出现的位置 gra.drawString(c+" ",i*15+5,20); } //画2条干扰线,防止被别人破解 for (int i = 1; i <=2 ; i++) { //随机生成x1点和x2点的横坐标位置 int x1 = random.nextInt(length); int x2 = random.nextInt(length); //随机生成y1点和y2点的纵坐标位置 int y1 = random.nextInt(height); int y2 = random.nextInt(height); //画干扰线,设置随机颜色 gra.setColor(colors[random.nextInt(colors.length)]); gra.drawLine(x1,y1,x2,y2); } //将图片输出到页面展示 ImageIO.write(image,"jpg",response.getOutputStream()); response.getOutputStream().flush(); response.getOutputStream().close(); } /** * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */ protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // TODO Auto-generated method stub doGet(request, response); } }
在CodeServlet.java的doGet函数中增添以下代码,将随机产生的验证码保存到session,以便在LoginServlet.java中进行判断
package com.servlet; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import com.bean.Author; import com.dao.AuthorDao; /** * Servlet implementation class LoginServlet */ @WebServlet("/LoginServlet") public class LoginServlet extends HttpServlet { private static final long serialVersionUID = 1L; /** * @see HttpServlet#HttpServlet() */ public LoginServlet() { super(); // TODO Auto-generated constructor stub } /** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // TODO Auto-generated method stub //response.getWriter().append("Served at: ").append(request.getContextPath()); //内置对象request response 内置对象 request.setCharacterEncoding("UTF-8"); //获取session HttpSession session=request.getSession(); //获取用户输入的验证码 String checkCode=request.getParameter("checkCode"); //获取session中的验证码 String sessionCode=(String)session.getAttribute("sessionCode"); System.out.println("session"+sessionCode); System.out.println("checkCode中"+checkCode); //校验验证码是否正确 if(checkCode.equals(sessionCode)) { //接受用户提交的表单数据 //request对象只对当前数据请求有效,刷新之后,数据丢失 String username=request.getParameter("username"); String password=request.getParameter("password"); //判断用户名和密码是否正确 //查询数据库获取数据信息 AuthorDao dao=new AuthorDao(); Author author=dao.CheckLogin(username,password); if(author!=null) { //session.setAttribute("username",username); //session.setAttribute("password",password); session.setAttribute("author", author); session.setMaxInactiveInterval(5);//若里面的数值为零或者负值的时候,表示session里面的数值永远有效; //若里面的数值为正的时候表示session的有效时间,单位为秒 response.sendRedirect("userinfo.jsp"); }else { response.sendRedirect("login.jsp"); } }else { //验证码不对 request.setAttribute("error_code", "验证码不匹配"); request.getRequestDispatcher("login.jsp").forward(request,response); } } /** * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */ protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // TODO Auto-generated method stub doGet(request, response); } }
login.jsp:
运行截图:
遇到的问题:
1.出现的错误:session中保存的验证码和用户输入的checkcode数值不一样,不同步,session中保存的是当前更新完之后的验证码
问题的解决:session中的数值名写错,导致session中的数值更新不及时
解决问题花费的时间:2min