大家对于验证码都很熟悉了,几乎每天都会和它打交道,如注册、登录,论坛回帖等。可以说验证码与我们广大网民的生活工作息息相关。当我们在输入验证码时有人可能会觉得麻烦,虽然验证码让我们有一点小小的麻烦,但是它给我们带来了很大的好处。它可以防止利用恶意程序批量注册、发帖、灌水还能有效的防止黑客暴力破解密码。验证码虽然一般只有简单的几个字符,但是它的作用着实不小啊!下面我们就一起看看如何实现网站中的验证码。
下图为一个含有字母跟数字的简单验证码:
下面我们就来看看它们是如何产生的:
用一般处理程序生成验证码
using System; using System.Web; using System.Drawing; using System.Drawing.Drawing2D; using System.Web.SessionState; namespace Web.handler { /// <summary> /// WaterMark 的摘要说明 /// </summary> public class WaterMark : IHttpHandler, IRequiresSessionState // 要使用session必须实现该接口,记得要导入System.Web.SessionState命名空间 { public void ProcessRequest(HttpContext context) { string checkCode = GenCode(5); // 产生5位随机字符 context.Session["Code"] = checkCode; //将字符串保存到Session中,以便需要时进行验证 System.Drawing.Bitmap image = new System.Drawing.Bitmap(70, 22); Graphics g = Graphics.FromImage(image); try { //生成随机生成器 Random random = new Random(); //清空图片背景色 g.Clear(Color.White); // 画图片的背景噪音线 int i; for (i = 0; i < 25; i++) { int x1 = random.Next(image.Width); int x2 = random.Next(image.Width); int y1 = random.Next(image.Height); int y2 = random.Next(image.Height); g.DrawLine(new Pen(Color.Silver), x1, y1, x2, y2); } Font font = new System.Drawing.Font("Arial", 12, (System.Drawing.FontStyle.Bold)); System.Drawing.Drawing2D.LinearGradientBrush brush = new System.Drawing.Drawing2D.LinearGradientBrush(new Rectangle(0, 0, image.Width, image.Height), Color.Blue, Color.DarkRed, 1.2F, true); g.DrawString(checkCode, font, brush, 2, 2); //画图片的前景噪音点 g.DrawRectangle(new Pen(Color.Silver), 0, 0, image.Width - 1, image.Height - 1); System.IO.MemoryStream ms = new System.IO.MemoryStream(); image.Save(ms, System.Drawing.Imaging.ImageFormat.Gif); context.Response.ClearContent(); context.Response.ContentType = "image/Gif"; context.Response.BinaryWrite(ms.ToArray()); } finally { g.Dispose(); image.Dispose(); } } /// <summary> /// 产生随机字符串 /// </summary> /// <param name="num">随机出几个字符</param> /// <returns>随机出的字符串</returns> private string GenCode(int num) { //验证码中出现的字符 string str = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";//str中的值就是将来会在验证码中出现的字符 char[] chastr = str.ToCharArray(); string code = ""; Random rd = new Random(); int i; for (i = 0; i < num; i++) { //code += source[rd.Next(0, source.Length)]; code += str.Substring(rd.Next(0, str.Length), 1); } return code; } public bool IsReusable { get { return false; } } } }
刷新验证码的HTML及Javascript代码:
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Login.aspx.cs" Inherits="nwessystem.Login" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head runat="server"> <title>登录窗体</title> <link href="../css/login.css" rel="stylesheet" type="text/css" /> <script language="javascript" type="text/javascript"> //刷新验证码的js函数 function changeCode() { var imgNode = document.getElementById("vimg"); //重新加载验证码,达到刷新的目的 imgNode.src = "../handler/WaterMark.ashx?t=" + (new Date()).valueOf(); // 这里加个时间的参数是为了防止浏览器缓存的问题 } </script> </head> <body> <p>验证码:<img src="../handler/WaterMark.ashx" id="vimg" alt="点击刷新验证码" onclick="changeCode() " /><asp:TextBox ID="txtCode" runat="server" CssClass="txtcode"></asp:TextBox></p> </body> </html>
登录时判断验证码是否正确
using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.UI; using System.Web.UI.WebControls; using BLL; namespace nwessystem { public partial class Login : System.Web.UI.Page { protected void btnLogin_Click(object sender, EventArgs e) { //检验验证码部分 string code = txtCode.Text.Trim().ToUpper(); string rightCode = Session["Code"].ToString(); //判断验证码是否正确 if (code != rightCode) { //验证码输入错误! Page.ClientScript.RegisterStartupScript(Page.GetType(), "message", "<script language='javascript' defer>alert('验证码错误!');</script>"); return; } //检验用户名和密码部分 string name=txtName.Text.Trim(); string pwd=txtPassword.Text.Trim(); bool b = LoginManager.Login(name, pwd); if (b) { //登录成功 Page.ClientScript.RegisterStartupScript(Page.GetType(), "message", "<script language='javascript' defer>alert('登录成功!');</script>"); } else { //登录失败 Page.ClientScript.RegisterStartupScript(Page.GetType(), "message", "<script language='javascript' defer>alert('登录失败,用户名或密码错误!');</script>"); } } } }
好了,通过上面简单的代码就可以实现验证码的生成与验证了。代码里注释很详细了,相信不用我再写多余的说明,大家也都可以看懂。如果还是不懂欢迎在下方留言。博客水平有限,希望各位多多指正!