现在很多网页登陆的时候都使用了随机图片的方式,是一种简单、有效的防止黑客恶意攻击的手段。今天看了一些网上的资料,明白其生成原理:从样本中,获取随机字符串,随机字符串保存进session,并以位图的方式形成随机码图片。
实现:
添加命名空间
using System.Drawing;
using System.Drawing.Imaging;
using System.Drawing.Drawing2D;
生成页代码
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Drawing;
using System.Drawing.Imaging;
using System.Drawing.Drawing2D;
public partial class getRandImg : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
//生成随机码图片
SetValidateCode();
//生成页面不保存到cache
Response.Cache.SetNoStore();
}
//设置验证码
private void SetValidateCode()
{
//新建位图
Bitmap newBitmap = new Bitmap(
71,
23,
PixelFormat.Format32bppArgb
);
//从位图获得绘图画面
Graphics g = Graphics.FromImage(newBitmap);
//随机数生成器
Random r = new Random();
//绘图画面清空
g.Clear(Color.White);
//绘图画面划线干扰
for (int i = 0; i < 50; i++)
{
int x1 = r.Next(newBitmap.Width);
int x2 = r.Next(newBitmap.Width);
int y1 = r.Next(newBitmap.Height);
int y2 = r.Next(newBitmap.Height);
g.DrawLine(new Pen(
Color.FromArgb(r.Next())),
x1,
y1,
x2,
y2
);
}
//绘图画面点数干扰
for (int i = 0; i < 100; i++)
{
int x = r.Next(newBitmap.Width);
int y = r.Next(newBitmap.Height);
newBitmap.SetPixel(
x,
y,
Color.FromArgb(r.Next())
);
}
//获得随机字符串(5位长度)
string value = GenerateRandom(5);
//随机字符串赋值给Session
Session["RandCode"] = value;
//定义图片显示字体样式
Font font = new Font(
"Arial",
14,
FontStyle.Bold
);
Random rr = new Random();
int yy = rr.Next(1, 4);
//定义随机字符串显示图片刷子
LinearGradientBrush brush = new LinearGradientBrush(
new Rectangle(0, 0, 71, 23),
Color.Red,
Color.Blue,
1.2f,
true
);
g.DrawString(value, font, brush, 2, yy);
g.DrawRectangle(new Pen(
Color.Silver),
0,
0,
70,
22
);
System.IO.MemoryStream ms = new System.IO.MemoryStream();
newBitmap.Save(ms, ImageFormat.Gif);
//输出图片
Response.ClearContent();
Response.ContentType = "image/gif";
Response.BinaryWrite(ms.ToArray());
}
//常量集
private static char[] constant ={
'0','1','2','3','4','5','6','7','8','9',
'a','b','c','d','e','f','g','h','i','j',
'k','l','m','n','o','p','q','r','s','t',
'u','v','w','x','y','z'
};
//生成随机字符串
public static string GenerateRandom(int Length)
{
System.Text.StringBuilder newRandom = new System.Text.StringBuilder(36);
Random rd = new Random();
for (int i = 0; i < Length; i++)
{
newRandom.Append(constant[rd.Next(36)]);
}
return newRandom.ToString();
}
}
使用随机图片的页面,IMAGE控件的写法如下:
<asp:Image ID="Image1" ImageUrl="~/getRandImg.aspx" runat="server" />
示例代码:http://www.cnblogs.com/Files/heekui/RandCode.rar
http://www.cnblogs.com/heekui/archive/2007/01/06/613609.html