现在很多网页登陆的时候都使用了随机图片的方式,是一种简单、有效的防止黑客恶意攻击的手段。今天看了一些网上的资料,明白其生成原理:从样本中,获取随机字符串,随机字符串保存进session,并以位图的方式形成随机码图片。
实现:
添加命名空间
using Sy***m.Drawing;
using Sy***m.Drawing.Imaging;
using Sy***m.Drawing.Drawing2D;
生成页代码
using System;
using Sy***m.Data;
using Sy***m.Configuration;
using Sy***m.Collections;
using Sy***m.Web;
using Sy***m.Web.Security;
using Sy***m.Web.UI;
using Sy***m.Web.UI.WebControls;
using Sy***m.Web.UI.WebControls.WebParts;
using Sy***m.Web.UI.HtmlControls;
using Sy***m.Drawing;
using Sy***m.Drawing.Imaging;
using Sy***m.Drawing.Drawing2D;
public partial class getRandImg : Sy***m.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
//生成随机码图片
SetValidateCode();
//生成页面不保存到cache
Re***nse.Cache.SetNoStore();
}
//设置验证码
private void SetValidateCode()
{
//新建位图
Bitmap newBitmap = new Bitmap(
71,
23,
Pi***Format.Format32bppArgb
);
//从位图获得绘图画面
Graphics g = Gr***ics.FromImage(newBitmap);
//随机数生成器
Random r = new Random();
//绘图画面清空
g.Clear(Co***.White);
//绘图画面划线干扰
for (int i = 0; i < 50; i++)
{
int x1 = r.Next(ne***tmap.Width);
int x2 = r.Next(ne***tmap.Width);
int y1 = r.Next(ne***tmap.Height);
int y2 = r.Next(ne***tmap.Height);
g.***wLine(new Pen(
Co***.FromArgb(r.Next())),
x1,
y1,
x2,
y2
);
}
//绘图画面点数干扰
for (int i = 0; i < 100; i++)
{
int x = r.Next(ne***tmap.Width);
int y = r.Next(ne***tmap.Height);
ne***tmap.SetPixel(
x,
y,
Co***.FromArgb(r.Next())
);
}
//获得随机字符串(5位长度)
string value = GenerateRandom(5);
//随机字符串赋值给Session
Session["RandCode"] = value;
//定义图片显示字体样式
Font font = new Font(
"Arial",
14,
Fo***tyle.Bold
);
Random rr = new Random();
int yy = rr.Next(1, 4);
//定义随机字符串显示图片刷子
LinearGradientBrush brush = new LinearGradientBrush(
new Rectangle(0, 0, 71, 23),
Co***.Red,
Co***.Blue,
1.2f,
true
);
g.***wString(value, font, brush, 2, yy);
g.***wRectangle(new Pen(
Co***.Silver),
0,
0,
70,
22
);
Sy***m.IO.MemoryStream ms = new Sy***m.IO.MemoryStream();
ne***tmap.Save(ms, Im***Format.Gif);
//输出图片
Re***nse.ClearContent();
Re***nse.ContentType = "image/gif";
Re***nse.BinaryWrite(ms***Array());
}
//常量集
private static char[] constant ={
'0','1','2','3','4','5','6','7','8','9',
'a','b','c','d','e','f','g','h','i','j',
'k','l','m','n','o','p','q','r','s','t',
'u','v','w','x','y','z'
};
//生成随机字符串
public static string GenerateRandom(int Length)
{
Sy***m.Text.StringBuilder newRandom = new Sy***m.Text.StringBuilder(36);
Random rd = new Random();
for (int i = 0; i < Length; i++)
{
ne***ndom.Append(constant[rd.Next(36)]);
}
return ne***ndom.ToString();
}
}
使用随机图片的页面,IMAGE控件的写法如下:
下一篇: 浅谈DotNet 保护中的字符串加密技术