下面这一个投票网页看到看代码,是不是有很大漏洞,要作弊的话怎么样可以做到?<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1"><meta http-equiv="Expires" content="0" /><meta http-equiv="Cache-Control" content="no-cache" /><meta http-equiv="Pragma" content="no-cache" />
<base target="_self">
<title>
投票
</title>
<style>
body{margin:0;padding:0; font:12px; font-family:"宋体";}
td{font:12px; font-family:"宋体";}
</style>
<link href="../App_Themes/Default/Default.css" type="text/css" rel="stylesheet" /></head><script type="text/javascript" language="javascript">function msg()
{
var changenumber=Math.floor(Math.random()*9000+1000);
document.getElementById('temp').innerHTML=changenumber;
}function check(){
if(form1.text.value.length==0 )
{
alert("请输入验证码")
form1.text.focus()
return false
}if(form1.text.value!=document.getElementById('temp').innerHTML)
{
alert("请输入正确的验证码!")
form1.text.focus()
return false
}
}
</script><body onload="msg()">
<form name="form1" method="post" action="Vote.aspx?Type=User&AppID=11283&Region" id="form1">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE3MzA3MzQxNDJkZO25T0Kxywa6HFiPJkMikNuFrmVN" />
</div><script type="text/javascript">
//<![CDATA[
var theForm = document.forms['form1'];
if (!theForm) {
theForm = document.form1;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>
<div>
<table width="377" border="0" cellspacing="0" cellpadding="0" style="margin:10px;">
<tr>
<td><table width="377" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><img src="/images/toupiao_t.gif" width="377" height="11" /></td>
</tr>
</table>
<table width="377" border="0" cellpadding="0" cellspacing="0" background="/images/toupiao_bg.gif">
<tr>
<td style="padding:4px 22px;"><table width="100%" border="0" cellspacing="0" cellpadding="4">
<tr>
<td width="23%">验证码:</td>
<td width="77%"><input type="text" size="10" name="text">
<span id="temp" style="color:Red;"></span></td>
</tr>
<tr>
<td>姓名:</td>
<td><input name="txtName" type="text" id="txtName" /></td>
</tr>
<tr>
<td>手机号码:</td>
<td><input name="txtMobile" type="text" id="txtMobile" /></td>
</tr>
<tr>
<td>EMAIL:</td>
<td><input name="txtEmail" type="text" id="txtEmail" /></td>
</tr>
<tr>
<td colspan="2" style="padding-left:60px; color:#FF6600;"><strong>填写用户信息可参加抽奖!</strong></td>
</tr>
<tr>
<td colspan="2" style="padding-left:80px;"><input name="Button1" type="submit" id="Button1" value="提 交" onclick="return check();" style="background: url(../images/index/tijiao.gif); height: 31px; width: 96px; color: #fff;font-weight:bold; font-size: 16px;border:0;" /></td>
</tr>
</table></td>
</tr>
</table>
<table width="377" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><img src="/images/toupiao_b.gif" width="377" height="11" /></td>
</tr>
</table></td>
</tr>
</table>
</form>
<script src="http://20.it.com.cn/js/jsq.js"></script>
</body>
</html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1"><meta http-equiv="Expires" content="0" /><meta http-equiv="Cache-Control" content="no-cache" /><meta http-equiv="Pragma" content="no-cache" />
<base target="_self">
<title>
投票
</title>
<style>
body{margin:0;padding:0; font:12px; font-family:"宋体";}
td{font:12px; font-family:"宋体";}
</style>
<link href="../App_Themes/Default/Default.css" type="text/css" rel="stylesheet" /></head><script type="text/javascript" language="javascript">function msg()
{
var changenumber=Math.floor(Math.random()*9000+1000);
document.getElementById('temp').innerHTML=changenumber;
}function check(){
if(form1.text.value.length==0 )
{
alert("请输入验证码")
form1.text.focus()
return false
}if(form1.text.value!=document.getElementById('temp').innerHTML)
{
alert("请输入正确的验证码!")
form1.text.focus()
return false
}
}
</script><body onload="msg()">
<form name="form1" method="post" action="Vote.aspx?Type=User&AppID=11283&Region" id="form1">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE3MzA3MzQxNDJkZO25T0Kxywa6HFiPJkMikNuFrmVN" />
</div><script type="text/javascript">
//<![CDATA[
var theForm = document.forms['form1'];
if (!theForm) {
theForm = document.form1;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>
<div>
<table width="377" border="0" cellspacing="0" cellpadding="0" style="margin:10px;">
<tr>
<td><table width="377" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><img src="/images/toupiao_t.gif" width="377" height="11" /></td>
</tr>
</table>
<table width="377" border="0" cellpadding="0" cellspacing="0" background="/images/toupiao_bg.gif">
<tr>
<td style="padding:4px 22px;"><table width="100%" border="0" cellspacing="0" cellpadding="4">
<tr>
<td width="23%">验证码:</td>
<td width="77%"><input type="text" size="10" name="text">
<span id="temp" style="color:Red;"></span></td>
</tr>
<tr>
<td>姓名:</td>
<td><input name="txtName" type="text" id="txtName" /></td>
</tr>
<tr>
<td>手机号码:</td>
<td><input name="txtMobile" type="text" id="txtMobile" /></td>
</tr>
<tr>
<td>EMAIL:</td>
<td><input name="txtEmail" type="text" id="txtEmail" /></td>
</tr>
<tr>
<td colspan="2" style="padding-left:60px; color:#FF6600;"><strong>填写用户信息可参加抽奖!</strong></td>
</tr>
<tr>
<td colspan="2" style="padding-left:80px;"><input name="Button1" type="submit" id="Button1" value="提 交" onclick="return check();" style="background: url(../images/index/tijiao.gif); height: 31px; width: 96px; color: #fff;font-weight:bold; font-size: 16px;border:0;" /></td>
</tr>
</table></td>
</tr>
</table>
<table width="377" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><img src="/images/toupiao_b.gif" width="377" height="11" /></td>
</tr>
</table></td>
</tr>
</table>
</form>
<script src="http://20.it.com.cn/js/jsq.js"></script>
</body>
</html>
从代码上看好像验证码只在客户端验证了一下,不是可以完全不管这个验证码就投票呢?