请教关于验证码的原理

code.asp
<%
Option Explicit
Response.buffer=true
NumCode
Function NumCode()
Response.Expires = -1
Response.AddHeader "Pragma","no-cache"
Response.AddHeader "cache-ctrol","no-cache"
dim zNum,i,j
dim Ados,Ados1
Randomize timer
zNum = cint(8999*Rnd+1000)
Session("GetCode") = zNum
dim zimg(4),NStr
NStr=cstr(zNum)
For i=0 to 3
zimg(i)=cint(mid(NStr,i+1,1))
Next
dim Pos
set Ados=Server.CreateObject("Adodb.Stream")
Ados.Mode=3
Ados.Type=1
Ados.Open
set Ados1=Server.CreateObject("Adodb.Stream")
Ados1.Mode=3
Ados1.Type=1
Ados1.Open
Ados.LoadFromFile(Server.mappath("body.Fix"))
Ados1.write Ados.read(1280)
for i=0 to 3
Ados.Position=(9-zimg(i))*320
Ados1.Position=i*320
Ados1.write ados.read(320)
next
Ados.LoadFromFile(Server.mappath("head.fix"))
Pos=lenb(Ados.read())
Ados.Position=Pos
for i=0 to 9 step 1
for j=0 to 3
Ados1.Position=i*32+j*320
Ados.Position=Pos+30*j+i*120
Ados.write ados1.read(30)
next
next
Response.ContentType = "image/BMP"
Ados.Position=0
Response.BinaryWrite Ados.read()
Ados.Close:set Ados=nothing
Ados1.Close:set Ados1=nothing
End Function
' Asp code Created by BlueIdea.COM Web Team V37 2003-7-25
%>

解决方案 »

免费领取超大流量手机卡，每月29元包185G流量+100分钟通话, 中国电信官方发货

login.asp



<%
'==========================================
'
'  晓宇听幽新闻文章管理系统 2004
'
'  主页地址：http://www.xoYu.com
'
'==========================================
'程序名称：晓宇听幽新闻文章管理系统
'英文名称：xoYu News 2004 Professional
'程序创建时间：2003-7-10
'程序完成时间：2003-9-11
'最后修改时间：2003-10-10
'==========================================
'-----------------彩色验证码---------------------
'If request("GetCode")="" or isnull(request("GetCode")) then
' xoYuStudioLoginMgs="请输入您的验证码。"
'else
' if int(request("GetCode"))<>int(Session("GetCode")) then xoYuStudioLoginMgs="您的验证码不正确。"
'end if
'------------------------------------------------
xoYuStudioLoginTitle="用户登陆"
if request("xoYuStudioType")="logout" then
xoYuStudioLoginTitle="退出登陆"
xoYuStudioLoginMgs="成功:退出登陆成功!"
if Session("xoYuStudioAdminName")<>"" then
Session("xoYuStudioAdminName")  =""
Session("xoYuStudioAdminDj")=""
response.cookies("xoYuStudioUserSoftUrl")=""
end if
if request.cookies("xoYuStudioUserName")<>"" then
response.cookies("xoYuStudioUserName")  =""
response.cookies("xoYuStudioUserDj")=""
end if
elseif request("xoYuStudioType")="login" then
server_vv=len(Request.ServerVariables("SERVER_NAME"))
server_v1=left(Cstr(Request.ServerVariables("HTTP_REFERER")),server_vv)
server_v2=left(Cstr("http://"&Request.ServerVariables("SERVER_NAME")),server_vv)
if server_v1<>server_v2 or server_v1="" or server_v1="" then
response.write("<script>alert('错误：禁止从站点外部提交数据!.')</script>")
response.end
end if
  if request.form("user")<>"" and request.form("pwd")<>"" and request.form("getcode")<>"" then
user=replace(request("user")," ","+++ close")
  pwd=md5(replace(request("pwd")," ","+++ close"))
  set rs=server.createobject("adodb.recordset")
  rs.open "select * from UserInfo where user='"&user&"' and pwd='"&pwd&"'",conn,1,1
  thesoft=Request.ServerVariables("HTTP_USER_AGENT")
  if instr(thesoft,"Windows NT 5.0") then
vOS="Win 2000"
elseif instr(thesoft,"Windows NT 5.1") then
vOs="Win XP"
elseif instr(thesoft,"Windows NT") then
vOs="Win NT"
elseif instr(thesoft,"Windows 9") then
vOs="Win 9x"
elseif instr(thesoft,"unix") or instr(thesoft,"linux") or instr(thesoft,"SunOS") or instr(thesoft,"BSD") then
vOs="类Unix"
elseif instr(thesoft,"Mac") then
vOs="Mac"
else
vOs="Other"
end if
  if not rs.eof then
    if pwd=rs("pwd") and user=rs("user") and int(request("GetCode"))=int(Session("GetCode")) then
      xoYuStudioDj=rs("dj")
      if xoYuStudioDj=0 or xoYuStudioDj=1 or xoYuStudioDj=2 or xoYuStudioDj=3 or xoYuStudioDj=4 then
        if rs("lock")=1 then
          xoYuStudioLoginMgs="错误:帐号 "&user&" 已被锁定,你不能登陆!请联系站长。"
        else
          xoYuStudioLoginMgs="成功:帐号 "&user&" 登录成功!"
          if xoYuStudioDj=0 then SF="普通会员"
          if xoYuStudioDj=1 then SF="认证会员"
          if xoYuStudioDj=2 then SF="栏目管理员"
          if xoYuStudioDj=3 then SF="系统管理员"
          if xoYuStudioDj=4 then SF="超级管理员"
          response.cookies("xoYuStudioUserName")=rs("user")
          response.cookies("xoYuStudioUserDj")=rs("dj")
          if xoYuStudioDj=2 or xoYuStudioDj=3 or xoYuStudioDj=4 then
                      if rs("softurl")<>"" then
            response.cookies("xoYuStudioUserSoftUrl")=rs("softurl")
            end if
            Session("xoYuStudioAdminName")=rs("user")
            Session("xoYuStudioAdminDj")=rs("dj")
            Session("xoYuStudioAdminAdmin")=rs("admin")
            Session("xoYuType")=rs("type")
            UserId = rs("id")
  set rs1=Server.Createobject("adodb.recordset")
   sql1="Select * from Log"
   rs1.open sql1,conn,3,3
   rs1.addnew
   rs1("User")=rs("user")
   rs1("LoginIP")=request.ServerVariables("Remote_Addr")
   rs1("OS")=vOS
   rs1.update
   rs1.close
          end if
        end if
      else
xoYuStudioLoginMgs="错误:你的用户等级错误,不能登陆,请与站长联系!"
   set rs1=Server.Createobject("adodb.recordset")
   sql1="Select * from Log"
   rs1.open sql1,conn,3,3
   rs1.addnew
   rs1("User")=Request.Form("User")
   rs1("LoginIP")=request.ServerVariables("Remote_Addr")
   rs1("OS")=vOS
   rs1("ErrorPas")=Request.Form("pwd")
   rs1("Result")="Error"
   rs1.update
   rs1.close
      end if
    else
      xoYuStudioLoginMgs="错误:用户名|密码|验证码错误!"
   set rs1=Server.Createobject("adodb.recordset")
   sql1="Select * from Log"
   rs1.open sql1,conn,3,3
   rs1.addnew
   rs1("User")=Request.Form("User")
   rs1("LoginIP")=request.ServerVariables("Remote_Addr")
   rs1("OS")=vOS
   rs1("ErrorPas")=Request.Form("pwd")
   rs1("Result")="Error"
   rs1.update
   rs1.close
    end if
  else
    xoYuStudioLoginMgs="错误:用户名|密码|验证码错误!"
   set rs1=Server.Createobject("adodb.recordset")
   sql1="Select * from Log"
   rs1.open sql1,conn,3,3
   rs1.addnew
   rs1("User")=Request.Form("User")
   rs1("LoginIP")=request.ServerVariables("Remote_Addr")
   rs1("OS")=vOS
   rs1("ErrorPas")=Request.Form("pwd")
   rs1("Result")="Error"
   rs1.update
   rs1.close
  end if
  rs.close
  set rs=nothing
  conn.close
  set conn=nothing
  else
    xoYuStudioLoginMgs="错误:用户名|密码|验证码都不能为空!"
  end if
end if%>
<html><head>
<title><%=xoYuStudioLoginTitle%></title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<meta copy="程序制作：xoyu（QQ：5964887）www.xoyu.com">
<link rel="stylesheet" href="admin.css" type="text/css">
</head>
<body topmargin="10" leftmargin="0" bgcolor="#FFFFFF" text="#000000">
<form method="post" action="login.asp?xoYuStudioType=login" target="_top">
<div align="center">
<center>
<table border="0" class="tableBorder" cellpadding="2" cellspacing="1" width="600" align="center">
  <tr>
    <th class="tableHeaderText" colspan=2 height=25 width="592">晓宇听幽工作室“晓宇听幽新闻文章管理系统”管理登陆</th>  </tr>

<%if xoYuStudioLoginMgs<>"" then%>
  <tr>
    <td width="120" bgcolor="#FFFFFF">
    <p align="center"><img src="images/admin.jpg" border="0"></td>
    <td width="467" bgcolor="#FFFFFF">
    <font color="#FF0000">·</font><%=xoYuStudioLoginMgs%>
    <%if SF<>"" then%><br><font color="#FF0000">·</font>身份:<font color="#008080"><%=SF%></font><%
    if xoYuStudioDj="2" or xoYuStudioDj="3" or xoYuStudioDj="4"then%>
    <br><font color="#FF0000">·</font><a href="index.asp">进入系统管理中心</a><%else
    %><br><font color="#FF0000">·</font><a href="../">返回首页</a><%end if%>
    <br><font color="#FF0000">·</font><%if webuseredit="1" then%><a href="edit.asp"><%end if%>修改个人资料</a>
    <br><font color="#FF0000">·</font><a href="login.asp?xoYuStudioType=logout">退出登陆</a>
    <br><font color="#FF0000">·</font><a href="login.asp">重新登陆</a><%end if%></td>
  </tr>
<%else%>
  <tr>
    <td width="592" bgcolor="#FFFFFF" colspan="2">
    <table border="0" cellpadding="2" cellspacing="0" style="border-collapse: collapse" width="100%" height="68">
      <tr>
        <td width="50%" align="center" height="20">
        <p align="right">用户名<font color="#000000">(<span class="big">U</span>)</font>：<input name="user" maxlength="20" size="15"></td>
        <td width="50%" align="center" height="20">　</td>
      </tr>
      <tr>
        <td width="50%" align="center" height="20">
        <p align="right">密  码<font color="#000000">(<span class="big">P</span>)</font>：<input type="password" name="pwd" maxlength="20" size="15"></td>
        <td width="50%" align="center" height="20">　</td>
      </tr>
      <tr>
        <td width="64%" align="center" height="16">
        <p align="right">验证码<font color="#000000">(<span class="big">Y</span>)</font>：<input name="GetCode" maxlength="20" size="15"></td>
        <td width="36%" align="center" height="16">
        <img src="code.asp" width="38" height="10" align="left"></td>
      </tr>
      </table>
    </td>
  </tr>
  <tr>
    <td width="592" colspan="2">
    <p align="center"><input type="submit" name="Submit" value="登陆"> 
    <input type="button" name="Submit1" <%if webreg="1" then%>onclick="javascript:location.href='../reg.asp'"<%else%>disabled<%end if%> value="注册"></td>
  </tr>
<%end if%>
<tr>
    <td width="592" colspan="2">
    <p align="left">  说明：·晓宇听幽新闻文章管理系统属于“晓宇听幽工作室”版权所有<br>
        ·第一次使用请在登陆之后注册本系统，只有注册了之后才能拥有所有功能的使用权<br>
        ·目前系统版本：<%=version%> <%=edition%><br>
        ·官方支持网站：<font color="#FF0000"><a href="http://www.xoyu.com/">http://www.xoyu.com/</a></font></td>
  </tr>
<tr>
    <td width="592" colspan="2">
    <p align="center"><img border="0" src="../ads/ads.gif"></td>
  </tr>
</table>
</center>
</div>
</form>
</body>
</html>
来一个php的：----------authimg.php-----------
<?php
   /*
    *   Filename:    authimg.php
    *   Author:   hutuworm
    *   Date:   2003-04-28
    *   @Copyleft    hutuworm.org
    */    //生成验证码图片
        Header("Content-type: image/PNG");
        srand((double)microtime()*1000000);
        $im = imagecreate(58,28);
        $black = ImageColorAllocate($im, 0,0,0);
        $white = ImageColorAllocate($im, 255,255,255);
        $gray = ImageColorAllocate($im, 200,200,200);
        imagefill($im,0,0,$gray);    //将四位整数验证码绘入图片
        imagestring($im, 5, 10, 8, $HTTP_GET_VARS['authnum'], $black);         for($i=0;$i<50;$i++)   //加入干扰象素
        {
                imagesetpixel($im, rand()%70 , rand()%30 , $black);
        }         ImagePNG($im);
        ImageDestroy($im);
?>
－－－－－－－－－－authpage.php-----------
<?php
   /*
    *   Filename:    authpage.php
    *   Author:   hutuworm
    *   Date:   2003-04-28
    *   @Copyleft    hutuworm.org
    */     srand((double)microtime()*1000000);    //验证用户输入是否和验证码一致
        if(isset($HTTP_POST_VARS['authinput']))
        {
                if(strcmp($HTTP_POST_VARS['authnum'],$HTTP_POST_VARS['authinput'])==0)
                        echo "验证成功！";
                else
                        echo "验证失败！";
        }

   //生成新的四位整数验证码
        while(($authnum=rand()%10000)<1000);
    ?>
        <form action=authpage.php method=post>
        <table>
                请输入验证码：<input type=text name=authinput style="width: 80px"><br>
                <input type=submit name="验证" value="提交验证码">
                <input type=hidden name=authnum value=<? echo $authnum; ?>>
                <img src=authimg.php?authnum=<? echo $authnum; ?>>
        </table>
        </form>
自己到google搜索一下很多的，很多语言写的都有。
JSP的.
image.jsp
<%@ page contentType="image/jpeg"%>
<%@ page import="java.awt.*"%>
<%@ page import="java.awt.image.*"%>
<%@ page import="java.util.*"%>
<%@ page import="javax.imageio.*"%>
<%
//在内存中创建图象
int iWidth=130,iHeight=18;
BufferedImage image=new BufferedImage(iWidth,iHeight,BufferedImage.TYPE_INT_RGB);
//获取图形上下文
Graphics g=image.getGraphics();
//设定背景色
g.setColor(Color.white);
g.fillRect(0,0,iWidth,iHeight);
//画边框
g.setColor(Color.black);
g.drawRect(0,0,iWidth-1,iHeight-1);
//取随机产生的认证码(4位数字)
String rand=request.getParameter("Rand");
rand=rand.substring(0,rand.indexOf("."));
switch(rand.length())
{
case 1:rand="000"+rand;break;
case 2:rand="00"+rand;break;
case 3:rand="0"+rand;break;
default:rand=rand.substring(0,4);break;
}
//将认证码存入SESSION
session.setAttribute("Rand",rand);
//将认证码显示到图象中
g.setColor(Color.black);
g.setFont(new Font("Times New Roman",Font.PLAIN,18));
g.drawString(rand,10,15);
//随机产生88个干扰点,使图象中的认证码不易被其它程序探测到
Random random=new Random();
for(int iIndex=0;iIndex<88;iIndex++)
{
int x=random.nextInt(iWidth);
int y=random.nextInt(iHeight);
g.drawLine(x,y,x,y);
}
//图象生效
g.dispose();
//输出图象到页面
ImageIO.write(image,"JPEG",response.getOutputStream());
%>
Index.jsp
<form action="/Login.jsp" method="post" name="Login">
  会员名称: <input name="UserName" size="10"><br>
  会员密码: <input name="Password" size="10" type="password"><br> 
<script>document.write("<img border=0 src='/image.jsp?Rand="+Math.random()*10000+"'>");</script><br>
  输认证码: <input name="Rand" maxlength=4 size="10"><br>
<hr size="1" color="#FFFFFF" width="90%">
<%if((String)session.getValue("UserID")!=null){%>
            <input type="submit" value="注销" id="Submit0" name="Submit0">
            <input type="button" value="邮箱" id="MailBox" name="MailBox" onclick="window.open('Http://mail.***.***/','','')">
<script>
window.open('','','width=300 height=250 top=0 left=0');
</script>
<%}else{%>
             
            <input type="submit" value="登录" id="Submit1" name="Submit1">
    <input type="button" value="注册" id="Reg" name="Reg" onclick="window.location.href='';">
<%}%>
            </form>
Login.jsp
<%
String Rand=request.getParameter("Rand");
String strRand=(String)session.getAttribute("Rand");
if(!strRand.equals(Rand))//判断验证码
{
session.putValue("UserID",null);
}
response.sendRedirect("/Index.jsp");
%>