Talk about the verification code in PHP in those years, PHP verification code_PHP tutorial

Talk about the verification code in PHP in those years, PHP verification code

Verification code is already a very basic knowledge point in the website now, the existence of verification code It can prevent malicious cracking of passwords, ticket fraud, and water injection, and can effectively prevent violent cracking of specific users.

Now let’s learn about the awesome verification codes in PHP in those years.

First, take the four-digit verification code as an example (the same principle applies to multiple-digit verification codes).

At present, most websites still use static image verification codes, because it is simple and convenient to implement and does not require strong skills. Of course, this is also the basis. The principle is to use PHP's drawing function to draw text into a picture and return it to the page . Therefore, there are only three steps to solve the problem:

Of course, PHP does not enable the drawing function by default, so first enable the drawing function in the php.ini configuration file: search for ;extension=php_gd2.dll and remove the preceding semicolon. (Remember to save it!)

According to the first point, everyone should first think of digital verification codes, because it is easy, just randomly generate a few numbers, and then put them together, it looks like Jiang Zi!

1 $validateCode = ''; 2 for ($i = 0; $i < 4; $i + +) { 3 $validateCode .= rand(0, 9); 4 } 5 echo $validateCode; View Code

Then think about it carefully. Today’s website verification codes all have letters, but this thing doesn’t have letters. What’s wrong? Then I thought, just convert the above thing into hexadecimal.

1 $validateCode = ''; 2 for ($i = 0; $i < 4; $i + +) { 3 $validateCode .= dechex(rand(0, 16)); 4 } 5 echo $validateCode; View Code

It seems a bit too clever, but think about it, there are a few letters, but there are only a, b, c, d, e, f. So what if you need all the letters? Haha, when I think about it, I just think of listing all the letters and numbers in a string, and then using random subscripts to
to randomly get the corresponding value, which is what it looks like:

1 $validateCode = ''; 2 $str = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890'; 3 for ($i = 0; $i < 4; $i + +) { 4 $validateCode .= $str[rand(0, strlen( $str))]; 5 } 6 echo $validateCode; View Code

Haha, it finally looks like the random number in the verification code, but when I see the method below, I am always confused:

<span>echo</span> <span>substr</span>(<span>str_shuffle</span>('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890'), 0, 4);

The str_shuffle method scrambles the string content, and substr($str, 0, 4) gets the first four numbers. This is absolutely no problem! However, if you look carefully, you can see that the content in such verification codes will not be repeated.

The above verification code is generated, and then the verification code will be drawn using PHP.

1 $validateCode = substr(str_shuffle('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890') , 0, 4) ; 2 3 // Create an image with a width of 110px and a height of 25px 4 $img = imagecreatetruecolor(110, 25); 5 // Set the background color of the picture to black, and the color values ​​correspond to RGB 6 $bgcolor = imagecolorallocate($img, 0, 0, 0); 7 8 // Create white 9 $white = imagecolorallocate($img, 255, 255, 255); 10 11 // Add text to the picture. The second parameter is the size of the text, which can only be between 1 and 5. The third parameter is the x coordinate, the 4th The first parameter is the y coordinate, the fifth parameter is the content of the text, and the sixth parameter is the color of the text 12 imagestring($img, rand(3, 5), rand(0, 80), rand(2, 10), $validateCode, $white); 13 14 // Add text to the picture. The second parameter is the size of the text, which can only be between 1 and 5. The third parameter is the x coordinate, the 4th The first parameter is the y coordinate, the fifth parameter is the content of the text, and the sixth parameter is the color of the text 15 imagestring($img, rand(3, 5), rand(0, 80), rand(2, 10), $validateCode, $white); View Code

　

Of course, in this case, the verification code will be easy to recognize. It is just white text on a black background. To make it more difficult, we will add a few more lines superimposed on the verification code.

1 $validateCode = substr(str_shuffle('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890') , 0, 4) ; 2 3 // Create an image with a width of 110px and a height of 25px 4 $img = imagecreatetruecolor(110, 25); 5 // Set the background color of the picture to black, and the color values ​​correspond to RGB 6 $bgcolor = imagecolorallocate($img, 0, 0, 0); 7 // imagefill($img, 10, 10, $bgcolor); 8 9 // Create white 10 $white = imagecolorallocate($img, 255, 255, 255); 11 12 for ($i = 0; $i < 30; $i ++) { 13 // Draw a line on the picture, where the second parameter represents the x starting coordinate of the line, and the third parameter represents the y starting coordinate of the line Coordinates, the 4th parameter represents the end coordinate of x, the 5th parameter represents the end coordinate of y, the 6th parameter represents the color, a random color is generated here 14 imageline($img, rand(0, 110), rand(0, 50), rand(0, 110), rand(0, 50), imagecolorallocate($img, rand(0, 255), rand(0, 255), rand(0, 255))); 15 } 16 17 // Add text in the picture. The second parameter is the size of the text, which can only be between 1 and 5. The third parameter is the x coordinate, the 4th The first parameter is the y coordinate, the fifth parameter is the content of the text, and the sixth parameter is the color of the text 18 imagestring($img, rand(3, 5), rand(0, 80), rand(2, 10), $validateCode, $white); 19 20 // Return to picture 21 header('Content-type: image/png'); 22 imagepng($img); View Code

The result is like this. Of course, if you want to implement the verification code, this is not enough. You need to save the random number generated by the verification code into the server's session, $_SESSION['validate'] = $validateCode; Then compare it with the verification code entered through the client. This is how the verification code in PHP is implemented. Of course, as mentioned before, this is the most basic code. You can change it to implement arithmetic verification code, Chinese verification code, or other based on your ideas. Some interesting verification codes to make it less boring and more secure.

Do you have any other awesome verification codes to share with me?

For the problem of verification code in PHP

That’s because register_global = off in php.ini;
can be changed to on. However, after php5, it is set to off by default.
Because it is not safe to get the value directly. I think I wonder if the user knows the name of your session
, can he modify your session through the get or post method?
Because all you need to get the value is the name!
php5 generally uses superglobal variables!
$_GET
$_POST
$_COOKIE
$_SESSION

Another poster The book seems a bit old. Session_register is no longer recommended in php5. Now it can be assigned directly $_SESSION['yzm'] = 100;

Note: I heard that php6 has been released!

Problem with generating image verification code in php

The reason is found: the $rand variable is not initialized, and there will be a warning when outputting directly. The solution is to add $rand=''; before the for statement, so there will be no problem.
session_start();
$rand='';
for($i=0;$i<4;$i++){
$rand.=dechex(rand(0,15) );
}
$_SISSION['rand']=$rand;

$bg=imagecreatetruecolor(100,30);
$im=imagecolorallocate($bg,0,0 ,0);
$color=imagecolorallocate($bg,255,255,255);
imagestring($bg,5,0,0,$rand,$color);

header("Content- type: image/jpeg");
imagejpeg($bg);

http://www.bkjia.com/PHPjc/905903.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/905903.htmlTechArticleTalk about the verification code in PHP in those years. The PHP verification code is now in the website Very basic knowledge point. The existence of verification code can prevent malicious password cracking, ticket fraud,...