什么是Captcha?
Completely Automated Public Turing Test to Tell Computers and Humans Apart
(全自动区分计算机和人类的图灵测试)。
使用Captcha的目的?
CAPTCHA的目的是区分计算机和人类的一种程序算法,这种程序必须能生成并评价人类能很容易通过但计算机却通不过的测试。这个要求本身就是悖论,因为这意味着一个CAPTCHA必须能生成一个它自己不能通过的测试。
最近在做一个个人项目(http://beta.nagaor.com),在用户注册时需要用到Captcha,通俗点就是给注册模块加上验证码功能。考虑到Google Code下面有个Captcha项目(http://code.google.com/intl/en/apis/recaptcha/),所以网上找了些资料学习了下,并成功移植到项目中,这里将使用过程备注下来。
ReCaptcha效果图如下:
一,使用步骤
1)下载程序集Recaptcha.dll.(http://code.google.com/p/recaptcha/downloads/list?q=label:aspnetlib-Latest)
2)项目中引用Recaptcha.dll.
3)在页面引用Recaptcha控件.
页面头部添加
<% @ Register TagPrefix = " recaptcha " Namespace = " Recaptcha " Assembly = " Recaptcha " %>
在<form runat="server"></form>内添加
< recaptcha:RecaptchaControl ID ="recaptcha" runat ="server" PublicKey ="your_public_key" PrivateKey ="your_private_key" />
备注:其中PublicKey,PrivateKey需要google注册用户才能申请,地址(http://www.google.com/recaptcha/whyrecaptcha)
4)验证代码如下(注意:此方法是在页面提交的时候验证Page.IsValid):
<% @ Page Language = " VB " %> <% @ Register TagPrefix = " recaptcha " Namespace = " Recaptcha " Assembly = " Recaptcha " %> < script runat =server%gt; Sub btnSubmit_Click(ByVal sender As Object, ByVal e As EventArgs) If Page.IsValid Then lblResult.Text = "You Got It!" lblResult.ForeColor = Drawing.Color.Green Else lblResult.Text = "Incorrect" lblResult.ForeColor = Drawing.Color.Red End If End Sub </script > < html > < body > < form runat = " server " > < asp:Label Visible = false ID = " lblResult " runat = " server " / > <recaptcha:RecaptchaControl ID="recaptcha" runat="server" Theme="red" PublicKey="your_public_key" PrivateKey="your_private_key" / > < asp:Button ID = " btnSubmit " runat = " server " Text = " Submit " OnClick = " btnSubmit_Click " / > < / form > < / body> < / html >
二,改善
按此4个步骤就能在项目中使用Recaptcha,十分简单!但是这种方式是在页面提交时去验证,是顺序执行(同步),所以用户体验(UE)较差。这里提供一个异步验证的实现,如下:
1)新建一个头处理文件(RecaptchaValidHandler.cs)实现如下:
public class RecaptchaValidHandler : IHttpHandler
{
/// <summary>
/// You will need to configure this handler in the web.config file of your
/// web and register it with IIS before being able to use it. For more information
/// see the following link: http://go.microsoft.com/?linkid=8101007
/// </summary>
#region IHttpHandler Members
public bool IsReusable
{
// Return false in case your Managed Handler cannot be reused for another request.
// Usually this would be false in case you have some state information preserved per request.
get { return true ; }
}
public void ProcessRequest(HttpContext context)
{
Recaptcha.RecaptchaValidator validator = new Recaptcha.RecaptchaValidator();
validator.RemoteIP = context.Request.ServerVariables[ " REMOTE_ADDR " ];
validator.PrivateKey = " 6LfkOr0SAAAAAM5JkWQfl6ji1AMu6apBajJyNC9M " ;
validator.Challenge = context.Request[ " recaptcha_challenge_field " ];
validator.Response = context.Request[ " recaptcha_response_field " ];
Recaptcha.RecaptchaResponse reCaptchaResponse = validator.Validate();
context.Response.Write(reCaptchaResponse.IsValid);
}
#endregion
}
通过返回"True" or "False"标识成功 or 失败。
2)新建异步请求的脚本(register.js)实现如下:
var REG = {
validateReCaptcha: function () {
challengeField = $( " input[name='recaptcha_challenge_field'] " ).val();
responseField = $( " input[name='recaptcha_response_field'] " ).val();
$.ajax({
type: " POST " ,
url: " RecaptchaValidHandler.axd " ,
data: " recaptcha_challenge_field= " + challengeField + " &recaptcha_response_field= " + responseField,
success: function (msg) {
if (msg == " True " ) return true ;
$( " #divRecaptcha " ).fadeIn( " slow " , function () { $( this ).val(RegMsg.CaptchaMsg); });
Recaptcha.reload();
return false ;
}
});
}
};
注意:实现是基于jquery框架。
说明完毕!