jsp程序中的验证码的成生和处理。

接合网上和书上的实例，这是一个简单的实例。编码用的是UTF-8。各位在处理过程中一定要注意编码问题。
这个是code.jsp的源码：

<%@ page language="java"
    import="java.awt.*"
    import="java.awt.image.BufferedImage"
    import="java.util.*"
    import="javax.imageio.ImageIO"
    pageEncoding="utf-8" %>
    
<% 
    response.setHeader("Cache-Control", "no-cache"); 
    //create image in RAM!
    int width=60,height=20;
    BufferedImage image=new BufferedImage(width,height,BufferedImage.TYPE_INT_RGB);
    //get graphics
    Graphics g=image.getGraphics();
    g.setColor(new Color(200,200,200));
    g.fillRect(0, 0, width, height);
    //create randrom (4 namber)
    Random rnd = new Random();
    int randNum=rnd.nextInt(8999)+1000;
    String randStr=String.valueOf(randNum);
    //save in session
    session.setAttribute("randStr", randStr);
    //display to image
    g.setColor(Color.black);
    g.setFont(new Font("",Font.PLAIN,20));
    g.drawString(randStr, 10, 17);
    //100-other
    //
    
    //output image to page
    ImageIO.write(image, "JPEG", response.getOutputStream());
    out.clear();  out=pageContext.popBody();
%>

验证码的产生为1000+0-8999的随机值，使用1000+是确保第一位不为0，可以换成其它的汉字编码等其它不变。

它在网页中http://localhost:8080/test/code.jsp显示如下。

它在其它网页中调用如下：http://localhost:8080/test/login.jsp

 

<script type="text/javascript">
    function refresh(){
        loginForm.imgValidate.src='code.jsp?t='+new Date().getTime();
    }
</script>
<form action="/test/servlet/ValidateServlet">
            <p>请输入账号：
            <input type="text" name="account" />
            <br>
            <p>请输入密码：
            <input type="password" name="password" />
            <br>
            <p>请输入验证码:
            <input type="text" name="code" size="10" >
            <img border=1 src="code.jsp">
            // <a href="javascript:void(0);" onclick=refresh();return false;"><img id="imgValidate" name="imgValidate" src="code.jsp" onclick="refresh()" ></a>
            // 点击更换
            <input type="submit" value="登陆">  </form>

该处理由servlet来处是，也可以由jsp等程序来处理。
下面说一下验证处理过程：
取得提交上来的验证码和session中的写入的验证码进行比较，相同则进行下一步处理，不同则报验证码错误。
下面是servlet处理的源代码：

package servlet;

import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class ValidateServlet extends HttpServlet {	
	/**
	 * The doGet method of the servlet. <br>
	 *
	 * This method is called when a form has its tag value method equals to get.
	 * 
	 * @param request the request send by the client to the server
	 * @param response the response send by the server to the client
	 * @throws ServletException if an error occurred
	 * @throws IOException if an error occurred
	 */
	public void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {

		//得到提交的验证码
		String code=request.getParameter("code");
		//获取session中的验证码
		HttpSession session=request.getSession();
		String randStr=(String)session.getAttribute("randStr");
		response.setCharacterEncoding("utf-8");
		PrintWriter out=response.getWriter();
		if(!code.equals(randStr)){
			out.println("验证码错误");
		}
		else{
			out.println("验证码正确!跳转到loginServlet..........");
		}
	}

	/**
	 * The doPost method of the servlet. <br>
	 * 
	 *
	 * This method is called when a form has its tag value method equals to post.
	 * 
	 * @param request the request send by the client to the server
	 * @param response the response send by the server to the client
	 * @throws ServletException if an error occurred
	 * @throws IOException if an error occurred
	 */
	public void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		this.doGet(request, response);
	}
}