PHP不用session验证码

<?php ============= 文件: validate_image.php ================ /* 不用 session 实现的图片认证码作者: 暖阳 */ $validateCodeKeepTime = 60 * 5; //验证码有效时间,秒 function validateCode($string,$action="ENCODE"){ //字符串加密和解密 $secret_string = 'd0nf873498**&^%$JHJK'; //绝密字符串,可以任意设定 if($string=="") return ""; if($action=="ENCODE") $crc32="@".crc32($string); else list($string,$crc32)=split("@",$string); $key = substr(md5($_SERVER["HTTP_USER_AGENT"].$secret_string.filemtime(str_replace('\\','/',__FILE__))),8,18); $string = ($action=="ENCODE"?$string:base64_decode($string)); $len = strlen($key); $code = ""; for($i=0; $i<strlen($string); $i++){ $k = $i%$len; $code .= $string[$i]^$key[$k]; } $code = ($action == "DECODE" ? (crc32($code)==$crc32?$code:NULL) : base64_encode($code)."$crc32"); return $code; } function randString($len=4){ //产生随机字符串 $chars="23456789ABCDEFGHJKLMNPRSTWXY"; //验证码可取的字符,去掉不易辨认的字符 $string=""; for($i=0;$i<$len;$i++){ srand((double)microtime()*1000000); $rand=rand(0,strlen($chars)-1); $string.=substr($chars,$rand,1); } return strtoupper($string); } //输出图片 if(strtolower(str_replace('\\','/',__FILE__))==strtolower(str_replace('\\','/',$_SERVER['SCRIPT_FILENAME']))){ $decode = validateCode($_GET["secretCode"],"DECODE"); list($string,$mytime)=split('@',$decode); if(!$string) $string=' '; Header("Content-type: image/gif"); $imageWidth = strlen($string)*20; $imageHeight = 20; $im = imagecreate($imageWidth,$imageHeight); $backColor = ImageColorAllocate($im, rand(220,255),rand(220,255),rand(220,255)); //背景色 imagefilledrectangle($im, 0, 0, $imageWidth, $imageHeight, $backColor); for($i=0;$i<100;$i++){ //画斑点 $dotColor = ImageColorAllocate($im, rand(0,255),rand(0,255),rand(0,255)); //点色 $x = rand(0,$imageWidth); $y = rand(0,$imageHeight); imagesetpixel($im, $x, $y, $dotColor); } for($i=0;$i<strlen($string);$i++){ //写字 $frontColor = ImageColorAllocate($im, rand(0,120),rand(0,120),rand(0,120)); //字色 imagestring($im, 5, rand(20*$i+1,20*$i+10), rand(0,5), substr($string,$i,1),$frontColor); } imagepng($im); imagedestroy($im); exit; } ?> ========================================实例========================================= <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> <title>faisun@sina.com</title> <style type="text/css"> body,td{ font-size:12px; } </style> </head> <body> <? include("validate_image.php"); if($_REQUEST[action]=="confirm"){ list($mycode,$mytime)=split('@',validateCode($_POST["secretCode"],"DECODE")); if(time()-$mytime>$validateCodeKeepTime){ echo "验证码已过期!"; exit; }elseif(!$_POST["secretCode"]||strtoupper($_POST[ValidateCode])!=$mycode){ echo "验证码错误!"; exit; }else{ echo "验证码输入正确."; //改为你其他的处理代码. } }else{ ?> <form name="form1" method="post" action=""> <table width="300" border="0" cellspacing="0" cellpadding="3"> <tr> <td width="110" align="right">验证码:</td> <td width="178"> <? $secretCode = validateCode(randString(4)."@".time()); ?> <input name="ValidateCode" type="text" id="ValidateCode" size="10"> <img src="validate_image.php?secretCode=<?=urlencode($secretCode);?>" align="absmiddle"> <input type='hidden' name='secretCode' value='<?=$secretCode;?>'> </td> </tr> <tr> <td> </td> <td> </td> </tr> <tr> <td> </td> <td><input name="action" type="hidden" id="action" value="confirm"> <input type="submit" name="Submit" value="确定"></td> </tr> </table> </form> <? } ?> </body> </html>