如何使用vbscript创建动态验证码

时间:2022-06-08 04:22:18

What generally occurs in the captcha's is that a single word is displayed and the user has to just enter that word in to validate the captcha. But in this case what I want is that my captcha would consist of a slogan(that is a sentence),and on each time the computer would ask like... Enter the first word in the slogan.. Next time it asks,Enter the third word and so on randomly... Can anyone provide me an idea how t d this?

验证码中通常出现的是显示单个单词,用户只需输入该单词即可验证验证码。但在这种情况下,我想要的是我的验证码将包含一个口号(这是一个句子),并且每次计算机都要求...在口号中输入第一个单词..下次它要求,输入第三个字等等随机...任何人都可以给我一个想法如何这个?

1 个解决方案

#1


0  

Here's how I have created CAPTCHAs in Classic ASP in the past. When the form is displayed to a user I generate a random number and also a question and answer.

以下是我过去在Classic ASP中创建CAPTCHA的方法。当表单显示给用户时,我生成一个随机数,还有一个问题和答案。

The random number is used as the name for a session variable that stores the answer to the question. I also add a hidden field with the value of the random number. This random number allows one user to display multiple forms in different windows/tabs without using the same session variable. It also means that anyone trying to hack the page must retrieve the page before they can post to it so makes it a little more difficult to hack.

随机数用作存储问题答案的会话变量的名称。我还添加了一个隐藏字段,其中包含随机数的值。此随机数允许一个用户在不使用相同会话变量的情况下在不同窗口/选项卡中显示多个表单。这也意味着任何试图入侵页面的人必须先检索页面,然后才能发布到页面上,这样会使攻击变得更加困难。

When the user submits the form I get the hidden field value, then get the answer stored in the session variable, and the session variable is removed so that a 'bot can't get multiple attempts at guessing an answer. Then the user's answer can be compared with what the user entered. If they don't get it correct then the form is displayed again, with new random number and answer generated.

当用户提交表单时,我得到隐藏字段值,然后获得存储在会话变量中的答案,并删除会话变量,以便'机器人无法多次尝试猜测答案。然后,可以将用户的答案与用户输入的内容进行比较。如果他们没有得到正确的话,那么表格会再次显示,并生成新的随机数和答案。

The code when the form is generated would be something like this:

生成表单时的代码如下所示:

'get your question and answer
strQuestion = "My question"
strAnswer = "answer"

Randomize
strVarName = Int((999999 - 100000 + 1) * Rnd() + 100000)
Session(strVarName) = strAnswer



<input type="hidden" name="varname" value="<%= strVarName %>" />

The code when the form is sbumitted qould be something like this:

表单sbumitted时的代码应该是这样的:

strVarName = Request.Form("varname")
strUserAnswer = Request.Form("answer")
strRealAnswer = Session(strVarName)
Session.Items.Remove(strVarName)

If strUserAnswer <> strRealAnswer Then
    'invalid response
    'show form again with new answer and session
End If

#1


0  

Here's how I have created CAPTCHAs in Classic ASP in the past. When the form is displayed to a user I generate a random number and also a question and answer.

以下是我过去在Classic ASP中创建CAPTCHA的方法。当表单显示给用户时,我生成一个随机数,还有一个问题和答案。

The random number is used as the name for a session variable that stores the answer to the question. I also add a hidden field with the value of the random number. This random number allows one user to display multiple forms in different windows/tabs without using the same session variable. It also means that anyone trying to hack the page must retrieve the page before they can post to it so makes it a little more difficult to hack.

随机数用作存储问题答案的会话变量的名称。我还添加了一个隐藏字段,其中包含随机数的值。此随机数允许一个用户在不使用相同会话变量的情况下在不同窗口/选项卡中显示多个表单。这也意味着任何试图入侵页面的人必须先检索页面,然后才能发布到页面上,这样会使攻击变得更加困难。

When the user submits the form I get the hidden field value, then get the answer stored in the session variable, and the session variable is removed so that a 'bot can't get multiple attempts at guessing an answer. Then the user's answer can be compared with what the user entered. If they don't get it correct then the form is displayed again, with new random number and answer generated.

当用户提交表单时,我得到隐藏字段值,然后获得存储在会话变量中的答案,并删除会话变量,以便'机器人无法多次尝试猜测答案。然后,可以将用户的答案与用户输入的内容进行比较。如果他们没有得到正确的话,那么表格会再次显示,并生成新的随机数和答案。

The code when the form is generated would be something like this:

生成表单时的代码如下所示:

'get your question and answer
strQuestion = "My question"
strAnswer = "answer"

Randomize
strVarName = Int((999999 - 100000 + 1) * Rnd() + 100000)
Session(strVarName) = strAnswer



<input type="hidden" name="varname" value="<%= strVarName %>" />

The code when the form is sbumitted qould be something like this:

表单sbumitted时的代码应该是这样的:

strVarName = Request.Form("varname")
strUserAnswer = Request.Form("answer")
strRealAnswer = Session(strVarName)
Session.Items.Remove(strVarName)

If strUserAnswer <> strRealAnswer Then
    'invalid response
    'show form again with new answer and session
End If