thinkphp整合系列之极验滑动验证码geetest功能

更新时间:2023-04-07 07:43:16 阅读：评论：0

给一个央企做官网，登录模块用的thinkphp验证码类。但是2019-6-10到12号，国家要求央企检验官网漏洞，防止黑客攻击，正直贸易战激烈升级时期，所以各事业单位很重视官网安全性，于是乎集团总部就委托了宁波一个专业检测公司用专业工具检测出，后台验证码能用打码工具暴力破解，发函要求整改。so，就有了下面的极速验证图形

官网：

一：注册获取key

二：导入sdk

/thinkphp/library/org/xb/geetestlip.class.php（此处geetestlip.class.php是我重新命名的geetest类文件，原名为class.geetestlib.php）

此处牵扯到thinkphp引入第三方类，我把第三方类放到org/util/xb下面了，同时对该类文件加入命名空间如下，否则实例化类时找不到文件

三：生成验证样式

admin/view/public/cdtsh_log_smfyws.php

<!doctype html><html><head>  <meta chart="gbk" />  <title>网站管理系统后台</title>  <script language="javascript" type="text/javascript" src="__js__/jquery.js"></script>  <link rel="stylesheet" href="__css__/jquery.validator.css">  <script type="text/javascript" src="__js__/jquery.validator.js"></script>  <script type="text/javascript" src="__js__/zh_cn.js"></script>  <link href="__css__/admin_login.css?v20130227" rel="stylesheet" />  <script>    $(document).ready(function(){      var verifyimg = $(".verifyimg").attr("src");      $(".reloadverify比字开头的成语").click(function(){        if( verifyimg.indexof('?')>0){          $(".verifyimg").attr("src", verifyimg+'&random='+math.random());        }el{          $(".verifyimg").attr("src", verifyimg.replace(/\?.*$/,'')+'?'+math.random());        }      });    });  </script></head><body><div class="wrap">  <h1><a href="javascript:;" style="height: 116px; width: 250px;">后台管理中心</a></h1>  <form method="post" action="{:u('admin/public/cdtsh_log_smfyws')}">    <div class="login">      <ul>        <li>          <input class="input" id="urname" name="urname"type="text" title="用户名" data-rule="required;urname" placeholder="用户名" />          <span class="msg-box n-right" style="position:absolute; left: 248px; top: 12px; " for="urname"></span>        </li>        <li>          <input class="input" name="password" type="password" title="密码" dat六月图片a-rule="required;password" placeholder="密码"/>          <span class="msg-box n-right" style="position:absolute;left: 248px; top: 12px;" for="password"></span>        </li>        <li>          <input class="input" id="verify" name="verify" type="text" style="width:130px;" title="密码" data-ok=" " placeholder="验证码" data-tip="输入验证码！" title="验证码" data-rule="required;text;remote[{:u('admin/public/check_verify')}]" />          <div class="yanzhengma_box" id="verifyshow">  <img class="verifyimg reloadverify" style=" cursor: pointer;" align="right" src="{:u('public/verify促销策划方案')}" title="点击刷新"> </div>          <span class="msg-box n-right" style="position:absolute;left: 248px; top: 12px;" for="verify"></span>        </li>      </ul>      <ul>          <!--<input type="button" value="异步验证登录" onclick="check_verify()">-->          <!--<input type="submit" value="post提交登录">-->          <div id="captcha"></div>      </ul>      <button type="submit" class="btn" id="subbtn">登录</button>    </div>  </form></div><script src="http://static.geetest.com/static/tools/gt.js"></script><script>  var handler = function (captchaobj) {    // 将验证码加到id为captcha的元素里    captchaobj.appendto("#captcha");   };  // 获取验证码  $.get("{:u('admin/public/verifys')}", function(data) {    // 使用initgeetest接口    // 参数1：配置参数，与创建geetest实例时接受的参数一致    // 参数2：回调，回调的第一个参数验证码对象，之后可以使用它做appendto之类的事件    initgeetest({      gt: data.gt,      challenge: data.challenge,      product: "float", // 产品形式      offline: !data.success,      new_captcha:'true',      width:'260px',    }, handler);  },'json');</script></body></html>

四：验证函数

/application/common/common/function.php

/** * geetest检测验证码 */function geetest_chcek_verify($data){  $geetest_id = "7149e2021d7938157e";  $geetest_key = "62b92039e1e9cf9455";  $geetest=new \org\util\xb\geetestlib($geetest_id,$geetest_key);  $ur_id=$_ssion['geetest']['ur_id'];  $ip_address=$_ssion['geetest']['ip_address'];  $dataa = array(    "ur_id" => $ur_id, # 网站用户id    "client_type" => "web", #web:电脑上的浏览器；h5:手机上的浏览器，包括移动应用内完全内置的web_view；native：通过原生sdk植入app应用的方式    "ip_address" => $ip_address, # 请在此处传输用户请求验证时所携带的ip  );  if ($_ssion['geetest']['gtrver']==1){    $result=$geetest->success_validate($data['geetest_challenge'], $data['geetest_validate'], $data['geetest_ccode'], $dataa);    //return $result;    if ($result) {      //return 11;      return true;    } el{      //return 22;      return fal;    }  }el{    if ($geetest->fail_validate($data['geetest_challenge'],$data['geetest_validate'],$data['geetest_ccode'])) {      //return 33;      return true;      }el{      //return 44;      return fal;    }  }}//获取id地址function getip() {  if (!empty($_rver["http_client_ip"])) {    $cip = $_rver["http_client_ip"];  } elif (!empty($_rver["http_x_forwarded_for"])) {    $cip = $_rver["http_x_forwarded_for"];  } elif (!empty($_rver["remote_addr"])) {    $cip = $_rver["remote_addr"];  } el {    $cip = "无法获取！";  }  return $cip;}

五：php 生成验证码并验证

//极速验证  public function verifys(){    //require_once dirname(dirname(dirname(__file__))) . '/lib/class.geetestlib.php';    //require_once dirname(dirname(__file__)) . '/config/config.php';    // $gtsdk = new geetestlib(captcha_id, private_key);    $geetest_id = "7149e2021d7938157e9";    $geetest_key = "62b92039e1e9cf";    $geetest=new \org\util\xb\geetestlib($geetest_id,$geetest_key);    //dump($geetest);die;    $ur_id = "test";    $data = array(      "ur_id" => $ur_id, # 网站用户id      "client_type" => "web", #web:电脑上的浏览器；h5:手机上的浏览器，包括移动应用内完全内置的web_view；native：通过原生sdk植入app应用的方式      "ip_address" => getip(), # 请在此处传输用户请求验证时所携带的ip    );    $status = $geetest->pre_process($data,1);    //dump($status);    $_ssion['geetest']=array(      'gtrver'=>$status,      'ur_id'=>$ur_id,      'ip_address'=>getip(),      );    echo $geetest->get_respon_str();  } public function cdtsh_log_smfyws() {    if ($_ssion['urid']) {      $this->redirect('admin/index/index');    } el {      if (is_post) {        $urname = $_post['urname'];        $password = $_post['password'];        //$geetest_challenge = $_post['geetest_challenge'];        //$geetest_validate = $_post['geetest_validate'];        //$geetest_ccode = $_post['geetest_ccode'];        高情商的书$data=i('post.');        if($data['geetest_challenge']=="" || $data['geetest_validate']=="" ||$data['geetest_ccode']=="" ){          $this->error('请进行图形验证');        }el{          //dump(geetest_chcek_verify($data));          if (geetest_chcek_verify($data)){            //echo '验证成功';            if ($this->loginadmin($urname, $password)) {              $data = m("ur")->where("urname='".$urname."' and password='".md5($password)."教师节祝词'")->find();              if ($data["status"] != 1) {                //判断是否禁用                $this->recordloginadmin($_post['urname'], $_post['password'], 0, "账号禁用"); //记录登录日志                $this->error('该帐号禁用');              } el {                $save["lastlogin_time"] = time();                $save["lastlogin_ip"] = get_client_ip();                $save["login_num"] = $data["login_num"] + 1;                $status = m("ur")->where(array("id" => $data['id']))->save($save);                $_ssion['urid'] = $data['id'];                $_ssion['ur'] = $data['urname'];                $_ssion['rid'] = $data['a_id'];                $this->recordloginadmin($_post['urname'], $_post['password'], 1); //记录登录日志                $this->redirect('admin/index/index');                //$this->success('登录成功',u('admin/index/index'));              }            } el {              $this->recordloginadmin($_post['urname'], $_post['password'], 0, "账号密码错误"); //记录登录日志              $this->error('登录失败');            }          }el{            //echo '图形验证失败';            $this->error('图形验证失败');          }        }      } el {        $this->display();      }    }  }

到这里就结束了

总结

以上所述是www.887551.com给大家介绍的thinkphp整合系列之极验滑动验证码geetest功能,希望对大家有所帮助

本文发布于:2023-04-07 07:43:14，感谢您对本站的认可！

本文链接：https://www.wtabcd.cn/fanwen/zuowen/4060c91437f32bf2ee0dc39652e878bd.html

本文word下载地址：thinkphp整合系列之极验滑动验证码geetest功能.doc

本文 PDF 下载地址：thinkphp整合系列之极验滑动验证码geetest功能.pdf

上一篇：金铲铲之战s1阵容回顾有哪些 (金铲铲之战亚索至臻多少钱)

下一篇：返回列表