最近我們一些Z-BLOGGER都在想做個什麼插件攔住SPAM,當然解決方法也不是沒有,就是弄個超強的服務器,可惜搞不起。那……我們只好從SPAMMER的角度來想了。
懂一些的人可能知道,SPAM軟件的基本原理是[搜索目標]-進入網站-掃描驗證碼-OCR-[填寫表單]-POST。每一步我們都可以加以防范,比較現實的是防止SPAM軟件成功的OCR出驗證碼。Z-BLOG自帶的驗證碼實在有點弱,干擾點等於沒有,感覺可以輕易的分析出驗證碼裡的數字。解決方法就是——換一個驗證碼程序。
這個驗證碼程序(就是我現在用的)是從月光留言本裡挖出來的,稍加修改,以便適應Z-BLOG。個人認為要編出軟件OCR這個驗證碼是有點難度的,應該可以換取片刻的安寧。當然,這只是權宜之計,如果廣泛使用,勢必還會有高手來破解的。所以啊……最好官方能弄個服務器,有時候,我覺得商業化或是適當引進投資也是不錯的~
目前還在測試效果,3-28晚開始。到目前(07-03-30)為止共收到1個SPAM(包括被攔截的。),內容和別的SPAM不一樣,應該不是那個垃圾SEO網站的作品(很大膽的加了2個鏈接),而且不是提交在在一般搜索引擎搜索進來的《google加了一個網頁惡意軟件檢測?》,而是在我的留言本。根據REFERER的結果應該是從主頁過去的(也不排除從別的地方進去而沒有執行腳本或提交refer信息),懷疑為人工SPAM(UPDATE:Haphic也收到了一個同樣的。到底是不是人工的?他用的驗證碼是原版的……),換驗證碼的效果還需繼續觀察……
c_validcode.asp代碼
復制代碼 代碼如下:
<%@ CODEPAGE=65001 %>
<% Option Explicit %>
<%
'On Error Resume Next
%>
<!-- #include file="../c_option.asp" -->
<!-- #include file="../function/c_function.asp" -->
<%
Response.buffer=true
Call Com_CreatValidCode("CheckCode")
Rem 生成驗證碼圖片
Sub Com_CreatValidCode(pSN)
Const codeLenMin = 5 '驗證碼位數范圍
Const codeLenMax = 5 '驗證碼位數范圍
Const cOdds = 2 '雜點出現的機率
Const dbtTimes = 1 '干擾次數
Const posX = 3 '位置隨機范圍X
Const posY = 2 '位置隨機范圍Y
ImgWidth = 60 '圖像寬(要為4的倍數)
ImgHeight = 20 '圖像高
Const cAmount = 10 '字庫數量
Const cCode = "0123456789" '字庫對應的字符
Const UnitWidth = 16 '字寬(要為4的倍數)
Const UnitHeight = 15 '字高
Const DotsLimit = 10 '每次刪除有效點的上限(避免無法人為識別)
Const tryCount = 5 '避免刪除有效點超過上限的嘗試次數限制
'-----------
Randomize
Dim i,ii,iii,flag,ActUnitWidth,ImgYuWidth,codeLen,ImgWidth,ImgHeight
codeLen = codeLenMin + cint(Rnd*(codeLenMax-codeLenMin))
If ImgWidth Mod 4 <> 0 Or ImgWidth < codeLen*UnitWidth Then ImgWidth = codeLen*UnitWidth
If ImgHeight < UnitHeight Then ImgHeight = UnitHeight
' 禁止緩存
Response.Expires = -9999
Response.AddHeader "Pragma","no-cache"
Response.AddHeader "cache-ctrol","no-cache"
Response.ContentType = "Image/BMP"
' 顏色的數據(字符,背景)
Dim vColorData(1)
vColorData(0) = ChrB(0) & ChrB(0) & ChrB(0) ' 藍0,綠0,紅0(黑色)前景色
vColorData(1) = ChrB(255) & ChrB(255) & ChrB(255) ' 藍250,綠236,紅211(淺藍色)背景色
' 字符的數據(可以自己修改,如果修改了尺寸,記得把前面的設定也改了)
Dim vNumberData(9)
vNumberData(0) = "111111111111111111110000000011111110000000000111111001111110011111100111111001111110011111100111111001111110011111100111111001111110011111100111111001111110011111100111111001111110011111100111111000000000011111110000000011111111111111111111"
vNumberData(1) = "111111111111111111111100011111111111000001111111111000000111111111001100011111111111110001111111111111000111111111111100011111111111110001111111111111000111111111111100011111111111110001111111111000000000111111100000000011111111111111111111"
vNumberData(2) = "111111111111111111111100000111111111100000001111111100011100111111100011110011111111111110011111111111110011111111111110011111111111110011111111111110011111111111110011110011111110011111001111111000000000111111100000000011111111111111111111"
vNumberData(3) = "111111111111111111111000000111111111000000001111111001111110011111100111110011111111111110011111111111100011111111111110001111111111111110011111111111111100111111100111111001111110011111100111111100000000111111111000000111111111111111111111"
vNumberData(4) = "111111111111111111111111001111111111101100111111111100110011111111110011001111111110011100111111110011110011111110000000000000111000000000000011111111110011111111111111001111111111111100111111111111110011111111111111001111111111111111111111"
vNumberData(5) = "111111111111111111100000000001111100000000000111110011111111111111001111111111111100111111111111110011000000111111000001111001111111111111100111111111111110011111111111111001111100111111100111110011111110011111100000000011111111111111111111"
vNumberData(6) = "111111111111111111111100000111111111100000001111111100111110011111100111111111111110011111111111111001000001111111100000000011111110001111100111111001111110011111100111111001111110011111100111111100000000111111111000000111111111111111111111"
vNumberData(7) = "111111111111111111100000000001111110000000000111111001111110011111100111111001111111111111001111111111111100111111111111100111111111111100111111111111110011111111111111001111111111111100111111111111110011111111111111001111111111111111111111"
vNumberData(8) = "111111111111111111111000000111111111000000001111111001111110011111100111111001111110011111100111111100000000111111110000000011111111001111001111111001111110011111100111111001111110011111100111111100000000111111111000000111111111111111111111"
vNumberData(9) = "111111111111111111111000000111111111000000001111111001111110011111100111111001111110011111100111111100000000011111110000001001111111111111100111111111111110011111111111111001111110011111001111111100000000111111111000000111111111111111111111"
' 隨機產生字符
Dim vCode(), vCodes
ReDim vCode(codeLen-1)
vCodes = GetVerifyNumber
For i = 0 To 4
vCode(i) = cint(mid(vCodes,i+1,1))
vCode(i) = pcd_doubter(vNumberData(vCode(i)),UnitWidth,UnitHeight,DotsLimit,tryCount,dbtTimes)
Next
' 隨機產生字符
'Dim vCodes
'ReDim vCode(codeLen-1)
'For i = 0 To codeLen-1
' vCode(i) = Int(Rnd * cAmount)
' vCodes = vCodes & Mid(cCode, vCode(i) + 1, 1)
' vCode(i) = pcd_doubter(vNumberData(vCode(i)),UnitWidth,UnitHeight,DotsLimit,tryCount,dbtTimes)
'Next
'Session(pSN) = vCodes '記錄入Session
' 輸出圖像文件頭
Response.BinaryWrite ChrB(66) & ChrB(77) & Num2ChrB(54+ImgWidth*ImgHeight*3,4) & ChrB(0) & ChrB(0) & ChrB(0) & ChrB(0) & ChrB(54) & ChrB(0) & ChrB(0) & ChrB(0) & ChrB(40) & ChrB(0) & ChrB(0) & ChrB(0) & Num2ChrB(ImgWidth,4) & Num2ChrB(ImgHeight,4) & ChrB(1) & ChrB(0)
' 輸出圖像信息頭
Response.BinaryWrite ChrB(24) & ChrB(0) & ChrB(0) & ChrB(0) & ChrB(0) & ChrB(0) & Num2ChrB(ImgWidth*ImgHeight*3,4) & ChrB(18) & ChrB(11) & ChrB(0) & ChrB(0) & ChrB(18) & ChrB(11) & ChrB(0) & ChrB(0) & ChrB(0) & ChrB(0) & ChrB(0) & ChrB(0) & ChrB(0) & ChrB(0) & ChrB(0) & ChrB(0)
' 生成干擾線
ReDim noiseLine(1,-1)
Call makeNoise(noiseLine,ImgWidth,ImgHeight)
Call makeNoise(noiseLine,ImgWidth,ImgHeight)
' 如果想多畫幾條直接復制就可以
' Call makeNoise(noiseLine,ImgWidth,ImgHeight)
' 位置隨機
ActUnitWidth = Int(ImgWidth / codeLen)
ImgYuWidth = ImgWidth - ActUnitWidth * codeLen
ReDim posAry(1,codeLen-1)
posAry(0,0) = Int((Rnd)*(posX+(ActUnitWidth-UnitWidth)/2))
posAry(1,0) = Int((ImgHeight-UnitHeight)/2+(1-2*Rnd)*posY)
For i=1 To codeLen-2
posAry(0,i) = Int((1-2*Rnd)*(posX+(ActUnitWidth-UnitWidth)/2))
posAry(1,i) = Int((ImgHeight-UnitHeight)/2+(1-2*Rnd)*posY)
Next
If codeLen > 1 Then
posAry(0,codeLen-1) = Int((Rnd)*(posX+(ActUnitWidth-UnitWidth)/2))
posAry(1,codeLen-1) = Int((ImgHeight-UnitHeight)/2+(-Rnd)*posY)
End If
' 輸出圖像數據
For i = ImgHeight-1 To 0 Step -1 '行
For ii = 0 To codeLen-1 '字
For iii = 0 To ActUnitWidth-1 '字寬
flag = 0
If onNoiseLine(noiseLine,ii*ActUnitWidth+iii,i) Then ' 干擾線
flag = 1
ElseIf getUnitDot(posAry,vCode,ii,iii,i,UnitWidth,UnitHeight) = "0" Then
flag = 1
ElseIf getUnitDot(posAry,vCode,ii-1,iii+ActUnitWidth,i,UnitWidth,UnitHeight) = "0" Then
flag = 1
ElseIf getUnitDot(posAry,vCode,ii+1,iii-ActUnitWidth,i,UnitWidth,UnitHeight) = "0" Then
flag = 1
End If
' 隨機生成雜點
If Rnd * 99 + 1 < cOdds Then flag = 1 - flag
Response.BinaryWrite vColorData(1-flag)
Next
Next
For ii = 0 To ImgYuWidth-1
Response.BinaryWrite vColorData(1)
Next
Next
End Sub
Rem 獲取單元的點(考慮位移)
Function getUnitDot(ByRef posAry,ByRef vCode,i,ByVal x,ByVal y,UnitWidth,UnitHeight)
getUnitDot = "1"
If i < 0 Or i > UBound(vCode) Then Exit Function
x = x - posAry(0,i)
If x < 0 Or x >= UnitWidth Then Exit Function
y = y - posAry(1,i)
If y < 0 Or y >= UnitHeight Then Exit Function
getUnitDot = Mid(vCode(i),y*UnitWidth+x+1,1)
End Function
Rem 生成干擾線
Sub makeNoise(ByRef nl,imgW,UnitHeight)
Dim i,l,x1,y1,x2,y2,dx,dy,deltaT
x1 = Int(Rnd*imgW)
y1 = Int(Rnd*UnitHeight)
x2 = Int(Rnd*imgW)
y2 = Int(Rnd*UnitHeight)
dx = X2 - X1
dy = Y2 - Y1
If Abs(dx) > Abs(dy) Then deltaT = Abs(dx) Else deltaT = Abs(dy)
If deltaT = 0 Then Exit Sub
l = UBound(nl,2)
ReDim Preserve nl(1,l+deltaT+1)
l = l + 1
For i = 0 To deltaT
nl(0,l+i) = x1 + dx * i \ deltaT
nl(1,l+i) = y1 + dy * i \ deltaT
Next
End Sub
Rem 判斷是否為干擾線上的點
Function onNoiseLine(ByRef nl,x,y)
onNoiseLine = False
Dim i
For i=0 To UBound(nl,2)
If x = nl(0,i) And y = nl(1,i) Then
onNoiseLine = True
Exit For
End If
Next
End Function
Rem 對單個字的點陣進行干擾
Rem 干擾思想:在點陣范圍內隨機產生2個端點,進行連線,以位移較大的一方做橫軸,先將連線上的點刪除,再將被刪除點的縱軸方向上方或下方的點(隨機確定)移向被刪除點,移動後的空白用背景色補充
Function pcd_doubter(ByVal str,UnitWidth,UnitHeight,DotsLimit,tryCount,dbtTimes)
Randomize
Dim x1,x2,y1,y2,dx,dy,deltaT,i,ii,way,f1,f2
For f1=1 To dbtTimes '干擾次數
For f2=1 To tryCount '避免刪除有效點超過上限的嘗試次數限制
'隨機確定2個端點
x1 = int(Rnd*UnitWidth)
x2 = int(Rnd*UnitWidth)
y1 = int(Rnd*UnitHeight)
y2 = int(Rnd*UnitHeight)
dx = X2 - X1
dy = Y2 - Y1
If Abs(dx) > Abs(dy) Then deltaT = Abs(dx) Else deltaT = Abs(dy)
ReDim ary(1,deltaT) '存儲連線的點
If deltaT = 0 Then
ary(0,0) = x1
ary(1,0) = y1
Else
ii = 0
For i = 0 To deltaT
ary(0,i) = x1 + dx * i \ deltaT
ary(1,i) = y1 + dy * i \ deltaT
If pcd_getDot(ary(0,i),ary(1,i),str,UnitWidth) = "0" Then ii = ii + 1
Next
' 統計連線上有效點的數量,如未超過有效點上限則跳出循環,執行干擾
If ii <= DotsLimit Then Exit For
End If
Next
' 執行干擾(dx,dy改作不同的方向標記用)
If Abs(dx) > Abs(dy) Then dx = 1 Else dx = 0
If dx = 1 Then
If Int(Rnd*10) > 4 Then
dy = 1
way = -1
Else
dy = UnitHeight - 2
way = 1
End If
Else
If Int(Rnd*10) > 4 Then
dy = 1
way = -1
Else
dy = UnitWidth - 2
way = 1
End If
End If
For i=0 To deltaT
For ii=ary(dx,i) To dy Step way
Call pcd_setDot(ary(0,i)*dx+ii*(1-dx),ary(1,i)*(1-dx)+ii*(dx),str,pcd_getDot(ary(0,i)*dx+(ii+way)*(1-dx),ary(1,i)*(1-dx)+(ii+way)*(dx),str,UnitWidth),UnitWidth)
Next
'添補空白
Call pcd_setDot(ary(0,i)*dx+(dy+way)*(1-dx),ary(1,i)*(1-dx)+(dy+way)*(dx),str,"1",UnitWidth)
Next
Next
pcd_doubter = str
End Function
Rem 得到某點的字符
Function pcd_getDot(x,y,str,UnitWidth)
pcd_getDot = Mid(str,x+1+y*UnitWidth,1)
End Function
Rem 設置某點的字符
Sub pcd_setDot(x,y,ByRef str,newDot,UnitWidth)
str = Left(str,x+y*UnitWidth) & newDot & Right(str,Len(str)-x-y*UnitWidth-1)
End Sub
Rem 將數字轉為bmp需要的格式 lens是目標字節長度
Function Num2ChrB(ByVal num,lens)
Dim ret,i
ret = ""
While (num>0)
ret = ret & ChrB(num mod 256)
num = num \ 256
WEnd
For i=Lenb(ret) To lens-1
ret = ret & chrB(0)
Next
Num2ChrB = ret
End Function
%>
