我使用这个小PHP脚本创建并向javaapplication提供验证码:
<?php
$secretkey = "***";
header ( 'Content-type: text/xml' );
function generatePassword($length = 5) {
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
$count = mb_strlen($chars);
for ($i = 0, $result = ''; $i < $length; $i++) {
$index = rand(0, $count - 1);
$result .= mb_substr($chars, $index, 1);
}
return $result;
}
$user = $_POST['user'];
$key = $_POST['key'];
$captcha = generatePassword();
if ($key == $secretkey) {
try {
$dbh = new PDO("mysql:host=localhost;dbname=***", '***', '***');
} catch (PDOException $e) {
$error = $e->getMessage();
echo "<error>$error</error>";
}
$sth = $dbh->prepare("INSERT INTO xf_captcha (username, captcha)
VALUES (:user, :captcha)
ON DUPLICATE KEY
UPDATE captcha = :captcha",
array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
$sth->execute(array(':user' => $user, ':captcha' => $captcha));
$row = $sth->fetch(PDO::FETCH_ASSOC);
echo "<captcha>$captcha</captcha>";
}
else {
echo "<error>wrong key</error>";
}
?>
问题是,有时JavaApplication会出现401错误。我不明白这一点,它似乎与每分钟发送的请求无关。
如果在没有ddos保护和大防火墙的apache服务器上执行此操作,那么拒绝请求的原因是什么?这可能与Apache有关吗?
修改
java部分看起来像这样: http://pastebin.com/Thi2Htwp