我使用这个小的 PHP 脚本来创建验证码并将其传递给 javaapplication:
<?php
$secretkey = "***";
header ( 'Content-type: text/xml' );
function generatePassword($length = 5) {
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
$count = mb_strlen($chars);
for ($i = 0, $result = ''; $i < $length; $i++) {
$index = rand(0, $count - 1);
$result .= mb_substr($chars, $index, 1);
}
return $result;
}
$user = $_POST['user'];
$key = $_POST['key'];
$captcha = generatePassword();
if ($key == $secretkey) {
try {
$dbh = new PDO("mysql:host=localhost;dbname=***", '***', '***');
} catch (PDOException $e) {
$error = $e->getMessage();
echo "<error>$error</error>";
}
$sth = $dbh->prepare("INSERT INTO xf_captcha (username, captcha)
VALUES (:user, :captcha)
ON DUPLICATE KEY
UPDATE captcha = :captcha",
array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
$sth->execute(array(':user' => $user, ':captcha' => $captcha));
$row = $sth->fetch(PDO::FETCH_ASSOC);
echo "<captcha>$captcha</captcha>";
}
else {
echo "<error>wrong key</error>";
}
?>
问题是,有时 JavaApplication 会出现 401 错误。我对此不了解的是,它似乎与每分钟发送的请求无关。
如果这是在没有 ddos 保护和大防火墙的 apache 服务器上执行的,那么拒绝请求的原因是什么?这可能与Apache有关吗?
编辑:
java部分看起来像这样: http: //pastebin.com/Thi2Htwp