之前做登入時，傳送簡訊驗證碼需要做安全控制，使用到了圖形驗證碼

使用的思路是：
1、建立一個驗證碼圖片生成器頁面
2、生成字母或數字組成的隨機字串
3、在Cookie中儲存隨機驗證碼
4、根據生成的隨機驗證碼，生成驗證碼圖片
5、前端呼叫該頁面，填寫驗證碼，後臺獲取使用者輸入的驗證碼與Session中儲存的值比較，相同則驗證通過

驗證碼生成器程式碼：

protected void Page_Load(object sender, EventArgs e)
{
    Response.Cache.SetNoStore();//禁用快取
    CreateCheckCodeImage(GenerateCheckCode());

}
//生成陣列和字母組合的隨機字串，並存入Session
 

private string GenerateCheckCode()
{
    //定義驗證碼長度
    int CODELENGTH = 4;
    int number;
    string RandomCode = string.Empty;
    Random r = new Random();
    for (int i = 0; i < CODELENGTH; i++)
    {
        number = r.Next();
        //字元從0~9, A~Z中隨機產生,對應的ASCII碼分別為48~57, 65~90 a-z 97~122
        number = number % 36
 
;
        if (number < 10)
            number += 48;
        else
            number += 55;
        RandomCode += ((char)number).ToString();
    }
    //在Cookie中儲存驗證碼
    Session["CheckCode"] = RandomCode;
    Response.Cookies.Add(new HttpCookie("CheckCode", RandomCode));
    return RandomCode;
}

//生成驗證碼圖片
 

private void CreateCheckCodeImage(string checkCode)
{
    //若驗證碼為空，則直接返回
    if (checkCode == null || checkCode.Trim() == string.Empty)
        return;
    //根據驗證碼的長度確定輸出圖片的寬度
    int iWidth = (int)Math.Ceiling(checkCode.Length * 15m);
    int iHeight = 20;
    //建立影象
    Bitmap image = new Bitmap(iWidth, iHeight);
    //從影象獲取一個繪圖面
    Graphics g = Graphics.FromImage(image);

    try
    {
        Random r = new Random();
        //清空圖片背景色
        g.Clear(Color.White);
        //畫圖片的背景噪音線10條
        for (int i = 0; i < 10; i++)
        {
            int x1 = r.Next(image.Width);
            int x2 = r.Next(image.Width);
            int y1 = r.Next(image.Height);
            int y2 = r.Next(image.Height);
            //用銀色畫出噪音線
            g.DrawLine(new Pen(Color.Silver), x1, y1, x2, y2);
        }
        //畫圖片的前景噪音點50個
        for (int i = 0; i < 50; i++)
        {
            int x = r.Next(image.Width);
            int y = r.Next(image.Height);
            image.SetPixel(x, y, Color.FromArgb(r.Next()));
        }
        //畫圖片的框線
        g.DrawRectangle(new Pen(Color.SaddleBrown), 0, 0, image.Width - 1, image.Height - 1);
        //定義繪製文字的字型
        Font f = new Font("Arial", 12, (FontStyle.Bold | FontStyle.Italic));
        //線性漸變畫刷
        System.Drawing.Drawing2D.LinearGradientBrush brush = new System.Drawing.Drawing2D.LinearGradientBrush(new Rectangle(0, 0, image.Width, image.Height), Color.Blue, Color.Purple, 1.2f, true);
        g.DrawString(checkCode, f, brush, 2, 2);
        //建立記憶體流用於輸出圖片
        using (System.IO.MemoryStream ms = new System.IO.MemoryStream())
        {
            //圖片格式制定為png
            image.Save(ms, System.Drawing.Imaging.ImageFormat.Png);
            //清除緩衝區流中的所有輸出
            Response.ClearContent();
            //輸出流的HTTP MIME型別設定為"image/Png"
            Response.ContentType = "image/Png";
            //輸出圖片的二進位制流
            Response.BinaryWrite(ms.ToArray());
        }
    }
    finally
    {
        //釋放Bitmap物件和Graphics物件
        g.Dispose();
        image.Dispose();
    }
}

如果前端是以介面形式請求圖形驗證碼，可以吧生成的圖片轉換成base64字串形式返回給客戶端，客戶端通過設定 img的src=”data:image/png;base64,”+base64Str 來顯示圖形驗證碼

圖片轉base64編碼：

//建立記憶體流用於輸出圖片
using (System.IO.MemoryStream ms = new System.IO.MemoryStream())
{
    //圖片格式制定為png
    image.Save(ms, System.Drawing.Imaging.ImageFormat.Png);
    //清除緩衝區流中的所有輸出
    Response.ClearContent();
    //輸出流的HTTP MIME型別設定為"image/Png"
    Response.ContentType = "image/Png";
    //輸出圖片的二進位制流
    Response.BinaryWrite(ms.ToArray());

    string base64Str = Convert.ToBase64String(ms.ToArray());
}

前端顯示：

<img src="data:image/jpg;base64,iVBORw0KGgoAAAANSUhEUgAAADwAAAAUCAYAAADRA14pAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAUoSURBVFhH5ZdbbBRVGMc/kvJEFAWioIJGH7CiVUQ2RhBvQSYFmmJEhVYUuQiRF8gU8QGUID4oSUVBvAytIFpbQRSKKZW6S2lLHyy0IJQ2YqftbrdQubRApSj5+53LDrPbvYEQH/glJz3znTOz5zfnfGdO6YPxA3E9FSmciJ3pC+fqakx8Pl9YuZbMHzJlsa5eFo5w5GAjSyLK3p3yqK46RHtOqMQj2X5XQlLCgmjxZIobd8zdJ7K4idd2JTjCgjWZ/bJkJQHdh8YtEn+TGcSEzEm3ugd8tYsb68NdqboakzDhWDRbnRhIf+IWOobBFMRtFMAd1Iph1IylXiXuYHdgOh3CA3QAD1ItZlh/6YYQ3SgyKvA4leMJ2o2FueGDD1h7MImKkUHbkEk7kKfbhtE6vETfIou+wcv0FV6hDZhJ+TBzSp37Q8+IRxLCF3EDncQg6ogqfBf5sdHW0t4A7qV6jKDfHOGRtA8r+aU42K2YQyFhH+Zb53SDeEYZFtNPl4TNNt3ShWKjCNOogIW/DhOeResxx2zS/XqnwOY+2X3c10kIX8ASOiGF33IPnGdqqRRuwjIZ78EyzxGk0mFkWedlj1arQQqPMtrQKiOMtwFjWHgcCz8ZIRywKpDuEp6TUxZqwToqlMLv8Ipw8O5Wwixfyi89GRILe89igBQ+ifywh0YI2yd4QELYj0/4TUq8thKmP1ClIvBbtRjLwq8bNRHCx+ChEhbeg9Xmbin8sU4XX+42vCiFq7Ah9GxJJ0oMIfwFluTs1LH4JBS2rS4lbJxDs47NXjVxVLmplvTddBx7RNAbxHAtXMGXYqDRhKvNKhbehyKrPlzYewCGEDZ/x1ZDzHAN0u5Re1DQKlXCnmL8GCYM1JlKeB4va/mbCUggfBF5xik9w71z+E6yMdW6IHvS2Dw9w0exSa6E81juUTkshFOH38gxsWFVsjD36/+ZS/gsvjdKWbgCW+12fETbkWE0YEhKCrd1YbvxnRLu+7x4sJOPoqT1XY+59LkUDrUVDB6RLS+ikED4b7xJvYVvZ+Gh1CJ36Ev0YJOhcti9aT3MwqM9lSqHbT9mEwsbLfB71Qw/ZR7n2T2IZ4mFzXau78dkIexsWCJ/lfCnYb8nOI21HksKr7RO6ZheXTGIL2z38AYihA8jL4lNweer5uV1Sfgh2s/CNRhtnlQdvI14TAibHfzsFq4L4SZsMXZhAu1ELgsFrHIpLPJXYh/hly6ES1AcMYZp/RZgBSnhjJHq8BQitAIiiStsW2dwkxA2utF/6AAdjc25N1Ie0VW+uR0ztPB7evB+q04Kz7W6pfA8Fn6afsF4+hmGcZTn8gzn7w4W9uEHLddm7cJUIWwcRlCFHGrNPF4xLGzs5y0vOpHScYV9ZqcUHmT26EgszuBtapSb1nItV2nWqRk2gs4naa+5Vwq/z318hT7+pvrwDJVJYTG7QDtW82FjMr+kX+UdQI25RQmbfh1R1Jpf4jVSwvl873PVmzN1Uy/c0nGERf524mb+HE22/tGx2FSYjfLQcR+fsu6ng0ijOt6w6lHgLMNuFBpCuAHV8rqDZ9+rhD1lPLuMtxYThbDRCJXBAaylLXiBiuQpazqfsrJpE6+cjXiVlPAK67TsmSyxhWX+nub87Uwqf9Wm5RZuRqVukdgBPiTsxRijFWquOrBKCy+wzspZEAcPIbyIU0liN/BL3xxDuBy1qtdlEWeGr5ySmaNn6er/SnDjGvlPjptrIny1KUwvm6er/xlH+PopA/Evy3vMc/0rY8gAAAAASUVORK5CYII=" />

另外還有一種思路是：
1、客戶端請求圖形驗證碼
2、伺服器向客戶端返回base64形式的圖片，並且返回加密過的後臺生成的驗證碼（可以使用base64加密或其他加密方法）
3、客戶端解密驗證碼和使用者輸入的驗證碼比較（或者加密使用者輸入驗證碼和獲取的加密驗證碼比較），這樣可以實現在客戶端完成驗證