无聊写了一个用来生成密码,省的自己动脑筋了
优点
- 高强度密码生成
- 使用
random_int()加密安全随机数 - 支持4种字符类型组合:
- 小写字母(a-z)
- 大写字母(A-Z)
- 数字(0-9)
- 特殊符号(!@#$%^&*等)
- 自动确保每种选中类型至少包含1个字符
- 使用
- 安全防护机制
- CSRF令牌双重验证
- 会话固定攻击防护
- 输入参数严格过滤
- 智能用户体验
- 实时密码强度可视化
- AJAX无刷新生成
- 响应式移动端适配
- 一键复制功能
<?php
// 开启会话用于CSRF保护
session_start();
// --- 核心功能:安全地生成密码 ---
function generate_secure_password(int $length, bool $include_uppercase, bool $include_lowercase, bool $include_numbers, bool $include_symbols): string {
$lowercase_chars = 'abcdefghijklmnopqrstuvwxyz';
$uppercase_chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$number_chars = '0123456789';
$symbol_chars = '!@#$%^&*()-_=+[]{}|;:,.<>?';
$char_pool = '';
$password = '';
if ($include_lowercase) {
$char_pool .= $lowercase_chars;
$password .= $lowercase_chars[random_int(0, strlen($lowercase_chars) - 1)];
}
if ($include_uppercase) {
$char_pool .= $uppercase_chars;
$password .= $uppercase_chars[random_int(0, strlen($uppercase_chars) - 1)];
}
if ($include_numbers) {
$char_pool .= $number_chars;
$password .= $number_chars[random_int(0, strlen($number_chars) - 1)];
}
if ($include_symbols) {
$char_pool .= $symbol_chars;
$password .= $symbol_chars[random_int(0, strlen($symbol_chars) - 1)];
}
if (empty($char_pool)) {
return '错误:请至少选择一种字符类型。';
}
$remaining_length = $length - strlen($password);
if ($remaining_length > 0) {
$pool_length = strlen($char_pool) - 1;
for ($i = 0; $i < $remaining_length; $i++) {
$password .= $char_pool[random_int(0, $pool_length)];
}
}
return str_shuffle($password);
}
// 生成并存储CSRF令牌
if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
$csrf_token = $_SESSION['csrf_token'];
// --- 页面逻辑:处理用户输入和显示 ---
$generated_password = '';
$options = [
'length' => $_POST['length'] ?? 16,
'lowercase' => isset($_POST['form_submitted']) ? isset($_POST['lowercase']) : true,
'uppercase' => isset($_POST['form_submitted']) ? isset($_POST['uppercase']) : true,
'numbers' => isset($_POST['form_submitted']) ? isset($_POST['numbers']) : true,
'symbols' => isset($_POST['form_submitted']) ? isset($_POST['symbols']) : true,
];
// 验证用户输入的函数
function validate_input(array $data): array {
$errors = [];
// 验证密码长度
$length = filter_var($data['length'] ?? 16, FILTER_VALIDATE_INT, [
'options' => [
'min_range' => 8,
'max_range' => 50
]
]);
if ($length === false) {
$errors[] = '密码长度必须在8-50之间';
}
// 验证布尔值参数
$types = ['lowercase', 'uppercase', 'numbers', 'symbols'];
foreach ($types as $type) {
if (isset($data[$type])) {
$value = filter_var($data[$type], FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE);
if ($value === null) {
$errors[] = "无效的字符类型参数: $type";
}
}
}
// 验证CSRF令牌
if (empty($data['csrf_token']) || !hash_equals($_SESSION['csrf_token'], $data['csrf_token'])) {
$errors[] = 'CSRF验证失败';
}
return $errors;
}
// 处理表单提交
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$input_errors = validate_input($_POST);
// 检查是否有AJAX请求头
$is_ajax = isset($_SERVER['HTTP_X_REQUESTED_WITH']) &&
strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest';
if (!empty($input_errors)) {
$error_message = implode('<br>', $input_errors);
$generated_password = '错误: ' . $error_message;
if ($is_ajax) {
header('Content-Type: application/json');
echo json_encode(['password' => $generated_password]);
exit;
}
} else {
if ($is_ajax) {
$generated_password = generate_secure_password(
(int)($_POST['length'] ?? 16),
(bool)($_POST['uppercase'] ?? false),
(bool)($_POST['lowercase'] ?? false),
(bool)($_POST['numbers'] ?? false),
(bool)($_POST['symbols'] ?? false)
);
header('Content-Type: application/json');
echo json_encode(['password' => $generated_password]);
exit;
} else {
$generated_password = generate_secure_password(
(int)$options['length'],
(bool)$options['uppercase'],
(bool)$options['lowercase'],
(bool)$options['numbers'],
(bool)$options['symbols']
);
}
}
}
?>
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>安全密码生成器</title>
<style>
* {
box-sizing: border-box;
margin: 0;
padding: 0;
font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
}
body {
background-color: #f8f9fa;
display: flex;
justify-content: center;
align-items: center;
min-height: 100vh;
padding: 20px;
color: #333;
}
.container {
width: 100%;
max-width: 480px;
background: white;
border-radius: 12px;
box-shadow: 0 6px 20px rgba(0, 0, 0, 0.08);
overflow: hidden;
padding: 30px;
}
.header {
text-align: center;
margin-bottom: 25px;
padding-bottom: 20px;
border-bottom: 1px solid #eaeaea;
}
.header h1 {
font-size: 28px;
color: #2c3e50;
margin-bottom: 8px;
display: flex;
align-items: center;
justify-content: center;
gap: 10px;
}
.header p {
color: #7f8c8d;
font-size: 16px;
margin-top: 5px;
}
.password-display {
margin-bottom: 25px;
position: relative;
}
#result {
width: 100%;
padding: 14px 16px;
border: 1px solid #e1e5e9;
border-radius: 8px;
font-size: 18px;
background: #fcfcfc;
word-break: break-all;
height: 80px;
resize: none;
overflow-y: auto;
}
#result:focus {
outline: none;
border-color: #3498db;
box-shadow: 0 0 0 2px rgba(52, 152, 219, 0.1);
}
.password-actions {
display: flex;
gap: 10px;
margin-top: 15px;
}
.btn {
flex: 1;
padding: 12px 15px;
border-radius: 8px;
font-weight: 500;
font-size: 16px;
cursor: pointer;
transition: all 0.2s ease;
display: flex;
align-items: center;
justify-content: center;
gap: 8px;
border: none;
}
.btn-copy {
background-color: #27ae60;
color: white;
}
.btn-copy:hover {
background-color: #219653;
}
.btn-generate {
background-color: #3498db;
color: white;
}
.btn-generate:hover {
background-color: #2980b9;
}
.options-section {
margin-top: 30px;
}
.options-title {
font-size: 18px;
font-weight: 500;
margin-bottom: 18px;
color: #2c3e50;
}
.option-group {
background: #f9fafb;
border-radius: 10px;
padding: 20px;
}
.form-group {
margin-bottom: 18px;
}
.form-group:last-child {
margin-bottom: 0;
}
.form-group label {
display: block;
font-weight: 500;
margin-bottom: 8px;
font-size: 15px;
}
.form-control {
width: 100%;
padding: 10px 14px;
border: 1px solid #e1e5e9;
border-radius: 8px;
font-size: 16px;
}
.form-control:focus {
outline: none;
border-color: #3498db;
box-shadow: 0 0 0 2px rgba(52, 152, 219, 0.1);
}
.switch-container {
display: flex;
align-items: center;
justify-content: space-between;
background: white;
border: 1px solid #e1e5e9;
border-radius: 8px;
padding: 14px;
margin-bottom: 12px;
}
.switch-container label {
font-size: 15px;
cursor: pointer;
}
.switch {
position: relative;
display: inline-block;
width: 50px;
height: 26px;
}
.switch input {
opacity: 0;
width: 0;
height: 0;
}
.slider {
position: absolute;
cursor: pointer;
top: 0;
left: 0;
right: 0;
bottom: 0;
background-color: #ccc;
transition: .4s;
border-radius: 26px;
}
.slider:before {
position: absolute;
content: "";
height: 20px;
width: 20px;
left: 3px;
bottom: 3px;
background-color: white;
transition: .4s;
border-radius: 50%;
}
input:checked + .slider {
background-color: #3498db;
}
input:checked + .slider:before {
transform: translateX(24px);
}
.length-control {
display: flex;
gap: 10px;
align-items: center;
}
.btn-decrement, .btn-increment {
width: 40px;
height: 40px;
background: #f1f5f9;
border: 1px solid #e1e5e9;
border-radius: 8px;
font-size: 20px;
cursor: pointer;
display: flex;
align-items: center;
justify-content: center;
}
.btn-decrement:hover, .btn-increment:hover {
background: #e8ebee;
}
.length-input {
width: 80px;
text-align: center;
font-weight: 500;
}
.strength-meter {
margin-top: 20px;
background: #f1f5f9;
border-radius: 8px;
padding: 12px 15px;
display: flex;
align-items: center;
}
.strength-label {
font-size: 14px;
font-weight: 500;
}
.indicator {
flex-grow: 1;
height: 6px;
background: #e0e0e0;
border-radius: 10px;
overflow: hidden;
margin: 0 12px;
}
.progress {
height: 100%;
background: #e74c3c;
border-radius: 10px;
transition: width 0.4s ease;
}
.strength-text {
font-size: 13px;
font-weight: 500;
}
@media (max-width: 500px) {
.container {
padding: 20px;
}
.header h1 {
font-size: 24px;
}
.password-actions {
flex-direction: column;
}
}
</style>
</head>
<body>
<div class="container">
<div class="header">
<h1>🔐🔐 安全密码生成器</h1>
<p>快速创建高强度随机密码</p>
</div>
<div class="password-display">
<textarea id="result" rows="3" readonly placeholder="点击生成按钮创建密码"><?php echo htmlspecialchars($generated_password, ENT_QUOTES, 'UTF-8'); ?></textarea>
<div class="password-actions">
<button class="btn btn-copy" id="copyBtn">
<svg width="18" height="18" viewBox="0 0 24 24">
<path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"/>
</svg>
复制密码
</button>
<button class="btn btn-generate" id="generateBtn">
<svg width="18" height="18" viewBox="0 0 24 24">
<path fill="currentColor" d="M17.65,6.35C16.2,4.9 14.21,4 12,4A8,8 0 0,0 4,12A8,8 0 0,0 12,20C15.73,20 18.84,17.45 19.73,14H17.65C16.83,16.33 14.61,18 12,18A6,6 0 0,1 6,12A6,6 0 0,1 12,6C13.66,6 15.14,6.69 16.22,7.78L13,11H20V4L17.65,6.35Z"/>
</svg>
重新生成
</button>
</div>
</div>
<div class="options-section">
<h2 class="options-title">自定义选项</h2>
<form id="passwordForm" method="post">
<input type="hidden" name="form_submitted" value="1">
<!-- 添加CSRF令牌 -->
<input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars($csrf_token, ENT_QUOTES, 'UTF-8'); ?>">
<div class="option-group">
<div class="form-group">
<label for="length">密码长度</label>
<div class="length-control">
<button class="btn-decrement" type="button" id="decrement">-</button>
<input type="number" id="length" name="length" class="form-control length-input" min="8" max="50" value="<?php echo htmlspecialchars($options['length'], ENT_QUOTES, 'UTF-8'); ?>">
<button class="btn-increment" type="button" id="increment">+</button>
</div>
</div>
<div class="switch-container">
<label for="lowercase">小写字母 (a-z)</label>
<label class="switch">
<input type="checkbox" name="lowercase" id="lowercase" <?php if ($options['lowercase']) echo 'checked'; ?>>
<span class="slider"></span>
</label>
</div>
<div class="switch-container">
<label for="uppercase">大写字母 (A-Z)</label>
<label class="switch">
<input type="checkbox" name="uppercase" id="uppercase" <?php if ($options['uppercase']) echo 'checked'; ?>>
<span class="slider"></span>
</label>
</div>
<div class="switch-container">
<label for="numbers">数字 (0-9)</label>
<label class="switch">
<input type="checkbox" name="numbers" id="numbers" <?php if ($options['numbers']) echo 'checked'; ?>>
<span class="slider"></span>
</label>
</div>
<div class="switch-container">
<label for="symbols">特殊符号 (!@#...)</label>
<label class="switch">
<input type="checkbox" name="symbols" id="symbols" <?php if ($options['symbols']) echo 'checked'; ?>>
<span class="slider"></span>
</label>
</div>
</div>
<div class="strength-meter">
<span class="strength-label">密码强度:</span>
<div class="indicator">
<div class="progress" id="strengthIndicator"></div>
</div>
<span class="strength-text" id="strengthText">-</span>
</div>
</form>
</div>
</div>
<script>
// 获取DOM元素
const passwordForm = document.getElementById('passwordForm');
const resultTextarea = document.getElementById('result');
const copyBtn = document.getElementById('copyBtn');
const generateBtn = document.getElementById('generateBtn');
const lengthInput = document.getElementById('length');
const decrementBtn = document.getElementById('decrement');
const incrementBtn = document.getElementById('increment');
const strengthIndicator = document.getElementById('strengthIndicator');
const strengthText = document.getElementById('strengthText');
// 复制密码
copyBtn.addEventListener('click', function() {
if (!resultTextarea.value) return;
resultTextarea.select();
document.execCommand('copy');
// 视觉反馈
this.innerHTML = `
<svg width="18" height="18" viewBox="0 0 24 24">
<path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"/>
</svg>
已复制!
`;
setTimeout(() => {
this.innerHTML = `
<svg width="18" height="18" viewBox="0 0 24 24">
<path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"/>
</svg>
复制密码
`;
}, 2000);
});
// 提交表单生成密码
function generatePassword() {
generateBtn.innerHTML = `
<svg width="18" height="18" viewBox="0 0 24 24" style="animation: spin 1s linear infinite;">
<path fill="currentColor" d="M12,4V2A10,10 0 0,0 2,12H4A8,8 0 0,1 12,4Z"/>
</svg>
生成中...
`;
// 发送AJAX请求
fetch('', {
method: 'POST',
headers: {
'X-Requested-With': 'XMLHttpRequest',
'Content-Type': 'application/x-www-form-urlencoded'
},
body: new URLSearchParams(new FormData(passwordForm))
})
.then(response => response.json())
.then(data => {
resultTextarea.value = data.password;
generateBtn.innerHTML = `
<svg width="18" height="18" viewBox="0 0 24 24">
<path fill="currentColor" d="M17.65,6.35C16.2,4.9 14.21,4 12,4A8,8 0 0,0 4,12A8,8 0 0,0 12,20C15.73,20 18.84,17.45 19.73,14H17.65C16.83,16.33 14.61,18 12,18A6,6 0 0,1 6,12A6,6 0 0,1 12,6C13.66,6 15.14,6.69 16.22,7.78L13,11H20V4L17.65,6.35Z"/>
</svg>
重新生成
`;
// 更新密码强度指示器
updateStrengthIndicator(data.password);
})
.catch(error => {
console.error('Error:', error);
generateBtn.innerHTML = `
<svg width="18" height="18" viewBox="0 0 24 24">
<path fill="currentColor" d="M17.65,6.35C16.2,4.9 14.21,4 12,4A8,8 0 0,0 4,12A8,8 0 0,0 12,20C15.73,20 18.84,17.45 19.73,14H17.65C16.83,16.33 14.61,18 12,18A6,6 0 0,1 6,12A6,6 0 0,1 12,6C13.66,6 15.14,6.69 16.22,7.78L13,11H20V4L17.65,6.35Z"/>
</svg>
重新生成
`;
});
}
// 提交表单
generateBtn.addEventListener('click', function(e) {
e.preventDefault();
generatePassword();
});
// 增减密码长度
decrementBtn.addEventListener('click', function() {
if (parseInt(lengthInput.value) > 8) {
lengthInput.value = parseInt(lengthInput.value) - 1;
generatePassword();
}
});
incrementBtn.addEventListener('click', function() {
if (parseInt(lengthInput.value) < 50) {
lengthInput.value = parseInt(lengthInput.value) + 1;
generatePassword();
}
});
// 选项变化时重新生成
const options = ['lowercase', 'uppercase', 'numbers', 'symbols'];
options.forEach(option => {
document.getElementById(option).addEventListener('change', generatePassword);
});
// 更新密码强度指示器
function updateStrengthIndicator(password) {
let strength = 0;
// 计算长度得分
if (password.length >= 12) strength += 2;
else if (password.length >= 8) strength += 1;
// 检查字符类型
const hasLowercase = /[a-z]/.test(password);
const hasUppercase = /[A-Z]/.test(password);
const hasNumbers = /[0-9]/.test(password);
const hasSymbols = /[^a-zA-Z0-9]/.test(password);
// 计算字符类型得分
const typeCount = [hasLowercase, hasUppercase, hasNumbers, hasSymbols].filter(Boolean).length;
strength += typeCount;
// 设置强度等级 (0-4)
const strengthLevel = Math.min(4, Math.max(1, strength));
const percentage = Math.min(100, strengthLevel * 25);
// 更新UI
strengthIndicator.style.width = `${percentage}%`;
// 设置进度条颜色和文本
if (strengthLevel < 2) {
strengthIndicator.style.backgroundColor = '#e74c3c';
strengthText.textContent = '弱';
strengthText.style.color = '#e74c3c';
} else if (strengthLevel < 3) {
strengthIndicator.style.backgroundColor = '#f39c12';
strengthText.textContent = '中';
strengthText.style.color = '#f39c12';
} else if (strengthLevel < 4) {
strengthIndicator.style.backgroundColor = '#3498db';
strengthText.textContent = '强';
strengthText.style.color = '#3498db';
} else {
strengthIndicator.style.backgroundColor = '#27ae60';
strengthText.textContent = '很强';
strengthText.style.color = '#27ae60';
}
}
// 页面加载时更新强度指示器(如果有密码)
if (resultTextarea.value && resultTextarea.value !== '') {
updateStrengthIndicator(resultTextarea.value);
}
// 添加旋转动画
const style = document.createElement('style');
style.innerHTML = `
@keyframes spin {
0% { transform: rotate(0deg); }
100% { transform: rotate(360deg); }
}
`;
document.head.appendChild(style);
</script>
</body>
</html>