As you all guyz know that security of user account is the critical problem in these days. So, the developer have to think about how they can secure their user account. This is can done by generating and sending OPT to the user phone number through SMS.
First understand what is OTP?
A One Time Password (OTP) is a unique code/token generated by our application, sent to a user via SMS text and then entered into our application login/signup flow for additional security.
- People supply a mobile number when they join your service.
- You generate a unique code and merge it into an SMS text and send to the user.
- The user types the code into a form on your server and you verify the code matches.
- You delete the code after a successful login or after a period of time.
One-Time Passwords are only effective for a fixed period of time and become invalid once the user logs in, making them exceptionally useful against spyware such as key logging programs.
One you have built One Time Passwords into your activation/signup flow a One Time Password will be texted every time a login attempt is made. This flow will dramatically improve account security.
“This tutorial may be very useful for those who want to integrate OTP features in their project which is developed in PHP”.
So for this, we have to take the help of SMS gateway to send the OTP to the user Phone Number.
We are going to take help of txtlocal as our SMS gateway. All you have do is go to http://www.txtlocal.co.uk and there you need to create one account. after creating account. (you need to fill up some of your information and txtlocal will send you a verification email into your email and verify your account [watch the video for detail]). After completing this step, go to https://control.txtlocal.co.uk/docs/ and scroll down, at the bottom of the page you will see Send SMS via PHP; click that link and copy the code from there and then edit as in the following manner or simply copy the below code but you need to provide your own hash key when you run this project.
Now write the following piece of code in any text editing software.
[sociallocker]
I am using dream weaver cc. and saved this php file in .php extension in your localhost and run (Note: your php file will not execute in the same way you run your html file, because PHP is server side scripting language so you need to have any server application to run this file. watch this video to configure site and testing server in dream weaver cc: https://youtu.be/L4ex3S8BVCo or read from here: click here)
<!doctype html>
<?php
if(isset($_POST['login'])){
// Authorisation details.
$username = "otpphp@gmail.com";
$hash = "3eab60ec988c461f0cfc0e6ed6ed7b0b9bfc0b72e462dfdb2492b447223422d7";
// Config variables. Consult http://api.txtlocal.com/docs for more info.
$test = "0";
$name =$_POST['name'];
// Data for text message. This is the text message data.
$sender = "API Test"; // This is who the message appears to be from.
$numbers = $_POST['num']; // A single number or a comma-seperated list of numbers
$otp=mt_rand(100000,999999);
setcookie("otp", $otp);
$message = "Hey ".$name. "your OTP IS ".$otp;
// 612 chars or less
// A single number or a comma-seperated list of numbers
$message = urlencode($message);
$data = "username=".$username."&hash=".$hash."&message=".$message."&sender=".$sender."&numbers=".$numbers."&test=".$test;
$ch = curl_init('http://api.txtlocal.com/send/?');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($ch); // This is the result from the API
echo("OTP SEND SUCCESSFULLY");
curl_close($ch);
}
if(isset($_POST['ver'])){
$verotp=$_POST['otp'];
if($verotp==$_COOKIE['otp']){
echo("logined successfully");
}else{
echo("otp worng");
}
}
?>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>
<body>
<form method="post" action="phpotp.php">
<table align="center">
<tr>
<td>Name</td>
<td><input type="text" name="name" placeholder="Enter your Name"</td>
</tr>
<tr>
<td>Phone Number</td>
<td><input type="text" name="num" placeholder="Valid!with country Code"</td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="login" value="sign(login)[send otp]" style="background-color: #433396; border: 0px;"</td>
</tr>
<tr>
<td>Verify OTP:</td>
<td><input type="text" name="otp" placeholder="enter received otp"</td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="ver" value="verify otp" style="background-color: green; border:0px;"</td>
</tr>
</table>
</form>
</body>
</html>
May be after sending 10 OTP SMS your credit will be finished! but don’t be sad you can send more and more OTP SMS but you need to create another account with another email account in www.txtlocal.co.uk ! that’s it. you may not be that much happy to hear this (sending only 10 OTP SMS) but don’t forget you are able to send these 10 OTP SMS for free and also there is one line “To get something, you must lose something”. it means you have to spend some time in creating account in txtlocal.co.uk in order to send OTP SMS.
[/sociallocker]
Finally, if you guyz think, this is awesome tutorial and help you in some extend please share this tutorials with your all friend so that they can know about this method of sending OTP SMS!
watch the video:
www.youtube.com/watch?v=6CiAGcT0ZLc