Login OTP With Mobile Number Using PHP And MySQL Database
Category: PHP | 12th June 2023, Monday
To Implement User Login With OTP Using A Mobile Number In PHP And A MySQLi Database, You Can Follow These Steps:
-
Create A Database Table:
- Create A Table In Your MySQLi Database To Store User Information, Including Mobile Numbers And OTPs.
-
Generate And Store OTP:
- When A User Registers Or Requests A Login OTP, Generate A Random OTP.
- Store The OTP, Along With The User's Mobile Number And An Expiration Time, In The Database.
-
Send OTP To The User:
- Use An SMS Service Provider (e.g., Twilio, Nexmo) To Send The OTP To The User's Mobile Number.
-
User Verification:
- Display A Login Form To The User, Including A Field To Enter The Received OTP.
- Submit The Form To The Server For Validation.
-
OTP Validation:
- Retrieve The Stored OTP Associated With The User's Mobile Number From The Database.
- Compare The Entered OTP With The Stored OTP.
- Ensure The OTP Is Within The Expiration Time.
Here's An Example PHP Code Snippet To Demonstrate These Steps:
<?php
// Step 2: Generate And Store OTP
function GenerateOTP()
{
// Generate A 6-digit OTP
$otp = Rand(100000, 999999);
// Store The OTP, Mobile Number, And Expiration Time In The Database
$expiryTime = Time() + 300; // OTP Expiration Time (in This Case, 5 Minutes)
$mysqli = New Mysqli("localhost", "username", "password", "database_name");
$query = "INSERT INTO Users (mobile_number, Otp, Expiry_time) VALUES (?, ?, ?)";
$stmt = $mysqli->prepare($query);
$stmt->bind_param("sis", $mobileNumber, $otp, $expiryTime);
$stmt->execute();
$stmt->close();
$mysqli->close();
Return $otp;
}
// Step 3: Send OTP To The User (e.g., Using An SMS Service Provider)
function SendOTP($mobileNumber, $otp)
{
// Use An SMS Service Provider To Send The OTP To The User's Mobile Number
// ...
// Example Using Nexmo SMS API
$api_key = "YOUR_API_KEY";
$api_secret = "YOUR_API_SECRET";
$from = "SENDER_NUMBER";
$text = "Your OTP Is: " . $otp;
$to = $mobileNumber;
$url = "https://rest.nexmo.com/sms/json";
$data = Array(
"api_key" => $api_key,
"api_secret" => $api_secret,
"from" => $from,
"text" => $text,
"to" => $to
);
$ch = Curl_init($url);
Curl_setopt($ch, CURLOPT_POST, 1);
Curl_setopt($ch, CURLOPT_POSTFIELDS, Http_build_query($data));
Curl_setopt($ch, CURLOPT_RETURNTRANSFER, True);
$response = Curl_exec($ch);
Curl_close($ch);
// Handle The Response From The SMS Service Provider
// ...
}
// Step 4: User Verification
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// Step 5: OTP Validation
$enteredOTP = $_POST['otp'];
$mobileNumber = $_POST['mobile_number'];
$mysqli = New Mysqli("localhost", "username", "password", "database_name");
$query = "SELECT Otp, Expiry_time FROM Users WHERE Mobile_number = ? AND Expiry_time >= ?";
$stmt = $mysqli->prepare($query);
$stmt->bind_param("si", $mobileNumber, Time());
$stmt->execute();
$stmt->bind_result($storedOTP, $expiryTime);
$stmt->fetch();
$stmt->close();
$mysqli->close();
If ($enteredOTP === $storedOTP && Time() < $expiryTime) {
// OTP Is Valid
// Perform The Login Operation Or Grant Access To The User
// ...
} Else {
// OTP Is Invalid Or Expired
// Display An Error Message To The User
// ...
}
}
?>
<!-- Step 4: User Verification (HTML Form) -->
<form Method="post" Action="">
<input Type="text" Name="mobile_number" Placeholder="Enter Mobile Number">
<input Type="text" Name="otp" Placeholder="Enter OTP">
<button Type="submit">Verify</button>
</form>
Remember To Replace "localhost", "username", "password", And "database_name" With The Appropriate Values For Your Database Configuration. Additionally, Modify The sendOTP() Function To Use Your Preferred SMS Service Provider And API Credentials.
Ensure You Have The Necessary Libraries Or Extensions Installed (e.g., mysqli, curl) To Run This Code Successfully.
Tags:
Php And Mysql Database, Php Script, Php Otp Login
