Skip to main content

Email OTP

email otp sms

Email OTP

Login with an OTP code is a secure method for the user authentication process. In this method, a one-time password is generated dynamically and sent to the user who attempts login. OTP can be sent to the user’s email or his mobile phone. When the user enters the OTP code then the application will authenticate the user via this code.
In this tutorial, we are going to see an example to authenticate user login via an OTP code using email. You can check our mobile sms otp too!
 In this example, when the registered user enters email to login, an OTP code is sent to the email address. Using this OTP code the user will be validated. Once the user uses this code then it will be invalid, meaning it cannot be used again. Also, this token will be valid for a day, then it will be expired.

Login form with OTP

The following code shows login form to the user to enter his email address. On entering email, it shows an input to enter the OTP code sent to his email address. After submitting OTP, PHP will validate the code and show authentication result to the user. 

<?php 		
if(!empty($success == 1)) { 
	?> 	
    <div class="tableheader">Enter OTP</div>		<p 
    style="color:#31ab00;">Check your email for the OTP</p> 			 		<div class="tablerow"> 			<input type="text" name="otp" placeholder="One Time Password" class="login-input" required> 		</div> 
    <div class="tableheader">
    <input type="submit" name="submit_otp" value="Submit" class="btnSubmit"> </div> 
    <?php 
    } 
    else if ($success == 2)
    { 
    ?> 	
    <p style="color:#31ab00;">Welcome, You have successfully loggedin!<p/> 		<?php 	
    		} 		
            else {		?> 	 		<div class="tableheader">Enter Your Login Email</div> 		<div class="tablerow"><input type="text" name="email" placeholder="Email" class="login-input" required></div>		
            <div class="tableheader"><input type="submit" name="submit_email" value="Submit" class="btnSubmit">
            </div> 
    <?php 
    }
    ?> 	
    </div> </form>
On submitting the email address, PHP script validates the user by checking the user database whether it is registered email. If so, a 6 digit OTP code is generated dynamically by using the PHP rand() function. You may choose to substitute this random code generation logic using your preferred mechanism. This code is sent to the user’s email by using PHPmailer. When the user submits the OTP code to PHP, it validates the code by checking its expiration. The code is valid for one day and it will be expired once it is used. The PHP code is, 



<?php $success = "";
$error_message = "";
$conn = mysqli_connect("localhost","root","","blog_samples");
if(!empty($_POST["submit_email"]))
 { 
$result = mysqli_query($conn,"SELECT * FROM registered_users WHERE email='" . $_POST["email"] . "'");
$count = mysqli_num_rows($result);
if($count>0) 
{ 		// generate OTP
$otp = rand(100000,999999); 	
// Send OTP 		require_once("mail_function.php"); 		$mail_status = sendOTP($_POST["email"],$otp); 		
   if($mail_status == 1) { 

$result = mysqli_query($conn,"INSERT INTO otp_expiry(otp,is_expired,create_at) VALUES ('" . $otp . "', 0, '" . date("Y-m-d H:i:s"). "')"); 	
$current_id = mysqli_insert_id($conn);        if(!empty($current_id)){ 
       $success=1; 	
         } 	
        }   
       } else
       {
       $error_message = "Email not exists!"; 	
        }
       }  if(!empty($_POST["submit_otp"]))
       { 
       $result = mysqli_query($conn,"SELECT * FROM otp_expiry WHERE otp='" .
       $_POST["otp"] . "' AND is_expired!=1 AND NOW() <= DATE_ADD(create_at,
       INTERVAL 24 HOUR)"); 	$count = mysqli_num_rows($result); 
	if(!empty($count)) 
         { 
         $result = mysqli_query($conn,"UPDATE otp_expiry SET is_expired = 1 WHERE otp = '" .
         $_POST["otp"] . "'"); 
         $success = 2;	 	
         } 
         else { 
         $success =1;  
         
         $error_message = "Invalid OTP!"; 
         }
         
        }
         ?>
Labels:

Comments

Post a Comment

Popular posts from this blog

Ecommerce single item cart with php checkoit

email otp sms How to create an ecommerce single item cart with checkout integrations Guys today i am going to teach you guys how to build an ecommerce site with checkout integration but only with a single product, you can add more to it So we are building it using my favorite PHP ,Ajax and JQuery. I have already created a simple shopping cart code in PHP with the product gallery.let's get this over with What are we building? I am not meant to show you this but i would to make you exited about it.And look at the cool checkout page and it really works!!. Single product UI with buy now and Checkout controls This is the code of the landing page created for this example. It includes PHP snippets at the beginning. After that, it has the HTML for displaying only one product tile to users. This tile has the “ Buy now ” button. On clicking it will show an HTML form to collect the customer details, name and email address. By submitting the customer details, it calls the ...
Post a Comment
Read more

How to block user IP address from your website in PHP

how to block your website user using their ip address blocking users from your site There are many reasons you may need to block an IP address from visiting your website. For example, to prevent particular users doing malicious things with your website - trying to spam your web forms, or hack your shopping cart, etc. Using PHP, you can easily find your site visitors' website addresses and based on these addresses to redirect them to specific places on your site. If you use such IP ban protection on your website, you will also need to not only list individual addresses to be blocked but also IP masks and IP ranges. In this tutorial I would show you how you can do that.But,it would be manual .i'd talk about manual and automatic way to do it. Let's start! First, we will create an array to list all the IP addresses that we want to block. Besides single IP addresses, we will also use IP ranges such as 216.58.197.101-216.58.197.200 and IP masks 100.88.*.*. Here is the arr...
Post a Comment
Read more