Mobile Number Verification via OTP SMS using PHP

OTP or one-time password is a fast and effective way to verify the mobile number of the user. Generally, OTP is sent to the client's portable number by means of SMS. The client needs to present the confirmation code to check their versatile number. In this instructional exercise, we will tell you the best way to execute the one-time password (OTP) check process through SMS utilizing PHP.

SMS Gateway provides a simple method to send the text message to portable number from the content. Utilizing SMS portal API, you can without much of a stretch send OTP code to the client's versatile number for confirmation. The majority of the SMS entryway provider allows sending SMS from the PHP content. In the precedent code, we will utilize SMS entryway API to send OTP SMS utilizing PHP.

The accompanying procedure will be pursued to actualize portable number confirmation by means of OTP SMS utilizing PHP.

  • Generate random verification code.
  • Send OTP to the client through SMS portal API and insert in the database.
  • Confirm the OTP code and update status in the database.
  • Show the confirmation status to the client.

Create Database Table

To store the OTP code and confirmation status a table should be made in the MySQL database. The accompanying SQL makes a mobile_numbers table with some fundamental segments in the MySQL database.

CREATE TABLE `mobile_numbers` (
 `id` int(11) NOT NULL AUTO_INCREMENT,
 `mobile_number` varchar(10) COLLATE utf8_unicode_ci NOT NULL,
 `verification_code` varchar(10) COLLATE utf8_unicode_ci NOT NULL,
 `verified` tinyint(1) NOT NULL DEFAULT '0' COMMENT '1=Verified, 0=Not verified',
 PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;

Database Class (DB.class.php)

The DB class handles all the activities (fetch, insert, and update) identified with the database. Indicate the database have ($dbHost), username ($dbUsername), password ($dbPassword), and name ($dbName) according to your database server accreditations.

The accompanying capacities are utilized to fetch, insert and update OTP information in the database.

  • __construct() – Connect and select the database.
  • checkRow() – Check whether any record exists in the mobile_numbers table dependent on the particular conditions. Returns TRUE if exists, generally FALSE.
  • insert() – Insert data in the mobile_numbers table of the database.
  • update() – Update information dependent on the conditions in the mobile_numbers table of the database.
<?php

class DB{
    private 
$dbHost     "localhost";
    private 
$dbUsername "root";
    private 
$dbPassword "root";
    private 
$dbName     "dbname";
    private 
$tblName    "mobile_numbers";
    
    public function 
__construct(){
        if(!isset(
$this->db)){
            
// Connect to the database
            
$conn = new mysqli($this->dbHost$this->dbUsername$this->dbPassword$this->dbName);
            if(
$conn->connect_error){
                die(
"Failed to connect with MySQL: " $conn->connect_error);
            }else{
                
$this->db $conn;
            }
        }
    }
    
    
/*
     * Returns rows from the database based on the conditions
     * @param string name of the table
     * @param array select, where, order_by, limit and return_type conditions
     */
    
public function checkRow($conditions = array()){
        
$sql 'SELECT * FROM '.$this->tblName;
        if(!empty(
$conditions)&& is_array($conditions)){
            
$sql .= ' WHERE ';
            
$i 0;
            foreach(
$conditions as $key => $value){
                
$pre = ($i 0)?' AND ':'';
                
$sql .= $pre.$key." = '".$value."'";
                
$i++;
            }
        }

        
$result $this->db->query($sql);
        
        return !empty(
$result->num_rows 0)?true:false;
    }
    
    
/*
     * Insert data into the database
     * @param string name of the table
     * @param array the data for inserting into the table
     */
    
public function insert($data){
        if(!empty(
$data) && is_array($data)){
            
$columns '';
            
$values  '';
            
$i 0;
            foreach(
$data as $key=>$val){
                
$pre = ($i 0)?', ':'';
                
$columns .= $pre.$key;
                
$values  .= $pre."'".$val."'";
                
$i++;
            }
            
$query "INSERT INTO ".$this->tblName." (".$columns.") VALUES (".$values.")";
            
$insert $this->db->query($query);
            return 
$insert?$this->db->insert_id:false;
        }else{
            return 
false;
        }
    }
    
    
/*
     * Update data into the database
     * @param string name of the table
     * @param array the data for updating into the table
     * @param array where condition on updating data
     */
    
public function update($data,$conditions){
        if(!empty(
$data) && is_array($data)){
            
$colvalSet '';
            
$whereSql '';
            
$i 0;
            foreach(
$data as $key=>$val){
                
$pre = ($i 0)?', ':'';
                
$colvalSet .= $pre.$key."='".$val."'";
                
$i++;
            }
            if(!empty(
$conditions)&& is_array($conditions)){
                
$whereSql .= ' WHERE ';
                
$i 0;
                foreach(
$conditions as $key => $value){
                    
$pre = ($i 0)?' AND ':'';
                    
$whereSql .= $pre.$key." = '".$value."'";
                    
$i++;
                }
            }
            
$query "UPDATE ".$this->tblName." SET ".$colvalSet.$whereSql;
            
$update $this->db->query($query);
            return 
$update?$this->db->affected_rows:false;
        }else{
            return 
false;
        }
    }
}

OTP Verification Form

Initially, an HTML form is displayed to allow the user to submit the mobile number. After the phone number submission, the OTP input field is displayed to enter the verification code.

<!-- Display status message -->
<?php echo !empty($statusMsg)?'<p class="'.$statusMsg['status'].'">'.$statusMsg['msg'].'</p>':''?>

<!-- OTP Verification form -->
<form method="post">
    <label>Enter Mobile No</label>
    <input type="text" name="mobile_no" value="<?php echo !empty($recipient_no)?$recipient_no:''?>" <?php echo ($otpDisplay == 1)?'readonly':''?>/>
    
    <?php if($otpDisplay == 1){ ?>
    <label>Enter OTP</label>
    <input type="text" name="otp_code"/>
    <a href="javascript:void(0);" class="resend">Resend OTP</a>
    <?php ?>
    <input type="submit" name="<?php echo ($otpDisplay == 1)?'submit_otp':'submit_mobile'?>" value="VERIFY"/>
</form>

OTP Submission and Verification

After the accommodation, the phone number and OTP are confirmed by means of SMS door utilizing PHP.

  • sendSMS() is a custom function used to send SMS via SMS Gateway API using PHP.
  • Burden and instate database class to deal with the database related works.

At the point when the versatile number is put together by the client, coming up next are occurs.

  • Generate a random verification code using rand() function in PHP.
  • Use checkRow() technique for DB class to check if any record exists in the database with an equivalent portable number.
  • On the off chance that the versatile number exists, update the main verification_code in the database utilizing update() strategy for DB class.
  • On the off chance that the versatile number does not exist, insert OTP information in the database utilizing insert() strategy for DB class.
  • Send OTP code to the user via SMS using sendSMS() function.
  • If OTP SMS sent successfully, OTP input will be enabled.

When the OTP is submitted by the user, the following happens.

  • Verify the OTP whether the user provides the correct verification code.
  • Update verification status in the database.
<?php
function sendSMS($senderID$recipient_no$message){
    
// Request parameters array
    
$requestParams = array(
        
'user' => 'abcd',
        
'apiKey' => 'dssf645fddfgh565',
        
'senderID' => $senderID,
        
'recipient_no' => $recipient_no,
        
'message' => $message
    
);
    
    
// Merge API url and parameters
    
$apiUrl "http://api.example.com/http/sendsms?";
    foreach(
$requestParams as $key => $val){
        
$apiUrl .= $key.'='.urlencode($val).'&';
    }
    
$apiUrl rtrim($apiUrl"&");
    
    
// API call
    
$ch curl_init();
    
curl_setopt($chCURLOPT_URL$apiUrl);
    
curl_setopt($chCURLOPT_RETURNTRANSFER1);
    
    
$response curl_exec($ch);
    
curl_close($ch);
    
    
// Return curl response
    
return $response;
}

// Load and initialize database class
require_once 'DB.class.php';
$db = new DB();
        
$statusMsg $receipient_no '';
$otpDisplay $verified 0;

// If mobile number submitted by the user
if(isset($_POST['submit_mobile'])){
    if(!empty(
$_POST['mobile_no'])){
        
// Recipient mobile number
        
$recipient_no $_POST['mobile_no'];
        
        
// Generate random verification code
        
$rand_no rand(1000099999);
        
        
// Check previous entry
        
$conditions = array(
            
'mobile_number' => $recipient_no,
        );
        
$checkPrev $db->checkRow($conditions);
        
        
// Insert or update otp in the database
        
if($checkPrev){
            
$otpData = array(
                
'verification_code' => $rand_no
            
);
            
$insert $db->update($otpData$conditions);
        }else{
            
$otpData = array(
                
'mobile_number' => $recipient_no,
                
'verification_code' => $rand_no,
                
'verified' => 0
            
);
            
$insert $db->insert($otpData);
        }
        
        if(
$insert){
            
// Send otp to user via SMS
            
$message 'Dear User, OTP for mobile number verification is '.$rand_no.'. Thanks SemicolonWorld';
            
$send sendSMS('SEMICOLONWORLD'$recipient_no$message);
            
            if(
$send){
                
$otpDisplay 1;
            }else{
                
$statusMsg = array(
                    
'status' => 'error',
                    
'msg' => "We're facing some issue on sending SMS, please try again."
                
);
            }
        }else{
            
$statusMsg = array(
                
'status' => 'error',
                
'msg' => 'Some problem occurred, please try again.'
            
);
        }
    }else{
        
$statusMsg = array(
            
'status' => 'error',
            
'msg' => 'Please enter your mobile number.'
        
);
    }
    
// If verification code submitted by the user
}elseif(isset($_POST['submit_otp']) && !empty($_POST['otp_code'])){
    
$otpDisplay 1;
    
$recipient_no $_POST['mobile_no'];
    if(!empty(
$_POST['otp_code'])){
        
$otp_code $_POST['otp_code'];
        
        
// Verify otp code
        
$conditions = array(
            
'mobile_number' => $recipient_no,
            
'verification_code' => $otp_code
        
);
        
$check $db->checkRow($conditions);
        
        if(
$check){
            
$otpData = array(
                
'verified' => 1
            
);
            
$update $db->update($otpData$conditions);
            
            
$statusMsg = array(
                
'status' => 'success',
                
'msg' => 'Thank you! Your phone number has been verified.'
            
);
            
            
$verified 1;
        }else{
            
$statusMsg = array(
                
'status' => 'error',
                
'msg' => 'Verification code incorrect, please try again.'
            
);
        }
    }else{
        
$statusMsg = array(
            
'status' => 'error',
            
'msg' => 'Please enter the verification code.'
        
);
    }
}
?>

Verification Status

If OTP is verified successfully, the status message will be shown to the user.

<!-- Display status message -->
<?php echo !empty($statusMsg)?'<p class="'.$statusMsg['status'].'">'.$statusMsg['msg'].'</p>':''?>

<?php if($verified == 1){ ?>
    <p>Mobile No: <?php echo $recipient_no?></p>
    <p>Verification Status: <b>Verified</b></p>
<?php ?>

Related Articles

Comments 0