Question

我正在尝试为我的网站登录验证实施sendOTP。我使用https://github.com/rwalkover/sendOTPSample-PHP

处提供的代码

这有两个部分; 1.生成OTP和2.验证OTP 在原始代码中，两者都是通过调用php函数的ajax完成的。

我已经能够成功地集成第一部分，将生成的OTP传送到移动电话。我想通过将表单提交给php来完成验证部分。

请查看https://github.com/rwalkover/sendOTPSample-PHP/blob/master/sendotp.php

上的sendotp.php文件

我试图实现以下内容： HTML格式

<form class="form-horizontal" id="verifyOtpForm" style="display:none" method = "post" action = "verifyotp.php">
                        <div class="form-group">
                            <label class="control-label col-sm-2" for="email">Enter code:</label>
                            <div class="col-sm-8">
                                <input type="text" class="form-control" name="oneTimePassword" placeholder="Enter OTP received by SMS" id="oneTimePassword">
                            </div>
                            <div class="col-sm-2">
                                <input type="submit" class="btn btn-primary btn-md btn-block" name="verifyOtp" id="verifyOtp" value="Verify OTP" >
                            </div>
                            <input type="hidden" name="hiddenCode" id="hiddenCode">
                            <input type="hidden" name="hiddenNumber" id="hiddenNumber">
                    </form>

verifyotp.php：

session_start();
$baseUrl = "https://sendotp.msg91.com/api";
if(isset($_POST['oneTimePassword'])){
    if ($_POST['oneTimePassword'] == $_SESSION["oneTimePassword"]) {

        $data = array("countryCode" => $_POST['hiddenCode'], "mobileNumber" => $_POST['hiddenNumber'], "oneTimePassword" => $_POST['oneTimePassword']);
        $data_string = json_encode($data);
        $ch = curl_init($baseUrl . '/verifyOTP');
        curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
        curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_AUTOREFERER, true);
        curl_setopt($ch, CURLOPT_HTTPHEADER, array(
            'Content-Type: application/json',
            'Content-Length: ' . strlen($data_string),
            'application-Key: my key goes here'
        ));
        $result = curl_exec($ch);
        curl_close($ch);
        $response = json_decode($result, true);
        if ($response["status"] == "error") {
            //echo $response["response"]["code"];
            header("location: index.php");
        } else {
            header("location: ../index.php");
        }
    }
}

我相信有更好的方法可以做到这一点。我对卷曲及其作用一无所知。任何帮助将不胜感激。

Answer 1

您不需要两次验证OTP。

第一个选项是从会话验证OTP，第二个选项是调用sendOTP验证api。

如果您想通过sendOTP验证，请使用以下代码：

    $baseUrl = "https://sendotp.msg91.com/api";
    if(isset($_POST['oneTimePassword'])){
        $data = array("countryCode" => $_POST['hiddenCode'], "mobileNumber" => $_POST['hiddenNumber'], "oneTimePassword" => $_POST['oneTimePassword']);
        $data_string = json_encode($data);
        $ch = curl_init($baseUrl . '/verifyOTP');
        curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
        curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_AUTOREFERER, true);
        curl_setopt($ch, CURLOPT_HTTPHEADER, array(
            'Content-Type: application/json',
            'Content-Length: ' . strlen($data_string),
            'application-Key: my key goes here'
        ));
        $result = curl_exec($ch);
        curl_close($ch);
        $response = json_decode($result, true);
        if ($response["status"] == "error") {
            header("location: index.php");
        } else {
            header("location: ../index.php");
        } 
    }

或者如果您想在最后验证，请使用以下代码：

if(isset($_POST['oneTimePassword'])){
    if ($_POST['oneTimePassword'] == $_SESSION["oneTimePassword"]) {
            header("location: index.php");
        } else {
            header("location: ../index.php");
        }
    }

php实现发送OTP

1 个答案: