registration with otp

1.  
2.  
3. <?php
4. /**** ANANT ONE-TIME PASSWORD EXAMPLE ****/
5.  
6. session_start(); //STARTING THE SESSION AND THE
7.  
8. session_set_cookie_params(360);//SESSION EXPIRES IN 6 MINUTES
9.  
10. // USERNAME AND PASSWORD ARRAYS
11.  
12. $user = array(
13. 'user1' => annat,
14. 'scott' => tiger,
15. ‘anat’ => xxxxxxx,
16. );
17.  
18. $phone = array(
19. 'user1' => '+5353535333,
20. 'scott' => '+44243535353,
21. anat’ => '+23554444444,
22. );
23.  
24. // Login information for anant NG - SMS Gateway
25. $anant_user = "admin";
26. $anant_password = "abc123";
27. $anant_url = "http://127.0.0.1:9501/api?";
28.  
29.  
30. // Functions used to send the SMS message
31. function httpRequest($url){
32. $pattern = "/http...([0-9a-zA-Z-.]*).([0-9]*).(.*)/";
33. preg_match($pattern,$url,$args);
34. $in = "";
35. $fp = fsockopen("$args[1]", $args[2], $errno, $errstr, 30);
36. if (!$fp) {
37. return("$errstr ($errno)");
38. } else {
39. $out = "GET /$args[3] HTTP/1.1\r\n";
40. $out .= "Host: $args[1]:$args[2]\r\n";
41. $out .= "User-agent: anant PHP client\r\n";
42. $out .= "Accept: */*\r\n";
43. $out .= "Connection: Close\r\n\r\n";
44.  
45. fwrite($fp, $out);
46. while (!feof($fp)) {
47. $in.=fgets($fp, 128);
48. }
49. }
50. fclose($fp);
51. return($in);
52. }
53.  
54. function anantSend($phone, $msg, $debug=false){
55. global $anant_user,$anant_password,$anant_url;
56. $url = 'username='.$anant_user;
57. $url.= '&password='.$anant_password;
58. $url.= '&action=sendmessage';
59. $url.= '&messagetype=SMS:TEXT';
60. $url.= '&recipient='.urlencode($phone);
61. $url.= '&messagedata='.urlencode($msg);
62.  
63. $urltouse = $anant_url.$url;
64. //if ($debug) { echo "Request: <br>$urltouse<br><br>"; }
65.  
66. //Open the URL to send the message
67. $response = httpRequest($urltouse);
68. if ($debug) {
69. echo "Response: <br><pre>".
70. str_replace(array("<",">"),array("<",">"),$response).
71. "</pre><br>"; }
72. return($response);
73. }
74.  
75.  
76. //FUNCTION TO GENERATE ONE-TIME PASSWORD
77. function anantOTP($length = 8, $chars = 'abcdefghijklmnopqrstuvwxyz1234567890')
78. {
79. $chars_length = (strlen($chars) - 1);
80. $string = $chars{rand(0, $chars_length)};
81. for ($i = 1; $i < $length; $i = strlen($string))
82. {
83. $r = $chars{rand(0, $chars_length)};
84. if ($r != $string{$i - 1}) $string .= $r;
85. }
86. return $string;}
87.  
88.  
89. //IF DEBUG VARIABLE IS TRUE, THE RESPONSE OF THE HTTP REQUEST WILL BE WRITTEN TO THE SCREEN
90. $debug = false;
91.  
92. // IF NOT POSTED ANYTHING YET, THE LOGIN PAGE IS LOADING
93. if (emptyempty($_POST)){
94. $i=0;
95. echo('
96. <html>
97. <body>
98. <h1>One Time Password Form</h1>
99. <form method="POST">
100. <table border=1>
101. <tr>
102. <td>Username:</td>
103. <td><input type="text" name="username"></td>
104. </tr>
105. <tr>
106. <td>Password</td>
107. <td><input type="password" name="password"></textarea></td>
108. </tr>
109. <tr>
110. <td> </td>
111. <td><input type=submit name=submit value="Get Otp" OnClick="anantSend(this.form);"></td>
112. </tr>
113. </table>
114. </form>
115. </body>
116. </html>');}
117.  
118. //IF OTP HAS POSTED YET, anantOTP FUNCTION WILL GENERATE ONE
119. if (emptyempty($_POST['otphtml'])){
120. $_SESSION['otp']=anantOTP();
121.  
122.  
123. // CHECKING USER CREDENTIALS
124. if ($password!=$user[$username] || ((emptyempty($_POST['username']) && (!emptyempty($_POST['password'])))) || (emptyempty($_POST['password']) && (!emptyempty($_POST['username']))))
125. echo ('Please enter a valid username or password!');
126. elseif ((!emptyempty($_POST['submit'])) && (emptyempty($_POST['password'])) && (emptyempty($_POST['username'])))
127. echo ('No username or password entered');
128.  
129. elseif($password=$user[$username]){
130.  
131. //SENDING THE PASSWORD AND LOADING THE OTP-VERIFYING PAGE
132. anantSend($phone[$_POST['username']],'Dear '.$username.'! Your One-Time password is: '.$_SESSION['otp'],$debug);
133. echo (' <html>
134. <body>
135. <h1>Please enter your One-Time password to enter the site!</h1>
136. <form method="POST">
137. <table border=1>
138. <tr>
139. <td>Your One-time password:</td>
140. <td><input type="text" name="otphtml"></td>
141. </tr>
142. <tr>
143. <td> </td>
144. <td><input type=submit name=submit value="Confirm OTP"></td>
145. </tr>
146. </table>
147. </form>
148. </body>
149. </html>');
150. }}
151. else{
152.  
153. //IF AN OTP HAS ALREADY SENT, CHECKING ITS VALIDITY AND REDIRECTING TO THE PROTECTED CONTENT
154. $otp1=$_POST['otphtml'];
155. include('protectedcontent.php');}
156.  
157. ?>
158.  
159.  
160. <!------- protectedcontent.php ------------------>
161.  
162.  
163. <?php
164.  
165. if ($_SESSION['otp']==$otp1){
166. echo('<html>
167. <body><h2>You\'ve been successfully verified your One-Time Password</h2></body>
168. </html>');}
169.  
170. else { echo('<html>
171. <body><h2>Wrong Password!</h2></body>
172. </html>');}
173.  
174. ?>