VerifyOTP.php

1. <?php
2. $servername = "localhost";
3. $username = "";
4. $password = "";
5. $database  = "";
6.  
7. //Variables submitted by the users
8. $email = $_GET["email"];
9. $otp = $_GET["otp"];
10.  
11. // Create connection
12. $conn = new mysqli($servername, $username, $password, $database);
13. // Check connection
14. if ($conn->connect_error) {
15.   die("Connection failed: " . $conn->connect_error);
16. }
17.  
18. //check if user already verified
19. $sql = "SELECT emailverified FROM users WHERE email = '" . $email . "'";
20. $result = $conn->query($sql);
21.  
22. if ($result->num_rows > 0) {
23.   // output data of each row
24.   while($row = $result->fetch_assoc()) {
25.  
26.     if($row["emailverified"] == '1')
27.     {
28.         echo "verified already die();";
29.         die();
30.     }
31.   }
32. }
33.  
34.  
35.  
36. $sql = "SELECT otp FROM users WHERE email = '" . $email . "'";
37. $result = $conn->query($sql);
38.  
39. if ($result->num_rows > 0) {
40.     // output data of each row
41.     while($row = $result->fetch_assoc()) {
42.  
43.       $test02 = password_verify($row["otp"], $otp);
44.  
45.       if ($test02 == true)
46.       {
47.           $sql = "UPDATE users SET emailverified='1' WHERE email = '" . $email . "'";
48.           if ($conn->query($sql) === TRUE) {
49.               echo "Verification Sucess.";
50.               echo "<meta http-equiv=\"refresh\" content=\"0; URL=HIDDEN\" />";
51.             } else {
52.               echo "Verification Failed.";
53.             }
54.           die();
55.       }
56.       else
57.       {
58.           echo "Wrong, OTP";
59.       }
60.     }
61.    
62.   }
63.  
64.   $conn->close();