SMS/TEXT verification integrated with Twilio API with blacklist 1.0

now keep spammers away with sms verification method

  1. kslakhani
    WeBid Version:
    • 1.1.1/1.1.2
    Credits: credit goes to kslakhani, pani100 and webidsupport.com
    Install Time: Estimated Time to install is an hour or more
    Install Difficulty: not that difficult:D

    Let me tell you first what sms verification is?? well most of you probably know what it is but lpeople like me maybe not aware.
    On user registration we send one time code to users mobile no. once he receive the code he then enters in the verification area and this is how we make sure that user is not a spammer and is jenuine.
    I have created a blacklist number database now what does it do??? well, there are lots of websites provides free sms/text receiving facility like receivefreesms.com/ and mayb thousands so chances are they misuse it, to prevent this I have created blacklist DB just add as much as you know specifically from your country

    [​IMG] [​IMG]
    [​IMG]
    [​IMG]


    steps to follow:
    1. signup on twilio.com and get a twilio number
    2. upload attached twilio files and unzip in your webid site just remeber the path
    3. create sms.php file on your root folder
    4. create generatedcode.php file
    5. edit in registration.php
    6. edit in yoursite/themes/default/register.tpl
    7. edit in language/en/messages.inc.php
    8. upload ajax-loader4.gif to yoursite/images (stealed from pani100's :D)
    9. create blacklist database
    first step
    goto twilio website and singup and get twilio incoming number this is your trial number to get this sign in and you will prompted with get started there you see red button press that button and you will prompted for choose number thats your twilio number to send sms.
    now go to account settings and note your live accountSID and authToken.
    now get verified atleast 2 mobile numbers to test the MOD is working correctly for this click numbers on top and on (verified caller ids)

    setp 2
    upload attached twilio files and unzip in your webid site just remeber the path I hope you can do this

    step 3
    create sms.php file on your root folder
    and add
    PHP:
    <?php
    include 'common.php';

    // Get the PHP helper library from twilio.com/docs/php/install
    require_once('/yoursite/twilio/Services/Twilio.php'); // Loads the library

    function sendSms($user_mobile){
    $account_sid 'xxxxxx'//twilio accsid
    $auth_token 'xxxx'//twilio authToken you got it on step 1
    $client = new Services_Twilio($account_sid$auth_token);
    $client->account->messages->create(array(
        
    'To' => $user_mobile//user mobile no.
        
    'From' => "+12345679899"//your twilio registered no. got it from step 1
        
    'Body' =>  "your webidsite code is $random_number",   //valid for 10 minutes coming soon
        /*twilio now censors the variable in message body on trial account so you wont be see the generated random code in your message dont worry
        just I have created a file generatedcode.php just put it on anywhere on your installation folder and open that page it will show you
        generated code put that code in verification code and you all good to go :) */
    ));
    }

    $mobile $_POST['mobile'];
    $check_number 0;
    $blacklist_number 0;
    $random_number intval"0" rand(1,9) . rand(0,9) . rand(0,9) . rand(0,9) . rand(0,9) . rand(0,9) );
    $sql "SELECT phone FROM " $DBPrefix "users WHERE phone = '" $system->cleanvars($mobile) . "'";
                
    $res mysql_query($sql);
                
    $system->check_mysql($res$sql__LINE____FILE__);
                if (
    mysql_num_rows($res) > 0)
                {
                
                    
    $check_number 0;
                
                }
            
                
                 else {
             
                     
    $sql1 "SELECT numbers FROM " $DBPrefix "blacklist_numbers WHERE numbers = '" $system->cleanvars($mobile) . "'";
                    
    $res1 mysql_query($sql1);
                    
    $system->check_mysql($res1$sql1__LINE____FILE__);
                    if (
    mysql_num_rows($res1) > 0)
                        {
                            
    $blacklist_number 1;
                        }
                    else {
                 
                         
    sendSms(("+91" .$mobile"")); //note use your country Prefix like +1 or +44 instead +91
                         
    $check_number 1;
                         }
                 
                 }
      
    $toJson = array(
            
    'random_number' => $random_number,
            
    'check_number' => $check_number,
            
    'blacklist_number' => $blacklist_number,
         );
        echo 
    json_encode($toJson);
        
    $_SESSION['random_otp'] = $random_number;

    ?>
    step 4
    create generatedcode.php file on root of yr website
    add
    PHP:
    <?php
    include 'common.php';

    echo 
    $_SESSION['random_otp']; /* you need this to know the code bc twilio censors it:(
    ?>
    step 5
    edit in register.php
    find
    Code:
    $missing = array();
    $missing['birthday'] = $missing['address'] = $missing['city'] = $missing['prov'] = $missing['country'] = $missing['zip'] = $missing['tel'] = $missing['paypal'] = $missing['authnet'] = $missing['worldpay'] = $missing['toocheckout'] = $missing['moneybookers'] = $missing['name'] = $missing['nick'] = $missing['password'] = $missing['repeat_password'] = $missing['email'] = false; //sms mod
    replace
    Code:
    $missing = array();
    $missing['birthday'] = $missing['address'] = $missing['city'] = $missing['prov'] = $missing['country'] = $missing['zip'] = $missing['tel'] = $missing['paypal'] = $missing['authnet'] = $missing['worldpay'] = $missing['toocheckout'] = $missing['moneybookers'] = $missing['name'] = $missing['nick'] = $missing['password'] = $missing['repeat_password'] = $missing['email'] = $missing['OTP'] = false; //sms mod
    find
    Code:
    if (empty($_POST['TPL_phone']) && $MANDATORY_FIELDS['tel'] == 'y')
        {
            $missing['tel'] = true;
        }
    add after
    Code:
    if (empty($_POST['OTP']) && $MANDATORY_FIELDS['tel'] == 'y')
        {
            $missing['OTP'] = true; // sms mod
        }
    find
    Code:
    elseif (!empty($birth_month) && !empty($birth_day) && !empty($birth_year) && !checkdate($birth_month, $birth_day, $birth_year))
            {
                $ERR = $ERR_117;
            }
    add after
    Code:
    elseif ( $_SESSION['random_otp'] != $_POST['OTP'] ) {
                    $ERR= $ERR_111_12; //sms verification code do not match just in case user disables javascripton their browser
                        }
    find
    Code:
    $query = "SELECT email FROM " . $DBPrefix . "users WHERE email = '" . $system->cleanvars($_POST['TPL_email']) . "'";
                $res = mysql_query($query);
                $system->check_mysql($res, $query, __LINE__, __FILE__);
                if (mysql_num_rows($res) > 0)
                {
                    $ERR = $ERR_115; // E-mail already used
                }
    add after
    Code:
    $sql = "SELECT numbers FROM " . $DBPrefix . "blacklist_numbers WHERE numbers = '" . $system->cleanvars($_POST['TPL_phone']) . "'";
                $res = mysql_query($sql);
                $system->check_mysql($res, $sql, __LINE__, __FILE__);
                if (mysql_num_rows($res) > 0)
                {
                    $ERR = $ERR_111_13; //blacklist checker just server side protection otherwise not need this code
                }
            
                $sql = "SELECT phone FROM " . $DBPrefix . "users WHERE phone = '" . $system->cleanvars($_POST['TPL_phone']) . "'";
                $res = mysql_query($sql);
                $system->check_mysql($res, $sql, __LINE__, __FILE__);
                if (mysql_num_rows($res) > 0)
                {
                    $ERR = $ERR_111_11; //check this phone number is already exists just server side protection otherwise not need this code
                }
    find
    Code:
    $query = "INSERT INTO " . $DBPrefix . "usersips VALUES
                              (NULL, " . intval($TPL_id_hidden) . ", '" . $_SERVER['REMOTE_ADDR'] . "', 'first','accept')";
                    $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
    add after
    Code:
    unset($_SESSION['random_otp']); //finish sms verification so just clean the session
    find
    Code:
    'V_PHONE' => (isset($_POST['TPL_phone'])) ? $_POST['TPL_phone'] : '',
    add after
    Code:
    'V_OTP' => (isset($_POST['OTP'])) ? $_POST['OTP'] : '', //sms mod
            'V_HIDDENOTP' => (isset($_POST['hiddenotp'])) ? $_POST['hiddenotp'] : '', //sms mod
            'MISSING17' => ($missing['OTP']) ? 1 : 0, // sms mod
    thats it yr finish with step 5

    step 6
    1. in yoursite/themes/default/register.tpl
      add this on the top
      HTML:
      <!DOCTYPE html>
      <html lang="en">
      <style>
      #gifloader{
          height:80px;
          background:url('images/ajax-loader4.gif') no-repeat center center;
          width:500px;
          display:none;
          margin: -120px auto 0;
      }
      .theImage { visibility: hidden; }
      </style>
      now add this script on header tag if you dont have a header tag put <head> script </head>
      Code:
      <script type="text/javascript">
      
      function smsVerification() {
      var mobile1 = document.getElementsByName('TPL_phone')[0].value ;
      
      if(mobile1.length == 10) {
      $.ajax({       
               type: "POST",
                 dataType: "json", //the return type data is jsonn
                  url: "sms.php",
                  data: {mobile:mobile1},
             
            dataType: "json", //the return type data is jsonn
            cache: false,
            url: "sms.php",
          beforeSend: function(){
              $('#gifloader').show();
          },
          complete: function(data){
              $('#gifloader').hide();
              document.getElementsByName('OTP')[0].focus();      
          },
            success: function(data){ // <--- (data) is in json format
           if(data['check_number'] == 1) {
              //alert(data);
              //parse the json data
              document.getElementsByName('hiddenotp')[0].value = data['random_number'];
                 document.getElementsByName('OTP')[0].readOnly = false;
              document.getElementsByName('TPL_phone')[0].readOnly = true;
              }
              else {
             
                  if(data['check_number'] == 0 && data['blacklist_number'] == 1)
                      {
                      alert("sorry, this number is blacklisted");
                      }
                      else
                      {
                          alert("this number is already registered!!!");
                          }
                  }
             },
                 
          });
      }
      else{
      alert("please input 10 digits");
      }
          return false;
      }
      </script> 
    2. find
      Code:
      <input type="text" class="form-control" placeholder="Your 10 digit mobile number" name="TPL_phone"  maxlength="10" value="{V_PHONE}" <!-- IF MISSING11 eq 1 -->class="missing"<!-- ENDIF -->>
    3. add after
      Code:
      <a id="label1" href="javascript:void(0)" onclick="smsVerification();" class="btn btn-primary">verify!</a>
      <input type="text" readonly class="form-control" placeholder="6 digit verification code" name="OTP" maxlength="8" value="{V_OTP}">
    • find
      Code:
      <!-- IF MISSING11 eq 1 --><div class="error-box missing">{L_947}</div><!-- ENDIF --> 
    • add after
      Code:
      <!-- IF MISSING17 eq 1 --><div class="error-box missing">sms verification is missing!!! <br>make sure your browser has javascript enabled</div><!-- ENDIF -->
      <div id="gifloader"></div>
      <input type="hidden" name="hiddenotp" value="{V_HIDDENOTP}">
      
    • your step 6 is complete
    • step 7
    • edit in language/en/messages.inc.php
    • find
      Code:
      $ERR_111 = "Such a user already exists";
    • add after
      Code:
      $ERR_111_11 = "Mobile number already in use";
      $ERR_111_12 = "SMS verification code do not match";
      $ERR_111_13 = "sorry, this number is blacklisted";
    • step 8
    • upload ajax-loader4.gif to yoursite/images (stealed from pani100's :D) gif file is in attached folder
    • final step
    • goto your cpanel phpmyadmin select your webid database
    • click on sql tab and add query
    • Code:
      CREATE TABLE IF NOT EXISTS `webid_blacklist_numbers` (
        `serial` int(10) NOT NULL AUTO_INCREMENT,
        `numbers` bigint(10) DEFAULT NULL,
        PRIMARY KEY (`serial`)
      ) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=15 ;
    • press go and your table is created
    • thats it your done with this mod:)
    dont forget to update your blacklist data.
    You can use diff. API there is hundreds available in the web. I recommend you use API provided from your country only coz diff. contries have diff sending and receiving text/sms policies:(
    Try and let me know any issues

Recent Reviews

  1. Cash Crusaders NZ
    Cash Crusaders NZ
    4/5,
    Version: 1.0
    Good idea and I am stil testing. However the installation instructions needs to changed to align with the latest version 1.2.1(1.2.2)
  2. Iqbal
    Iqbal
    5/5,
    Version: 1.0
    Excellent