The following warnings occurred:
Warning [2] Undefined variable $unreadreports - Line: 26 - File: global.php(961) : eval()'d code PHP 8.2.25 (Linux)
File Line Function
/global.php(961) : eval()'d code 26 errorHandler->error
/global.php 961 eval
/showthread.php 28 require_once





× This forum is read only. As of July 23, 2019, the UserSpice forums have been closed. To receive support, please join our Discord by clicking here. Thank you!

  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Email vs Mobile Phone Verification
#1
So I'm trying to get users registered and verified using either their email or phone number. Two things I'm wondering what direction to go depending on UserSpice design:

1- Should I just store the user's mobile number under "username" and set the below in User.php and build a separate path for verification?
if(is_numeric($user)){
$field = 'username';

2- Store the user's mobile number under "email" and build additional logic on top of the existing email verification code that uses a SMS API, instead of email, to verify the mobile?

What route would you guys go? I guess if we wanted to properly store values, I would go for a 3rd option to store the mobile phone under "billing_phone" and just build everything required for that from scratch... But trying to keep it simple here.


  Reply
#2
I would add a field since it would be far easier to just write a new function or method in than modifying even more of the existing code than you'd otherwise have to. That and typically a site verifies both unless you're only wanting phone and not email. It's good to collect emails though and then you can have multi-factor authentication.
  Reply
#3
I agree. I would add a totally separate field. And then when it comes to phone numbers, if you are going to deal with international users, you probably have to deal with country codes, etc.

Personally, I would write something that would remove all special characters from phone numbers as well. Sorry I missed this post earlier.
  Reply
#4
Thanks for your suggestions! I think keeping the mobile phone stuff separate and adding a new field is probably a good idea. I just hate modifying the DB when there are so many unused fields Smile

The plan is to have either phone or email verification, not both.
  Reply
#5
The extra fields really only have thousandths of a second impacts on the db. A lot of it goes back to the initial usercake code base. It's all been rewritten from scratch, but we kept some of the db fields the same so people could upgrade from UC. We've deprecated company, so you can store it in there if you want.
  Reply
#6
Yeah that or you could just remove any field that isn't referenced in the code. Then just use something like Twilio or Tropo for phone verification and change the login code to use the phone number. All is trivial but the phone number verification where you'll need a callback script for SMS/Voice provider.
  Reply
#7
Maybe share your callback script here in the forum after you code it. It would be useful to people.
  Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)