0, "last_sent_time" => 0, "first_sent_time" => $now ]; } // 30s Cooldown if ($now - $logs[$email]['last_sent_time'] < 30) { echo json_encode(["status" => "fail", "message" => "Please wait 30 seconds before requesting another OTP."]); exit; } // 2 OTP per hour limit if ($logs[$email]['count'] >= 2 && ($now - $logs[$email]['first_sent_time']) < 3600) { echo json_encode(["status" => "fail", "message" => "You can only request OTP twice per hour."]); exit; } // Reset after 1 hour if (($now - $logs[$email]['first_sent_time']) >= 3600) { $logs[$email]['count'] = 0; $logs[$email]['first_sent_time'] = $now; } $logs[$email]['count'] += 1; $logs[$email]['last_sent_time'] = $now; save_otp_logs($logs); $subject = "Your OTP Code - $app_name"; $message = "Hello,\n\n". "Your one-time password (OTP) for $app_name is: $otp\n\n". "This code will expire in 5 minutes.\n". "Do not share this code with anyone.\n\n". "Thank you,\n$app_name Team"; $mail = new PHPMailer(true); try { $mail->isSMTP(); $mail->Host = 'smtp.gmail.com'; $mail->SMTPAuth = true; $mail->Username = 'ekratour@gmail.com'; $mail->Password = 'pmev cihm poch gabi'; $mail->SMTPSecure = 'tls'; $mail->Port = 587; $mail->setFrom('emondhar784@gmail.com', $app_name); $mail->addAddress($email); $mail->isHTML(false); $mail->Subject = $subject; $mail->Body = $message; // Session data $_SESSION['otp'] = $otp; $_SESSION['email'] = $email; $_SESSION['session_id'] = $session_id; $_SESSION['otp_created'] = $now; $mail->send(); echo json_encode([ "status" => "success", "otp" => $otp, // OTP include করা হলো response-এ "session_id" => $session_id, "php_session_id" => session_id() ]); } catch (Exception $e) { echo json_encode([ "status" => "fail", "message" => "Mailer Error: " . $mail->ErrorInfo ]); } } ?>