<?php
include "../database.php";
session_start();

$otp_num_1                = $_POST["otp_num_1"];
$otp_num_2                = $_POST["otp_num_2"];
$otp_num_3                = $_POST["otp_num_3"];
$otp_num_4                = $_POST["otp_num_4"];

$otp_number               = $otp_num_1 . "" . $otp_num_2 . "" . $otp_num_3 . "" . $otp_num_4;
$sql_verification_code    = "SELECT * FROM verification_codes WHERE email = '" . $_SESSION['email'] . "' AND code = " . $otp_number . " ORDER BY id DESC LIMIT 1";
$result_verification_code = mysqli_query($con, $sql_verification_code);
if ($result_verification_code->num_rows > 0) {
    $verification_code = mysqli_fetch_assoc($result_verification_code);
    $expiration        = $verification_code["expiration"];
    if ($expiration > date("Y-m-d H:i:s")) {
        echo "ok";
    } else {
        echo "error";
    }
} else {
    echo "error";
}