fix(security): fix SQL injection in updatePaymetToPaid, OTP random_int, static IV encryption, storage mismatch

backend/encrypt_decrypt.php

@@ -49,8 +49,9 @@ class EncryptionHelper {
     public function encryptData($plainText) {
         $plainText = mb_convert_encoding($plainText, 'UTF-8');
         $paddedText = $this->addPadding($plainText);
-        $encrypted = openssl_encrypt($paddedText, 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA, $this->iv);
-        return base64_encode($encrypted);
+        $iv = random_bytes(16);
+        $encrypted = openssl_encrypt($paddedText, 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA, $iv);
+        return base64_encode($iv . $encrypted);
     }
 
     public function decryptData($encryptedText) {
@@ -61,6 +62,22 @@ class EncryptionHelper {
         return false;
     }
 
+    // محاولة أولى: استخراج IV عشوائي من أول 16 بايت
+    if (strlen($decoded) >= 16) {
+        $iv = substr($decoded, 0, 16);
+        $payload = substr($decoded, 16);
+
+        $decrypted = openssl_decrypt($payload, 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA, $iv);
+
+        if ($decrypted !== false) {
+            $pad = ord($decrypted[strlen($decrypted) - 1]);
+            if ($pad >= 1 && $pad <= 16) {
+                return substr($decrypted, 0, -$pad);
+            }
+        }
+    }
+
+    // محاولة ثانية: IV ثابت (للبيانات القديمة)
     $decrypted = openssl_decrypt($decoded, 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA, $this->iv);
 
     if ($decrypted === false) {
@@ -68,7 +85,6 @@ class EncryptionHelper {
         return false;
     }
 
-    // Verify padding is valid before removal
     $pad = ord($decrypted[strlen($decrypted) - 1]);
     if ($pad < 1 || $pad > 16) {
         error_log("[ERROR] Invalid padding value ($pad) for decrypted input: $encryptedText");
@@ -95,13 +111,23 @@ class EncryptionHelper {
         return true;
     }
   public function encryptBinary($data) {
-    $encrypted = openssl_encrypt($data, 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA, $this->iv);
-    return $encrypted;
+    $iv = random_bytes(16);
+    $encrypted = openssl_encrypt($data, 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA, $iv);
+    return $iv . $encrypted;
 	}
 
 	public function decryptBinary($data) {
+    if (strlen($data) >= 16) {
+        $iv = substr($data, 0, 16);
+        $payload = substr($data, 16);
+        $decrypted = openssl_decrypt($payload, 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA, $iv);
+        if ($decrypted !== false) {
+            return $decrypted;
+        }
+    }
+
+    // للبيانات القديمة ذات IV الثابت
     $decrypted = openssl_decrypt($data, 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA, $this->iv);
-    // CRIT-07 FIX: التحقق من فشل openssl_decrypt
     if ($decrypted === false) {
         error_log('[CRIT-07] openssl_decrypt failed in decryptBinary');
         throw new Exception('Decryption failed');