From 12dfb2562936ca1b69552bdd7601b210b779192b Mon Sep 17 00:00:00 2001
From: Hamza-Ayed <hamzaayedflutter@gmail.com>
Date: Wed, 24 Jun 2026 22:56:39 +0300
Subject: [PATCH] Update: 2026-06-24 22:56:39

---
 backend/auth/otp/providers.php             | 27 +++++-----------------
 backend/core/Security/EncryptionHelper.php |  9 ++++++++
 2 files changed, 15 insertions(+), 21 deletions(-)

diff --git a/backend/auth/otp/providers.php b/backend/auth/otp/providers.php
index de81265..54cbf9b 100644
--- a/backend/auth/otp/providers.php
+++ b/backend/auth/otp/providers.php
@@ -131,30 +131,15 @@ function sendNabehOtp(string $receiver, string $otp, string $method = '', string
     // Strip symbols for Nabeh endpoint
     $phoneRaw = preg_replace('/\D+/', '', $receiver);
 
-    // Map method/type
-    $type = 'text';
-    if ($method === 'voice') {
-        $type = 'voice';
+    // Map method/type (Image OTP is the default and only media method allowed)
+    $type = 'image';
+    if ($method === 'text') {
+        $type = 'text';
     } elseif ($method === 'image') {
         $type = 'image';
-    } elseif ($method === 'text') {
-        $type = 'text';
     } else {
-        // Strict alternating using Redis
-        global $redis;
-        $type = 'image'; // default
-        if ($redis) {
-            try {
-                $lastType = $redis->get('nabeh_last_type');
-                $type = ($lastType === 'image') ? 'voice' : 'image';
-                $redis->set('nabeh_last_type', $type);
-            } catch (Exception $e) {
-                error_log("⚠️ [Nabeh OTP Redis alternate] Error toggling type: " . $e->getMessage());
-            }
-        } else {
-            // Fallback to random if Redis is not connected
-            $type = (random_int(0, 1) === 0) ? 'image' : 'voice';
-        }
+        // If no method specified or if 'voice' was requested, force default to 'image'
+        $type = 'image';
     }
 
     $appName = 'سيرو رايدر';
diff --git a/backend/core/Security/EncryptionHelper.php b/backend/core/Security/EncryptionHelper.php
index 2ff5e8e..9fae9ba 100644
--- a/backend/core/Security/EncryptionHelper.php
+++ b/backend/core/Security/EncryptionHelper.php
@@ -34,6 +34,15 @@ class EncryptionHelper
         return self::PREFIX_GCM . base64_encode($iv . $tag . $encrypted);
     }
 
+    // ─── تشفير نص باستخدام AES-256-CBC الحتمي ──
+    public function encryptDataDeterministic(string $plainText): string
+    {
+        $plainText = mb_convert_encoding($plainText, 'UTF-8');
+        $padded = $this->addPadding($plainText);
+        $encrypted = openssl_encrypt($padded, self::ALGO_CBC, $this->key, OPENSSL_RAW_DATA, $this->cbcIv);
+        return base64_encode($encrypted);
+    }
+
     // ─── فك تشفير نص (يدعم CBC والـ GCM المستقبلي) ───────────
     public function decryptData(string $cipherText): string|false
     {