Fix OTP verification success response payload and restore deterministic encryptData
This commit is contained in:
Hamza-Ayed
@@ -174,7 +174,28 @@ try {
|
||||
$stmtUpd = $con->prepare($sqlUpdate);
|
||||
$stmtUpd->bindParam(':id', $matchedRowId, PDO::PARAM_INT);
|
||||
$stmtUpd->execute();
|
||||
jsonSuccess(null, "Your phone number has been verified.");
|
||||
|
||||
// Check registration status
|
||||
$isRegistered = false;
|
||||
$driverData = null;
|
||||
|
||||
$chkStmt = $con->prepare("SELECT id, first_name, last_name, email, phone FROM driver WHERE phone = ?");
|
||||
$chkStmt->execute([$encryptionHelper->encryptData($phone_number)]);
|
||||
$driver = $chkStmt->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
if ($driver) {
|
||||
$isRegistered = true;
|
||||
$driver['first_name'] = $encryptionHelper->decryptData($driver['first_name']);
|
||||
$driver['last_name'] = $encryptionHelper->decryptData($driver['last_name']);
|
||||
$driver['email'] = $encryptionHelper->decryptData($driver['email']);
|
||||
$driver['phone'] = $encryptionHelper->decryptData($driver['phone']);
|
||||
$driverData = $driver;
|
||||
}
|
||||
|
||||
jsonSuccess([
|
||||
"isRegistered" => $isRegistered,
|
||||
"driver" => $driverData
|
||||
], "Your phone number has been verified.");
|
||||
} else {
|
||||
jsonError("Your phone number could not be verified or the code is expired. Please try again.");
|
||||
}
|
||||
@@ -228,7 +249,28 @@ try {
|
||||
$stmtUpd = $con->prepare($sqlUpdate);
|
||||
$stmtUpd->bindParam(':id', $matchedRowId, PDO::PARAM_INT);
|
||||
$stmtUpd->execute();
|
||||
jsonSuccess(null, "Your phone number has been verified.");
|
||||
|
||||
// Check registration status
|
||||
$isRegistered = false;
|
||||
$passengerData = null;
|
||||
|
||||
$chkStmt = $con->prepare("SELECT id, first_name, last_name, email, phone FROM passengers WHERE phone = ?");
|
||||
$chkStmt->execute([$encryptionHelper->encryptData($phone_number)]);
|
||||
$passenger = $chkStmt->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
if ($passenger) {
|
||||
$isRegistered = true;
|
||||
$passenger['first_name'] = $encryptionHelper->decryptData($passenger['first_name']);
|
||||
$passenger['last_name'] = $encryptionHelper->decryptData($passenger['last_name']);
|
||||
$passenger['email'] = $encryptionHelper->decryptData($passenger['email']);
|
||||
$passenger['phone'] = $encryptionHelper->decryptData($passenger['phone']);
|
||||
$passengerData = $passenger;
|
||||
}
|
||||
|
||||
jsonSuccess([
|
||||
"isRegistered" => $isRegistered,
|
||||
"passenger" => $passengerData
|
||||
], "Your phone number has been verified.");
|
||||
} else {
|
||||
jsonError("Your phone number could not be verified or the code is expired. Please try again.");
|
||||
}
|
||||
|
||||
@@ -24,14 +24,13 @@ class EncryptionHelper
|
||||
$this->cbcIv = $cbcIv ?: getenv('initializationVector') ?: str_repeat('0', 16);
|
||||
}
|
||||
|
||||
// ─── تشفير نص باستخدام AES-256-GCM ──
|
||||
// ─── تشفير نص باستخدام AES-256-CBC الحتمي ──
|
||||
public function encryptData(string $plainText): string
|
||||
{
|
||||
$plainText = mb_convert_encoding($plainText, 'UTF-8');
|
||||
$iv = random_bytes(self::IV_LEN_GCM);
|
||||
$tag = '';
|
||||
$encrypted = openssl_encrypt($plainText, self::ALGO_GCM, $this->key, OPENSSL_RAW_DATA, $iv, $tag, "", self::TAG_LEN);
|
||||
return self::PREFIX_GCM . base64_encode($iv . $tag . $encrypted);
|
||||
$padded = $this->addPadding($plainText);
|
||||
$encrypted = openssl_encrypt($padded, self::ALGO_CBC, $this->key, OPENSSL_RAW_DATA, $this->cbcIv);
|
||||
return base64_encode($encrypted);
|
||||
}
|
||||
|
||||
// ─── فك تشفير نص (يدعم CBC والـ GCM المستقبلي) ───────────
|
||||
|
||||
Reference in New Issue
Block a user