Fix OTP verification success response payload and restore deterministic encryptData
This commit is contained in:
Hamza-Ayed
@@ -174,7 +174,28 @@ try {
|
|||||||
$stmtUpd = $con->prepare($sqlUpdate);
|
$stmtUpd = $con->prepare($sqlUpdate);
|
||||||
$stmtUpd->bindParam(':id', $matchedRowId, PDO::PARAM_INT);
|
$stmtUpd->bindParam(':id', $matchedRowId, PDO::PARAM_INT);
|
||||||
$stmtUpd->execute();
|
$stmtUpd->execute();
|
||||||
jsonSuccess(null, "Your phone number has been verified.");
|
|
||||||
|
// Check registration status
|
||||||
|
$isRegistered = false;
|
||||||
|
$driverData = null;
|
||||||
|
|
||||||
|
$chkStmt = $con->prepare("SELECT id, first_name, last_name, email, phone FROM driver WHERE phone = ?");
|
||||||
|
$chkStmt->execute([$encryptionHelper->encryptData($phone_number)]);
|
||||||
|
$driver = $chkStmt->fetch(PDO::FETCH_ASSOC);
|
||||||
|
|
||||||
|
if ($driver) {
|
||||||
|
$isRegistered = true;
|
||||||
|
$driver['first_name'] = $encryptionHelper->decryptData($driver['first_name']);
|
||||||
|
$driver['last_name'] = $encryptionHelper->decryptData($driver['last_name']);
|
||||||
|
$driver['email'] = $encryptionHelper->decryptData($driver['email']);
|
||||||
|
$driver['phone'] = $encryptionHelper->decryptData($driver['phone']);
|
||||||
|
$driverData = $driver;
|
||||||
|
}
|
||||||
|
|
||||||
|
jsonSuccess([
|
||||||
|
"isRegistered" => $isRegistered,
|
||||||
|
"driver" => $driverData
|
||||||
|
], "Your phone number has been verified.");
|
||||||
} else {
|
} else {
|
||||||
jsonError("Your phone number could not be verified or the code is expired. Please try again.");
|
jsonError("Your phone number could not be verified or the code is expired. Please try again.");
|
||||||
}
|
}
|
||||||
@@ -228,7 +249,28 @@ try {
|
|||||||
$stmtUpd = $con->prepare($sqlUpdate);
|
$stmtUpd = $con->prepare($sqlUpdate);
|
||||||
$stmtUpd->bindParam(':id', $matchedRowId, PDO::PARAM_INT);
|
$stmtUpd->bindParam(':id', $matchedRowId, PDO::PARAM_INT);
|
||||||
$stmtUpd->execute();
|
$stmtUpd->execute();
|
||||||
jsonSuccess(null, "Your phone number has been verified.");
|
|
||||||
|
// Check registration status
|
||||||
|
$isRegistered = false;
|
||||||
|
$passengerData = null;
|
||||||
|
|
||||||
|
$chkStmt = $con->prepare("SELECT id, first_name, last_name, email, phone FROM passengers WHERE phone = ?");
|
||||||
|
$chkStmt->execute([$encryptionHelper->encryptData($phone_number)]);
|
||||||
|
$passenger = $chkStmt->fetch(PDO::FETCH_ASSOC);
|
||||||
|
|
||||||
|
if ($passenger) {
|
||||||
|
$isRegistered = true;
|
||||||
|
$passenger['first_name'] = $encryptionHelper->decryptData($passenger['first_name']);
|
||||||
|
$passenger['last_name'] = $encryptionHelper->decryptData($passenger['last_name']);
|
||||||
|
$passenger['email'] = $encryptionHelper->decryptData($passenger['email']);
|
||||||
|
$passenger['phone'] = $encryptionHelper->decryptData($passenger['phone']);
|
||||||
|
$passengerData = $passenger;
|
||||||
|
}
|
||||||
|
|
||||||
|
jsonSuccess([
|
||||||
|
"isRegistered" => $isRegistered,
|
||||||
|
"passenger" => $passengerData
|
||||||
|
], "Your phone number has been verified.");
|
||||||
} else {
|
} else {
|
||||||
jsonError("Your phone number could not be verified or the code is expired. Please try again.");
|
jsonError("Your phone number could not be verified or the code is expired. Please try again.");
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -24,14 +24,13 @@ class EncryptionHelper
|
|||||||
$this->cbcIv = $cbcIv ?: getenv('initializationVector') ?: str_repeat('0', 16);
|
$this->cbcIv = $cbcIv ?: getenv('initializationVector') ?: str_repeat('0', 16);
|
||||||
}
|
}
|
||||||
|
|
||||||
// ─── تشفير نص باستخدام AES-256-GCM ──
|
// ─── تشفير نص باستخدام AES-256-CBC الحتمي ──
|
||||||
public function encryptData(string $plainText): string
|
public function encryptData(string $plainText): string
|
||||||
{
|
{
|
||||||
$plainText = mb_convert_encoding($plainText, 'UTF-8');
|
$plainText = mb_convert_encoding($plainText, 'UTF-8');
|
||||||
$iv = random_bytes(self::IV_LEN_GCM);
|
$padded = $this->addPadding($plainText);
|
||||||
$tag = '';
|
$encrypted = openssl_encrypt($padded, self::ALGO_CBC, $this->key, OPENSSL_RAW_DATA, $this->cbcIv);
|
||||||
$encrypted = openssl_encrypt($plainText, self::ALGO_GCM, $this->key, OPENSSL_RAW_DATA, $iv, $tag, "", self::TAG_LEN);
|
return base64_encode($encrypted);
|
||||||
return self::PREFIX_GCM . base64_encode($iv . $tag . $encrypted);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// ─── فك تشفير نص (يدعم CBC والـ GCM المستقبلي) ───────────
|
// ─── فك تشفير نص (يدعم CBC والـ GCM المستقبلي) ───────────
|
||||||
|
|||||||
Reference in New Issue
Block a user