From 3326756dc30a5051b9344c3483b5149301db2c01 Mon Sep 17 00:00:00 2001
From: Hamza-Ayed <hamzaayedflutter@gmail.com>
Date: Sat, 27 Jun 2026 23:01:38 +0300
Subject: [PATCH] Add tester driver creation script

---
 backend/auth/captin/create_tester_driver.php | 159 +++++++++++++++++++
 1 file changed, 159 insertions(+)
 create mode 100644 backend/auth/captin/create_tester_driver.php

diff --git a/backend/auth/captin/create_tester_driver.php b/backend/auth/captin/create_tester_driver.php
new file mode 100644
index 00000000..4cd5bfe4
--- /dev/null
+++ b/backend/auth/captin/create_tester_driver.php
@@ -0,0 +1,159 @@
+<?php
+// ============================================================
+// create_tester_driver.php
+// إنشاء أو تحديث مستخدم فاحص (Tester) خاص بمراجعي المتاجر
+// ============================================================
+
+require_once __DIR__ . '/../../core/bootstrap.php';
+
+// يمكن استقبال المتغيرات عبر الـ POST/GET أو استخدام قيم افتراضية آمنة
+$email = filterRequest('email') ?? 'review_tester@siromove.com';
+$password = filterRequest('password') ?? 'SiroTester2026!';
+$phone = filterRequest('phone') ?? '962790000000';
+$firstName = filterRequest('first_name') ?? 'فاحص';
+$lastName = filterRequest('last_name') ?? 'المتجر';
+$gender = 'Male';
+$birthdate = '1995-01-01';
+$site = 'Jordan';
+$status = 'actives'; // تفعيل مباشر
+
+if (empty($email) || empty($password) || empty($phone)) {
+    jsonError("Missing required parameters: email, password, phone");
+}
+
+try {
+    $con = Database::get('main');
+    $con->beginTransaction();
+
+    // 1. تشفير البيانات الحساسة للحفاظ على خصوصيتها وتطابق الهيكل
+    $encryptedEmail = $encryptionHelper->encryptData($email);
+    $encryptedPhone = $encryptionHelper->encryptData($phone);
+    $encryptedFirstName = $encryptionHelper->encryptData($firstName);
+    $encryptedLastName = $encryptionHelper->encryptData($lastName);
+    $encryptedGender = $encryptionHelper->encryptData($gender);
+    $encryptedBirthdate = $encryptionHelper->encryptData($birthdate);
+    $encryptedSite = $encryptionHelper->encryptData($site);
+    
+    // تشفير كلمة المرور باستخدام BCRYPT
+    $hashedPassword = password_hash($password, PASSWORD_BCRYPT);
+
+    // 2. التحقق من وجود المستخدم مسبقاً
+    $stmtCheck = $con->prepare("SELECT id FROM driver WHERE email = :email LIMIT 1");
+    $stmtCheck->execute([':email' => $encryptedEmail]);
+    $existingDriver = $stmtCheck->fetch(PDO::FETCH_ASSOC);
+
+    if ($existingDriver) {
+        $driverId = $existingDriver['id'];
+        
+        // تحديث الحساب الحالي
+        $sqlDriver = "UPDATE `driver` SET
+                        `phone` = :phone,
+                        `password` = :password,
+                        `gender` = :gender,
+                        `birthdate` = :birthdate,
+                        `site` = :site,
+                        `first_name` = :first_name,
+                        `last_name` = :last_name,
+                        `status` = :status
+                      WHERE `id` = :driverId";
+                      
+        $stmtDriver = $con->prepare($sqlDriver);
+        $stmtDriver->execute([
+            ':phone' => $encryptedPhone,
+            ':password' => $hashedPassword,
+            ':gender' => $encryptedGender,
+            ':birthdate' => $encryptedBirthdate,
+            ':site' => $encryptedSite,
+            ':first_name' => $encryptedFirstName,
+            ':last_name' => $encryptedLastName,
+            ':status' => $status,
+            ':driverId' => $driverId
+        ]);
+        $action = "updated";
+    } else {
+        // توليد معرّف فريد جديد
+        $driverId = bin2hex(random_bytes(8)); // 16-char hex ID
+        
+        // إدراج حساب سائق جديد
+        $sqlDriver = "INSERT INTO `driver` 
+                        (id, phone, email, password, gender, birthdate, site, first_name, last_name, status, bankCode, accountBank)
+                      VALUES 
+                        (:driverId, :phone, :email, :password, :gender, :birthdate, :site, :first_name, :last_name, :status, 'CIB', 'yet')";
+                        
+        $stmtDriver = $con->prepare($sqlDriver);
+        $stmtDriver->execute([
+            ':driverId' => $driverId,
+            ':phone' => $encryptedPhone,
+            ':email' => $encryptedEmail,
+            ':password' => $hashedPassword,
+            ':gender' => $encryptedGender,
+            ':birthdate' => $encryptedBirthdate,
+            ':site' => $encryptedSite,
+            ':first_name' => $encryptedFirstName,
+            ':last_name' => $encryptedLastName,
+            ':status' => $status
+        ]);
+        $action = "created";
+    }
+
+    // 3. التحقق وتفعيل رقم الهاتف في جدول phone_verification
+    $stmtPVCheck = $con->prepare("SELECT id FROM phone_verification WHERE phone_number = :phone LIMIT 1");
+    $stmtPVCheck->execute([':phone' => $phone]);
+    $pvRecord = $stmtPVCheck->fetch(PDO::FETCH_ASSOC);
+
+    if ($pvRecord) {
+        $stmtPV = $con->prepare("UPDATE phone_verification SET is_verified = 1, driverId = :driverId WHERE phone_number = :phone");
+        $stmtPV->execute([':driverId' => $driverId, ':phone' => $phone]);
+    } else {
+        $stmtPV = $con->prepare("INSERT INTO phone_verification (phone_number, driverId, email, is_verified) VALUES (:phone, :driverId, :email, 1)");
+        $stmtPV->execute([':phone' => $phone, ':driverId' => $driverId, ':email' => $email]);
+    }
+
+    // 4. إضافة أو تحديث سيارة مرافقة لتجاوز فحص الكابتن بدون سيارة
+    $stmtCarCheck = $con->prepare("SELECT id FROM CarRegistration WHERE driverID = :driverId LIMIT 1");
+    $stmtCarCheck->execute([':driverId' => $driverId]);
+    $carRecord = $stmtCarCheck->fetch(PDO::FETCH_ASSOC);
+
+    if ($carRecord) {
+        $sqlCar = "UPDATE CarRegistration SET
+                    make = 'تويوتا',
+                    model = 'راف',
+                    year = 2019,
+                    color = 'أبيض',
+                    owner = 'Siro LLC',
+                    expiration_date = '2030-01-01',
+                    status = 'actives'
+                   WHERE driverID = :driverId";
+        $stmtCar = $con->prepare($sqlCar);
+        $stmtCar->execute([':driverId' => $driverId]);
+    } else {
+        $sqlCar = "INSERT INTO CarRegistration 
+                    (driverID, vin, car_plate, make, model, year, expiration_date, color, owner, color_hex, fuel, isDefault, status)
+                   VALUES 
+                    (:driverId, 'TESTER_VIN', 'TEST-PLATE', 'تويوتا', 'راف', 2019, '2030-01-01', 'أبيض', 'Siro LLC', '#FFFFFF', 'Petrol', 1, 'actives')";
+        $stmtCar = $con->prepare($sqlCar);
+        $stmtCar->execute([':driverId' => $driverId]);
+    }
+
+    $con->commit();
+
+    echo json_encode([
+        "status" => "success",
+        "message" => "Tester driver successfully $action.",
+        "details" => [
+            "driver_id" => $driverId,
+            "email" => $email,
+            "password" => $password,
+            "phone" => $phone,
+            "status" => $status
+        ]
+    ], JSON_UNESCAPED_UNICODE);
+
+} catch (Exception $e) {
+    if (isset($con)) {
+        $con->rollBack();
+    }
+    error_log("[Create Tester Driver Error] " . $e->getMessage());
+    jsonError("Server error: " . $e->getMessage());
+}
+?>