Update: 2026-06-26 17:36:57

backend/Admin/v2/quality/blacklist_manager.php

@@ -1,7 +1,7 @@
 <?php
 // Admin/v2/quality/blacklist_manager.php
 require_once __DIR__ . '/../../../connect.php';
-// require_once __DIR__ . '/../../../encrypt_decrypt.php';
+require_once __DIR__ . '/../../../encrypt_decrypt.php';
 require_once __DIR__ . '/../security/audit_logs_helper.php'; // إذا كان متاحاً، وإلا سننفذ الإدخال مباشرة
 
 if ($role !== 'admin' && $role !== 'super_admin') {

siro_admin/lib/controller/admin/kazan_controller.dart

@@ -7,7 +7,7 @@ import '../functions/crud.dart';
 class KazanController extends GetxController {
   var kazanData = {}.obs;
   var isLoading = false.obs;
-  var selectedCountry = 'Syria'.obs;
+  var selectedCountry = 'سوريا'.obs;
   final CRUD _crud = CRUD();
 
   final List<Map<String, String>> countries = [
@@ -16,6 +16,12 @@ class KazanController extends GetxController {
     {'code': 'egypt', 'name': 'مصر', 'flag': '🇪🇬'},
   ];
 
+  String get selectedCountryCode =>
+      countries.firstWhere(
+        (c) => c['name'] == selectedCountry.value,
+        orElse: () => countries.first,
+      )['code']!;
+
   @override
   void onInit() {
     super.onInit();
@@ -30,7 +36,7 @@ class KazanController extends GetxController {
   Future<void> getKazan() async {
     isLoading.value = true;
     try {
-      final countryParam = selectedCountry.value.toLowerCase();
+      final countryParam = selectedCountryCode;
       var response = await _crud.get(link: "${AppLink.getKazanPercent}?country=$countryParam");
       if (response != null && response != 'failure' && response != 'token_expired') {
         var decoded = response is String ? jsonDecode(response) : response;

siro_admin/lib/views/invoice/add_invoice_page.dart

@@ -47,12 +47,13 @@ class _AddInvoicePageState extends State<AddInvoicePage> {
     setState(() => _isLoading = true);
 
     try {
-      // إعداد الترويسة (Headers)
-      final headers = {
-        'Authorization':
-            'Bearer ${r(box.read(BoxName.jwt)).split(AppInformation.addd)[0]}',
-        'X-HMAC-Auth': '${box.read(BoxName.hmac)}',
-      };
+      final rawJwt = box.read(BoxName.jwt);
+      if (rawJwt == null) {
+        mySnackbarError('الرجاء تسجيل الدخول أولاً');
+        return;
+      }
+      final token = r(rawJwt.toString()).split(AppInformation.addd)[0];
+      final fingerprint = box.read(BoxName.fingerPrint) ?? '';
 
       final uri = Uri.parse(AppLink.addInvoice);
       final request = http.MultipartRequest('POST', uri)
@@ -60,9 +61,9 @@ class _AddInvoicePageState extends State<AddInvoicePage> {
         ..fields['amount'] = amount
         ..fields['name'] = itemName
         ..fields['date'] = date
-        ..headers.addAll(headers);
+        ..headers['Authorization'] = 'Bearer $token'
+        ..headers['X-Device-FP'] = fingerprint;
 
-      // إضافة الصورة إذا وجدت
       if (_imageFile != null) {
         final multipartFile = await http.MultipartFile.fromPath(
           'image',
@@ -71,25 +72,24 @@ class _AddInvoicePageState extends State<AddInvoicePage> {
         request.files.add(multipartFile);
       }
 
-      final response = await request.send();
-      final respStr = await response.stream.bytesToString();
+      final streamed = await request.send();
+      final respStr = await streamed.stream.bytesToString();
 
-      // محاولة تحليل الاستجابة
       Map<String, dynamic> data;
       try {
         data = jsonDecode(respStr);
       } catch (e) {
-        data = {'status': 'error', 'message': 'Invalid server response'};
+        data = {
+          'status': 'error',
+          'message': 'خطأ في تحليل استجابة السيرفر: $respStr'
+        };
       }
 
       if (data['status'] == 'success') {
         mySnackbarSuccess('تم حفظ الفاتورة بنجاح');
-
         _itemNameController.clear();
         _amountController.clear();
         setState(() => _imageFile = null);
-
-        // تأخير بسيط قبل العودة لتحديث الصفحة السابقة
         Future.delayed(const Duration(seconds: 1), () {
           Get.back(result: true);
         });