first commit

2026-06-09 08:40:31 +03:00
commit d8901e1a87
3161 changed files with 536187 additions and 0 deletions
--- a/backend/Admin/auth/send_otp_admin.php
+++ b/backend/Admin/auth/send_otp_admin.php
@@ -0,0 +1,56 @@
+<?php
+// send_otp_admin.php — إرسال رمز التحقق لمسؤول عبر WhatsApp
+
+require_once __DIR__ . '/../../connect.php';
+
+error_log("--- [send_otp_admin] Script started ---");
+
+// جلب الرقم من الطلب
+$receiver = filterRequest("receiver");
+//error_log("[send_otp_admin] Received phone number: " . var_export($receiver, true));
+
+if (!$receiver) {
+  //  error_log("[send_otp_admin] Missing phone number");
+    jsonError("رقم الهاتف مفقود.");
+    exit;
+}
+
+// قراءة الأرقام المصرح بها من ENV
+$allowedPhones = explode(',', getenv('ADMIN_PHONE_NUMBERS'));
+//error_log("[send_otp_admin] Allowed phones: " . implode(', ', $allowedPhones));
+
+if (!in_array($receiver, $allowedPhones)) {
+    error_log("[send_otp_admin] Unauthorized phone number attempted: $receiver");
+    jsonError("رقم الهاتف غير مصرح له.");
+    exit;
+}
+
+// توليد رمز تحقق عشوائي
+$otp = rand(10000, 99999);
+$messageBody = "رمز التحقق الخاص بك للدخول إلى لوحة الإدارة هو: $otp";
+//error_log("[send_otp_admin] Generated OTP: $otp for $receiver");
+
+// إرسال الرسالة عبر WhatsApp
+$success = sendWhatsAppFromServer($receiver, $messageBody);
+error_log("[send_otp_admin] WhatsApp sending result: " . ($success ? "success" : "failure"));
+
+if ($success) {
+    try {
+        $stmt = $con->prepare("INSERT INTO token_verification_admin (phone_number, token, expiration_time)
+                               VALUES (?, ?, DATE_ADD(NOW(), INTERVAL 5 MINUTE))
+                               ON DUPLICATE KEY UPDATE token = VALUES(token), expiration_time = VALUES(expiration_time)");
+        $stmt->execute([$receiver, $otp]);
+       // error_log("[send_otp_admin] OTP saved to database successfully for $receiver");
+
+        jsonSuccess(null, "OTP sent successfully.");
+    } catch (PDOException $e) {
+       // error_log("[send_otp_admin] Database error: " . $e->getMessage());
+        jsonError("حدث خطأ في حفظ الرمز.");
+    }
+} else {
+  //  error_log("[send_otp_admin] Failed to send WhatsApp message to $receiver");
+    jsonError("فشل في إرسال الرمز عبر WhatsApp.");
+}
+
+//error_log("--- [send_otp_admin] Script ended ---");
+?>