From f428946b3051582df640f7580ed6a4289e6d41f3 Mon Sep 17 00:00:00 2001
From: Hamza-Ayed <hamzaayedflutter@gmail.com>
Date: Sat, 27 Jun 2026 23:09:04 +0300
Subject: [PATCH] Add tester passenger creation script

---
 backend/auth/create_tester_passenger.php | 137 +++++++++++++++++++++++
 1 file changed, 137 insertions(+)
 create mode 100644 backend/auth/create_tester_passenger.php

diff --git a/backend/auth/create_tester_passenger.php b/backend/auth/create_tester_passenger.php
new file mode 100644
index 00000000..991a9851
--- /dev/null
+++ b/backend/auth/create_tester_passenger.php
@@ -0,0 +1,137 @@
+<?php
+// ============================================================
+// create_tester_passenger.php
+// إنشاء أو تحديث مستخدم فاحص (Tester) خاص بمراجعي المتاجر (تطبيق الركاب)
+// ============================================================
+
+require_once __DIR__ . '/../core/bootstrap.php';
+
+// استقبال المتغيرات أو استخدام قيم افتراضية آمنة
+$email = filterRequest('email') ?? 'passenger_tester@siromove.com';
+$password = filterRequest('password') ?? 'SiroPassenger2026!';
+$phone = filterRequest('phone') ?? '962790000001';
+$firstName = filterRequest('first_name') ?? 'راكب';
+$lastName = filterRequest('last_name') ?? 'المتجر';
+$gender = 'Male';
+$birthdate = '1998-01-01';
+$site = 'Jordan';
+
+if (empty($email) || empty($password) || empty($phone)) {
+    jsonError("Missing required parameters: email, password, phone");
+}
+
+try {
+    $con = Database::get('main');
+    $con->beginTransaction();
+
+    // 1. تشفير البيانات الحساسة للحفاظ على خصوصيتها وتطابق الهيكل
+    $encryptedEmail = $encryptionHelper->encryptData($email);
+    $encryptedPhone = $encryptionHelper->encryptData($phone);
+    $encryptedFirstName = $encryptionHelper->encryptData($firstName);
+    $encryptedLastName = $encryptionHelper->encryptData($lastName);
+    $encryptedGender = $encryptionHelper->encryptData($gender);
+    $encryptedBirthdate = $encryptionHelper->encryptData($birthdate);
+    $encryptedSite = $encryptionHelper->encryptData($site);
+    
+    // تشفير الحقول الافتراضية
+    $encryptedSos = $encryptionHelper->encryptData('sos');
+    $encryptedEducation = $encryptionHelper->encryptData('none');
+    $encryptedEmployment = $encryptionHelper->encryptData('none');
+    $encryptedMarital = $encryptionHelper->encryptData('none');
+
+    // 2. التحقق من وجود الراكب مسبقاً
+    $stmtCheck = $con->prepare("SELECT id FROM passengers WHERE email = :email LIMIT 1");
+    $stmtCheck->execute([':email' => $encryptedEmail]);
+    $existingPassenger = $stmtCheck->fetch(PDO::FETCH_ASSOC);
+
+    if ($existingPassenger) {
+        $passengerId = $existingPassenger['id'];
+        
+        // تحديث حساب الراكب الحالي
+        $sqlPassenger = "UPDATE `passengers` SET
+                            `phone` = :phone,
+                            `password` = :password,
+                            `gender` = :gender,
+                            `birthdate` = :birthdate,
+                            `site` = :site,
+                            `first_name` = :first_name,
+                            `last_name` = :last_name,
+                            `status` = 'actives'
+                          WHERE `id` = :passengerId";
+                          
+        $stmtPassenger = $con->prepare($sqlPassenger);
+        $stmtPassenger->execute([
+            ':phone' => $encryptedPhone,
+            ':password' => $password, // خزن كـ plaintext متوافقاً مع الاستعلام القديم
+            ':gender' => $encryptedGender,
+            ':birthdate' => $encryptedBirthdate,
+            ':site' => $encryptedSite,
+            ':first_name' => $encryptedFirstName,
+            ':last_name' => $encryptedLastName,
+            ':passengerId' => $passengerId
+        ]);
+        $action = "updated";
+    } else {
+        // توليد معرّف فريد جديد للراكب
+        $passengerId = bin2hex(random_bytes(8)); // 16-char hex ID
+        
+        // إدراج حساب راكب جديد
+        $sqlPassenger = "INSERT INTO `passengers` 
+                            (id, phone, email, password, gender, status, birthdate, site, first_name, last_name, sosPhone, education, employmentType, maritalStatus)
+                          VALUES 
+                            (:passengerId, :phone, :email, :password, :gender, 'actives', :birthdate, :site, :first_name, :last_name, :sos, :edu, :emp, :marital)";
+                            
+        $stmtPassenger = $con->prepare($sqlPassenger);
+        $stmtPassenger->execute([
+            ':passengerId' => $passengerId,
+            ':phone' => $encryptedPhone,
+            ':email' => $encryptedEmail,
+            ':password' => $password, // خزن كـ plaintext متوافقاً مع الاستعلام القديم
+            ':gender' => $encryptedGender,
+            ':birthdate' => $encryptedBirthdate,
+            ':site' => $encryptedSite,
+            ':first_name' => $encryptedFirstName,
+            ':last_name' => $encryptedLastName,
+            ':sos' => $encryptedSos,
+            ':edu' => $encryptedEducation,
+            ':emp' => $encryptedEmployment,
+            ':marital' => $encryptedMarital
+        ]);
+        $action = "created";
+    }
+
+    // 3. التحقق وتفعيل رقم الهاتف في جدول phone_verification_passenger
+    $stmtPVCheck = $con->prepare("SELECT id FROM phone_verification_passenger WHERE phone_number = :phone LIMIT 1");
+    $stmtPVCheck->execute([':phone' => $phone]);
+    $pvRecord = $stmtPVCheck->fetch(PDO::FETCH_ASSOC);
+
+    if ($pvRecord) {
+        $stmtPV = $con->prepare("UPDATE phone_verification_passenger SET verified = 1, status = 'actives' WHERE phone_number = :phone");
+        $stmtPV->execute([':phone' => $phone]);
+    } else {
+        $stmtPV = $con->prepare("INSERT INTO phone_verification_passenger (phone_number, verified, status) VALUES (:phone, 1, 'actives')");
+        $stmtPV->execute([':phone' => $phone]);
+    }
+
+    $con->commit();
+
+    echo json_encode([
+        "status" => "success",
+        "message" => "Tester passenger successfully $action.",
+        "details" => [
+            "passenger_id" => $passengerId,
+            "email" => $email,
+            "password" => $password,
+            "phone" => $phone,
+            "status" => "actives"
+        ]
+    ], JSON_UNESCAPED_UNICODE);
+
+} catch (Exception $e) {
+    if (isset($con)) {
+        $con->rollBack();
+    }
+    error_log("[Create Tester Passenger Error] " . $e->getMessage());
+    jsonError("Server error: " . $e->getMessage());
+}
+?>