Update: 2026-06-12 20:40:40

2026-06-12 20:40:40 +03:00
parent 305ae01d52
commit f907212c57
294 changed files with 3592 additions and 3581 deletions
--- a/backend/auth/syria/driver/driver_details.php
+++ b/backend/auth/syria/driver/driver_details.php
--- a/backend/auth/syria/driver/drivers_pending_list.php
+++ b/backend/auth/syria/driver/drivers_pending_list.php
--- a/backend/auth/syria/driver/isPhoneVerified.php
+++ b/backend/auth/syria/driver/isPhoneVerified.php
--- a/backend/auth/syria/driver/register_driver_and_car.php
+++ b/backend/auth/syria/driver/register_driver_and_car.php
--- a/backend/auth/syria/driver/register_driver_and_car_signed.php
+++ b/backend/auth/syria/driver/register_driver_and_car_signed.php
--- a/backend/auth/syria/driver/sendWhatsAppDriver.php
+++ b/backend/auth/syria/driver/sendWhatsAppDriver.php
@@ -1,109 +0,0 @@
-<?php
-require_once __DIR__ . '/../../../connect.php';
-//sendWhatsAppDriver.php
-error_log("--- [send_otp_driver.php] Started ---");
-
-/**
- * فحص البلاك ليست (خاصة بالسائقين)
- * - يشفّر الهاتف الخام ويبحث عنه في جدول blacklist_driver
- */
-function is_blacklisted_driver(PDO $con, $encryptionHelper, string $phone): bool {
-    $raw     = trim($phone);
-    $enc_raw = $encryptionHelper->encryptData($raw);
-
-    $sql = "SELECT 1 FROM blacklist_driver WHERE phone = :ph LIMIT 1";
-    $q = $con->prepare($sql);
-    $q->execute(['ph' => $enc_raw]);
-
-    return (bool)$q->fetchColumn();
-}
-
-/* 0) استقبل الرقم وتحقق من البلاك ليست */
-$receiver = filterRequest("receiver");
-
-if (!$receiver) {
-    jsonError('Phone number is required.');
-    error_log("[send_otp_driver.php] Error: phone empty");
-    exit();
-}
-
-if (is_blacklisted_driver($con, $encryptionHelper, $receiver)) {
-    jsonError('This driver is blacklisted and cannot receive OTP.');
-    error_log("[send_otp_driver.php] BLOCKED (blacklisted): $receiver");
-    exit();
-}
-
-/* 1) توليد الـ OTP (3 خانات) */
-$otp = (string)rand(100, 999);
-
-/* 2) إرسال الرمز عبر بوابة الفلاش كول / واتساب */
-$nabehUrl = 'https://otp.intaleqapp.com/api/request-otp.php';
-$appKey = getenv('NABEH_OTP_APP_KEY');
-
-$phoneWithPlus = (strpos($receiver, '+') === 0) ? $receiver : '+' . $receiver;
-
-$payload = [
-    'phone' => $phoneWithPlus,
-    'device_type' => 'android',
-    'method' => 'whatsapp',
-    'code' => $otp
-];
-
-$ch = curl_init($nabehUrl);
-curl_setopt_array($ch, [
-    CURLOPT_POST => true,
-    CURLOPT_RETURNTRANSFER => true,
-    CURLOPT_POSTFIELDS => json_encode($payload),
-    CURLOPT_HTTPHEADER => [
-        'Content-Type: application/json',
-        "X-App-Key: $appKey"
-    ],
-    CURLOPT_TIMEOUT => 15,
-    CURLOPT_CONNECTTIMEOUT => 5
-]);
-
-$res = curl_exec($ch);
-$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
-$error = curl_error($ch);
-curl_close($ch);
-
-if ($error) {
-    error_log("⚠️ [Flash Call OTP Driver] Curl Error: $error");
-    jsonError('Failed to connect to OTP service');
-    exit;
-}
-
-$decoded = json_decode((string)$res, true);
-if ($httpCode !== 200 || !($decoded['success'] ?? false)) {
-    error_log("❌ [Flash Call OTP Driver] Failed response: Code $httpCode | Body: " . (string)$res);
-    jsonError($decoded['message'] ?? 'Failed to request verification code');
-    exit;
-}
-
-/* 3) حفظ الـ OTP في قاعدة البيانات */
-$receiver_enc = $encryptionHelper->encryptData($receiver);
-$otp_enc      = $encryptionHelper->encryptData($otp);
-
-$exp = date('Y-m-d H:i:s', strtotime('+5 minutes'));
-$now = date('Y-m-d H:i:s');
-
-try {
-    // حذف أي رموز سابقة لنفس الرقم
-    $con->prepare("DELETE FROM phone_verification WHERE phone_number = ?")
-        ->execute([$receiver_enc]);
-
-    $stmt = $con->prepare("
-        INSERT INTO phone_verification
-            (phone_number, token_code, expiration_time, is_verified, created_at)
-        VALUES (?, ?, ?, 0, ?)
-    ");
-    $stmt->execute([$receiver_enc, $otp_enc, $exp, $now]);
-
-    jsonSuccess(null, 'OTP sent and saved successfully');
-    error_log("[send_otp_driver.php] OTP saved for driver $receiver");
-
-} catch (PDOException $e) {
-    error_log("[send_otp_driver.php] DB error: ".$e->getMessage());
-    jsonError('OTP generated but failed to save to database');
-}
-?>
--- a/backend/auth/syria/driver/verifyOtp.php
+++ b/backend/auth/syria/driver/verifyOtp.php
@@ -1,96 +0,0 @@
-<?php
-require_once __DIR__ . '/../../../connect.php';
-
-$phoneNumber = filterRequest("phone_number");
-$otp = filterRequest("otp");
-$email = $phoneNumber . '@intaleqapp.com';
-
-error_log("📥 [verifyOtp.php] Received phone number: $phoneNumber | OTP: $otp");
-
-if (empty($phoneNumber) || empty($otp)) {
-    jsonError("Phone number and OTP are required.");
-    exit();
-}
-
-// 🔐 تشفير البيانات
-$phoneNumber_encrypted = $encryptionHelper->encryptData($phoneNumber);
-$email_encrypted       = $encryptionHelper->encryptData($email);
-
-try {
-    // 🔍 1. التحقق من السجل المخزن في قاعدة البيانات
-    $stmtSelect = $con->prepare("SELECT * FROM phone_verification WHERE phone_number = ? ORDER BY created_at DESC LIMIT 1");
-    $stmtSelect->execute([$phoneNumber_encrypted]);
-    $record = $stmtSelect->fetch(PDO::FETCH_ASSOC);
-
-    if (!$record) {
-        jsonError("Verification session not found. Please request a new code.");
-        exit();
-    }
-
-    // 🔍 2. فك تشفير ومقارنة الرمز
-    $decryptedOtp = $encryptionHelper->decryptData($record['token_code']);
-    if ($decryptedOtp !== $otp) {
-        jsonError("Invalid verification code.");
-        exit();
-    }
-
-    // 🔍 3. التحقق من الصلاحية
-    $now = date('Y-m-d H:i:s');
-    if ($record['expiration_time'] && $record['expiration_time'] < $now) {
-        jsonError("Verification code has expired. Please request a new one.");
-        exit();
-    }
-
-    // 🧹 حذف أي رموز قديمة لنفس الرقم
-    $con->prepare("DELETE FROM phone_verification WHERE phone_number = ?")
-        ->execute([$phoneNumber_encrypted]);
-
-    // 🧾 توليد driverID فريد
-    $raw = $phoneNumber;
-    $driverID = substr(md5($raw), 2, 20);
-
-    // 🔐 توليد رمز تجريبي (بدون OTP حقيقي لتجنب Null)
-    $dummyToken = $encryptionHelper->encryptData('AUTO');
-
-    // ✅ إدخال سجل تحقق مباشر
-    $stmt = $con->prepare("
-        INSERT INTO phone_verification 
-            (phone_number, token_code, email, driverId, expiration_time, is_verified, created_at)
-        VALUES (?, ?, ?, ?, NULL, 1, ?)
-    ");
-    $stmt->execute([$phoneNumber_encrypted, $dummyToken, $email_encrypted, $driverID, $now]);
-
-    error_log("✅ [verifyOtp.php] Verification record inserted successfully for $phoneNumber");
-
-    // 🔍 التحقق إذا السائق موجود مسبقاً
-    $checkDriverStmt = $con->prepare("SELECT * FROM driver WHERE phone = ?");
-    $checkDriverStmt->execute([$phoneNumber_encrypted]);
-    $driver = $checkDriverStmt->fetch(PDO::FETCH_ASSOC);
-
-    if ($driver) {
-        error_log("👤 [verifyOtp.php] Driver already registered. Returning driver info.");
-        printSuccess([
-            "message" => "Driver already registered.",
-            "isRegistered" => true,
-            "driver" => [
-                "id"         => $driver['id'],
-                "first_name" => $encryptionHelper->decryptData($driver['first_name']),
-                "last_name"  => $encryptionHelper->decryptData($driver['last_name']),
-                "email"      => $encryptionHelper->decryptData($driver['email']),
-                "phone"      => $phoneNumber
-            ]
-        ]);
-    } else {
-        error_log("🆕 [verifyOtp.php] Phone verified. Driver not found.");
-        printSuccess([
-            "message" => "Phone number verified successfully.",
-            "isRegistered" => false,
-            "driverID" => $driverID
-        ]);
-    }
-
-} catch (PDOException $e) {
-    error_log("💥 [verifyOtp.php] PDO ERROR: " . $e->getMessage());
-    jsonError("Database error: " . $e->getMessage());
-}
-?>