Update: 2026-06-12 20:40:40

2026-06-12 20:40:40 +03:00
parent 305ae01d52
commit f907212c57
294 changed files with 3592 additions and 3581 deletions
--- a/backend/serviceapp/addCartoDriver.php
+++ b/backend/serviceapp/addCartoDriver.php
--- a/backend/serviceapp/deleteDriverNotCompleteRegistration.php
+++ b/backend/serviceapp/deleteDriverNotCompleteRegistration.php
--- a/backend/serviceapp/editCarPlate.php
+++ b/backend/serviceapp/editCarPlate.php
--- a/backend/serviceapp/getCarPlateNotEdit.php
+++ b/backend/serviceapp/getCarPlateNotEdit.php
--- a/backend/serviceapp/getDriverByNational.php
+++ b/backend/serviceapp/getDriverByNational.php
--- a/backend/serviceapp/getDriverDetailsForActivate.php
+++ b/backend/serviceapp/getDriverDetailsForActivate.php
--- a/backend/serviceapp/getDriverNotCompleteRegistration.php
+++ b/backend/serviceapp/getDriverNotCompleteRegistration.php
--- a/backend/serviceapp/getDriversPhoneNotComplete.php
+++ b/backend/serviceapp/getDriversPhoneNotComplete.php
--- a/backend/serviceapp/getDriversWaitingActive.php
+++ b/backend/serviceapp/getDriversWaitingActive.php
--- a/backend/serviceapp/getEditorStatsCalls.php
+++ b/backend/serviceapp/getEditorStatsCalls.php
--- a/backend/serviceapp/getEmployeeDriverAfterCallingRegister.php
+++ b/backend/serviceapp/getEmployeeDriverAfterCallingRegister.php
--- a/backend/serviceapp/getEmployeeStatic.php
+++ b/backend/serviceapp/getEmployeeStatic.php
--- a/backend/serviceapp/getJsonFile.php
+++ b/backend/serviceapp/getJsonFile.php
--- a/backend/serviceapp/getNotesForEmployee.php
+++ b/backend/serviceapp/getNotesForEmployee.php
--- a/backend/serviceapp/getPackages.php
+++ b/backend/serviceapp/getPackages.php
--- a/backend/serviceapp/getRidesStatic.php
+++ b/backend/serviceapp/getRidesStatic.php
--- a/backend/serviceapp/getdriverWithoutCar.php
+++ b/backend/serviceapp/getdriverWithoutCar.php
--- a/backend/serviceapp/login.php
+++ b/backend/serviceapp/login.php
@@ -3,6 +3,7 @@ require_once __DIR__ . '/../core/bootstrap.php';

 $fingerprint = filterRequest('fingerprint');
 $password = filterRequest('password');
+$email = filterRequest('email');
 $audience = filterRequest('aud') ?? 'service';

 if (empty($fingerprint) || empty($password)) {
@@ -10,6 +11,10 @@ if (empty($fingerprint) || empty($password)) {
    exit();
 }

+// Rate Limiting: 5 محاولات في الدقيقة لكل IP
+$rateLimiter = new RateLimiter($redis);
+$rateLimiter->enforce(RateLimiter::identifier(), 'login');
+
 try {
    $con = Database::get('main');
    
@@ -20,6 +25,28 @@ try {
    $stmt->execute([':fp' => $fpHash]);
    $user = $stmt->fetch(PDO::FETCH_ASSOC);

+    // إذا لم يتم العثور بالبصمة، وتم تمرير الإيميل (تسجيل دخول لأول مرة أو من جهاز جديد)
+    if (!$user && !empty($email)) {
+        $encEmailInput = $encryptionHelper->encryptData($email);
+        $stmtEmail = $con->prepare("SELECT * FROM `users` WHERE `email` = :email AND `user_type` = 'service' LIMIT 1");
+        $stmtEmail->execute([':email' => $encEmailInput]);
+        $user = $stmtEmail->fetch(PDO::FETCH_ASSOC);
+
+        // تأكيد كلمة المرور وتحديث بصمة الجهاز إذا تم إيجاد الحساب
+        if ($user && password_verify($password, $user['password'])) {
+            $encFpRaw = $encryptionHelper->encryptData($fingerprint);
+            $updateStmt = $con->prepare("UPDATE `users` SET fingerprint = :fp_raw, fingerprint_hash = :fp WHERE id = :id");
+            $updateStmt->execute([
+                ':fp_raw' => $encFpRaw,
+                ':fp' => $fpHash,
+                ':id' => $user['id']
+            ]);
+            $user['fingerprint_hash'] = $fpHash; // Update locally
+        } else if ($user) {
+            // Password incorrect, fail later.
+        }
+    }
+
    if ($user) {
        // التحقق من حالة الحساب
        if ($user['status'] === 'pending') {
@@ -94,7 +121,7 @@ try {
            jsonError("Incorrect password");
        }
    } else {
-        jsonError("الجهاز غير مسجل لموظف خدمة.");
+        jsonError("الجهاز أو الحساب غير مسجل. يرجى إدخال البريد الإلكتروني وكلمة المرور إذا كان هذا أول تسجيل دخول لك.");
    }
 } catch (Exception $e) {
    error_log("[ServiceApp Login Error] " . $e->getMessage());
--- a/backend/serviceapp/register.php
+++ b/backend/serviceapp/register.php
@@ -18,6 +18,19 @@ if (empty($firstName) || empty($lastName) || empty($email) || empty($phone) || e
 }

 try {
+    // 1. التحقق من البيئة (Environment Whitelist)
+    $allowedPhonesStr = getenv('AUTHORIZED_SERVICE_PHONES');
+    if (!$allowedPhonesStr) {
+        jsonError("غير مصرح لك بالتسجيل كموظف خدمة (القائمة البيضاء غير معدة).");
+        exit;
+    }
+    
+    $allowedPhones = array_map('trim', explode(',', $allowedPhonesStr));
+    if (!in_array($phone, $allowedPhones)) {
+        jsonError("أنت غير مصرح لك بالتسجيل كموظف خدمة. يرجى مراجعة الإدارة.");
+        exit;
+    }
+
    $con = Database::get('main');

    // 1. التحقق من عدم وجود الحساب مسبقاً (عن طريق البريد الإلكتروني، الهاتف أو البصمة)
--- a/backend/serviceapp/registerDriverAndCarService.php
+++ b/backend/serviceapp/registerDriverAndCarService.php
--- a/backend/serviceapp/updateDriver.php
+++ b/backend/serviceapp/updateDriver.php
--- a/backend/serviceapp/updateDriverToActive.php
+++ b/backend/serviceapp/updateDriverToActive.php
--- a/backend/serviceapp/updatePackages.php
+++ b/backend/serviceapp/updatePackages.php
--- a/backend/serviceapp/web/drivers.html
+++ b/backend/serviceapp/web/drivers.html
--- a/backend/serviceapp/web/f.html
+++ b/backend/serviceapp/web/f.html
--- a/backend/serviceapp/web/getDrivers.php
+++ b/backend/serviceapp/web/getDrivers.php
--- a/backend/serviceapp/work/addCarWantWork.php
+++ b/backend/serviceapp/work/addCarWantWork.php
--- a/backend/serviceapp/work/addDriverWantWork.php
+++ b/backend/serviceapp/work/addDriverWantWork.php