'Access denied. Admin key required.'])); } $con = Database::get('main'); // ── منع إعادة التهيئة إذا كان هناك مشرفون مسبقاً ───────── $count = $con->query("SELECT COUNT(*) FROM adminUser")->fetchColumn(); if ($count > 0) { http_response_code(403); exit(json_encode(['error' => 'Admin already initialized. This script runs only once.'])); } // ── كلمة المرور من البيئة أو تُنشأ عشوائياً ────────────── $password = getenv('SETUP_SUPER_ADMIN_PASSWORD'); if (!$password) { $password = bin2hex(random_bytes(12)); } $hashedPass = password_hash($password, PASSWORD_DEFAULT); // ── بصمات افتراضية (تُستبدل عند أول تسجيل دخول فعلي) ─── $admins = [ [ 'name' => 'Super Admin', 'fp' => 'SETUP_DEFAULT_FP_001', 'role' => 'super_admin' ] ]; try { foreach ($admins as $admin) { $encName = $encryptionHelper->encryptData($admin['name']); $encFp = $encryptionHelper->encryptData($admin['fp']); $fpHash = hash('sha256', $admin['fp']); $uniqueId = bin2hex(random_bytes(16)); $sql = "INSERT INTO adminUser (id, fingerprint, fingerprint_hash, name, password, role, created_at) VALUES (:id, :fp, :fp_hash, :name, :pass, :role, NOW())"; $stmt = $con->prepare($sql); $stmt->execute([ ':id' => $uniqueId, ':fp' => $encFp, ':fp_hash' => $fpHash, ':name' => $encName, ':pass' => $hashedPass, ':role' => $admin['role'] ]); } echo "

Initialization Successful

"; } catch (Exception $e) { echo "An internal error occurred"; }