Hamza/Siro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
264e005a7b719f701d199c1d77c6baab79e3c8f3
Siro/backend/ride/invitor/updateDriverInvitationDirectly.php
Hamza-Ayed 72eeb24cd7 Fix #18: Exception leak remediation across 87 PHP files 
- Replaced all client-facing $e->getMessage() with generic error messages
- Added error_log() with filename prefix to all catch blocks
- Covered jsonError(), echo, and json_encode() response patterns
- Also fixed 2 remaining display_errors=1 and add_invoice.php leak
- Script-assisted fix for 75 files, manual fix for 12 remaining edge cases
2026-06-17 07:48:31 +03:00

59 lines
1.9 KiB
PHP
Raw Blame History

<?php
require_once __DIR__ . '/../../connect.php';
$inviterDriverPhone = filterRequest("inviterDriverPhone");
if (empty($inviterDriverPhone)) {
jsonError("Invalid or missing inviter phone.");
exit;
}
try {
// تشفير الرقم
$inviterDriverPhoneEncrypted = $encryptionHelper->encryptData($inviterDriverPhone);
// ✅ الآن الاستعلام نظيف وطبيعي جداً لأن قاعدة البيانات تم إصلاحها
$fetchSql = "SELECT
i.`id`,
i.`driverId`,
i.`inviterDriverPhone`,
i.`createdAt`,
i.`inviteCode`,
i.`isInstall`,
i.`isGiftToken`,
i.`expirationTime`,
dt.token
FROM `invites` i
LEFT JOIN `driverToken` dt ON dt.captain_id = i.driverId
WHERE i.`inviterDriverPhone` = :inviterDriverPhone
AND i.`expirationTime` > NOW()";
$fetchStmt = $con->prepare($fetchSql);
$fetchStmt->bindParam(':inviterDriverPhone', $inviterDriverPhoneEncrypted);
$fetchStmt->execute();
if ($fetchStmt->rowCount() > 0) {
$invite = $fetchStmt->fetch(PDO::FETCH_ASSOC);
// فك التشفير
$invite['inviterDriverPhone'] = $encryptionHelper->decryptData($invite['inviterDriverPhone']);
if (!empty($invite['token'])) {
$invite['token'] = $encryptionHelper->decryptData($invite['token']);
}
// التحديث
$updateSql = "UPDATE `invites` SET `isInstall` = 1 WHERE `id` = :id";
$updateStmt = $con->prepare($updateSql);
$updateStmt->bindParam(':id', $invite['id'], PDO::PARAM_INT);
$updateStmt->execute();
printSuccess("Record found and updated successfully.", $invite);
} else {
jsonError("No records found.");
}
} catch (PDOException $e) {
error_log("DB Error: " . $e->getMessage());
jsonError("An internal error occurred. Please try again later.");
}
?>
Reference in New Issue View Git Blame Copy Permalink