Hamza/Siro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a8748cf4c99d1ceda8aaa10ea6fb2529191ff612
Siro/backend/serviceapp/work/addCarWantWork.php
Hamza-Ayed 72eeb24cd7 Fix #18: Exception leak remediation across 87 PHP files 
- Replaced all client-facing $e->getMessage() with generic error messages
- Added error_log() with filename prefix to all catch blocks
- Covered jsonError(), echo, and json_encode() response patterns
- Also fixed 2 remaining display_errors=1 and add_invoice.php leak
- Script-assisted fix for 75 files, manual fix for 12 remaining edge cases
2026-06-17 07:48:31 +03:00

66 lines
2.0 KiB
PHP
Raw Blame History

<?php
require_once __DIR__ . '/../../connect.php';
header('Content-Type: application/json; charset=utf-8');
// دوال مساعدة لو لم تكن موجودة
// جلب بيانات السيارة من الطلب
$owner_name = $encryptionHelper->encryptData(filterRequest("owner_name"));
$phone = $encryptionHelper->encryptData(filterRequest("phone")); // 🔒
$car_number = $encryptionHelper->encryptData(filterRequest("car_number"));
$manufacture_year = filterRequest("manufacture_year");
$car_model = filterRequest("car_model");
$car_type = filterRequest("car_type");
$site = filterRequest("site");
$registration_date = filterRequest("registration_date");
// تحقق بسيط من القيم المطلوبة
if (empty($owner_name) || empty($phone)) {
jsonError("Missing required fields", 422);
}
// SQL مع bind parameters
$sql = "INSERT INTO `carsToWork`(
`owner_name`,
`phone`,
`car_number`,
`manufacture_year`,
`car_model`,
`car_type`,
`site`,
`registration_date`
) VALUES (
:owner_name,
:phone,
:car_number,
:manufacture_year,
:car_model,
:car_type,
:site,
:registration_date
)";
try {
$stmt = $con->prepare($sql);
$stmt->bindParam(':owner_name', $owner_name);
$stmt->bindParam(':phone', $phone);
$stmt->bindParam(':car_number', $car_number);
$stmt->bindParam(':manufacture_year', $manufacture_year);
$stmt->bindParam(':car_model', $car_model);
$stmt->bindParam(':car_type', $car_type);
$stmt->bindParam(':site', $site);
$stmt->bindParam(':registration_date', $registration_date);
if ($stmt->execute()) {
printSuccess("Car data saved successfully", ["insert_id" => $con->lastInsertId()]);
} else {
$err = $stmt->errorInfo();
jsonError("Failed to save car data: " . ($err[2] ?? 'unknown error'), 500);
}
} catch (Exception $e) {
error_log("[addCarWantWork.php] " . $e->getMessage());
jsonError("An internal error occurred. Please try again later.", 500);
}
?>
Reference in New Issue View Git Blame Copy Permalink