Hamza/Siro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fd30b9f6faab8a7ea7e5561553844b7df1aa1a9c
Siro/backend/auth/token_passenger/driver/send_otp_driver.php
Hamza-Ayed f907212c57 Update: 2026-06-12 20:40:40
2026-06-12 20:40:40 +03:00

87 lines
2.7 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
// File: send_otp_driver.php (إصدار بدون RaseelPlus)
require_once __DIR__ . '/../../../connect.php';
/* 1) توليد رمز التحقق (3 خانات) --------------------------------------------------- */
$otp = (string)rand(100, 999);
$receiver = filterRequest("receiver");
if (empty($receiver)) {
jsonError('Phone number is required.');
exit();
}
/* 2) إرسال عبر بوابة الفلاش كول / واتساب ------------------------------ */
$nabehUrl = 'https://otp.intaleqapp.com/api/request-otp.php';
$appKey = getenv('NABEH_OTP_APP_KEY');
$payload = [
'phone' => $receiver,
'device_type' => 'android',
'method' => 'whatsapp',
'code' => $otp
];
$ch = curl_init($nabehUrl);
curl_setopt_array($ch, [
CURLOPT_POST => true,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POSTFIELDS => json_encode($payload),
CURLOPT_HTTPHEADER => [
'Content-Type: application/json',
"X-App-Key: $appKey"
],
CURLOPT_TIMEOUT => 15,
CURLOPT_CONNECTTIMEOUT => 5
]);
$res = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$error = curl_error($ch);
curl_close($ch);
if ($error) {
error_log("⚠️ [Flash Call OTP Token Driver] Curl Error: $error");
jsonError('Failed to connect to OTP service');
exit;
}
$decoded = json_decode((string)$res, true);
$sentOK = ($httpCode === 200 && ($decoded['success'] ?? false));
if ($sentOK) {
/* 3) تشفير البيانات وحفظها في DB ----------------------------------- */
$receiver_enc = $encryptionHelper->encryptData($receiver);
$otp_enc = $encryptionHelper->encryptData($otp);
$exp = date('Y-m-d H:i:s', strtotime('+5 minutes'));
$now = date('Y-m-d H:i:s');
try {
// حذف رموز قديمة
$con->prepare("DELETE FROM token_verification_driver WHERE phone_number = ?")
->execute([$receiver_enc]);
$stmt = $con->prepare("
INSERT INTO token_verification_driver
(phone_number, token, expiration_time, verified, created_at)
VALUES (?, ?, ?, 0, ?)
");
$stmt->execute([$receiver_enc, $otp_enc, $exp, $now]);
jsonSuccess(null, 'OTP sent and saved successfully');
} catch (PDOException $e) {
jsonError('OTP sent but failed to save to database');
}
} else {
$errMsg = $decoded['message'] ?? 'Unknown error';
jsonError('Failed to send OTP: ' . $errMsg);
}
/* -----------------------------------------------------------------------
* أبقينا callAPI() فقط إذا كان يُستخدم في ملفات أخرى احذفه إن شئت.
* --------------------------------------------------------------------- */
function callAPI($method, $url, $data) { /* … */ }
?>
Reference in New Issue View Git Blame Copy Permalink