Hamza/intaleq_v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Security hardening: fixed 13 vulnerabilities, added AI-powered SupportController (Gemini), and stabilized Flutter Complaint logic

Browse Source
This commit is contained in:
Hamza-Ayed
2026-04-24 22:55:56 +03:00
parent cc85fe1815
commit 540c5cc7ab
11 changed files with 292 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
app/Http/Controllers/MiscController.php
View File

@@ -83,15 +83,8 @@ class MiscController extends Controller
/** GET /v2/misc/help-center */
public function getHelpCenter(Request $request): JsonResponse
{
$driverId = $request->input('driverID');
$driverId = $request->attributes->get('_jwt_user_id');
if (!$driverId) {
return response()->json([
'status' => 'failure',
'message' => 'driverID is required'
]);
}
$data = DB::connection('primary')->table('helpCenter')
->where('driverID', $driverId)
->orderBy('datecreated', 'desc')
@@ -113,23 +106,15 @@ class MiscController extends Controller
/** GET /v2/misc/tips */
public function getTips(Request $request): JsonResponse
{
$driverId = $request->input('driverID');
$passengerId = $request->input('passendgerID');
if (!$driverId && !$passengerId) {
return response()->json([
'status' => 'failure',
'message' => 'driverID or passendgerID is required'
]);
}
$userId = $request->attributes->get('_jwt_user_id');
$userType = $request->attributes->get('_jwt_user_type');
$query = DB::connection('primary')->table('tips');
if ($driverId) {
$query->where('driverID', $driverId);
}
if ($passengerId) {
$query->orWhere('passendgerID', $passengerId);
if ($userType === 'driver') {
$query->where('driverID', $userId);
} else {
$query->where('passengerID', $userId);
}
$data = $query->get();
@@ -168,17 +153,16 @@ class MiscController extends Controller
/** POST /v2/misc/help-center */
public function storeHelpCenter(Request $request): JsonResponse
{
$driverId = $request->input('driverID');
$passengerId = $request->input('passengerID');
$userId = $request->attributes->get('_jwt_user_id');
$helpQuestion = $request->input('helpQuestion');
if ((!$driverId && !$passengerId) || !$helpQuestion) {
return response()->json(['status' => 'failure', 'message' => 'Missing parameters']);
if (!$helpQuestion) {
return response()->json(['status' => 'failure', 'message' => 'Missing help question']);
}
try {
DB::connection('primary')->table('helpCenter')->insert([
'driverID' => $driverId ?? $passengerId,
'driverID' => $userId,
'helpQuestion' => $helpQuestion,
'datecreated' => now()
]);
@@ -193,12 +177,12 @@ class MiscController extends Controller
/** POST /v2/misc/tips */
public function storeTips(Request $request): JsonResponse
{
$passengerId = $request->input('passengerID');
$passengerId = $request->attributes->get('_jwt_user_id'); // From JWT
$driverId = $request->input('driverID');
$rideId = $request->input('rideID');
$tipAmount = $request->input('tipAmount');
if (!$passengerId || !$driverId || !$rideId || !$tipAmount) {
if (!$driverId || !$rideId || !$tipAmount) {
return response()->json(['status' => 'failure', 'message' => 'Missing parameters']);
}