Initial commit with updated Auth and media ignored

Admin/driver/deleteCaptain.php

@@ -0,0 +1,41 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+
+$driver_id = filterRequest("driver_id");
+$phone     = filterRequest("phone");
+$reason    = filterRequest("reason"); // يمكن أن يأتي من البارامتر أو نخليه افتراضي
+
+if (empty($driver_id) || empty($phone)) {
+    jsonError("Driver ID and phone are required.");
+    exit;
+}
+
+try {
+    // تشفير رقم الهاتف
+    $encPhone = $encryptionHelper->encryptData($phone);
+
+    // حذف السائق من جدول driver
+    $sqlDel = "DELETE FROM driver WHERE id = :id";
+    $stmtDel = $con->prepare($sqlDel);
+    $stmtDel->bindParam(':id', $driver_id, PDO::PARAM_INT);
+    $stmtDel->execute();
+
+    if ($stmtDel->rowCount() > 0) {
+        // إضافة بيانات السائق المحذوف إلى البلاك ليست
+        $sqlInsert = "INSERT INTO blacklist_driver (driver_id, phone, reason) 
+                      VALUES (:driver_id, :phone, :reason)";
+        $stmtInsert = $con->prepare($sqlInsert);
+        $stmtInsert->execute([
+            'driver_id' => $driver_id,
+            'phone'     => $encPhone,
+            'reason'    => !empty($reason) ? $reason : "Deleted & blacklisted by admin"
+        ]);
+
+        jsonSuccess(null, "Driver deleted and blacklisted successfully.");
+    } else {
+        jsonError("No driver found with the provided ID.");
+    }
+
+} catch (PDOException $e) {
+    jsonError("Error: " . $e->getMessage());
+}

Admin/driver/deleteRecord.php

@@ -0,0 +1,30 @@
+<?php
+
+require_once __DIR__ . '/../../connect.php';
+
+$driver_id = filterRequest("driver_id");
+
+// Prepare the DELETE query
+$sql = "DELETE FROM `car_locations` WHERE driver_id = :driver_id";
+$stmt = $con->prepare($sql);
+
+// Bind the driver_id parameter
+$stmt->bindParam(':driver_id', $driver_id, PDO::PARAM_STR);
+
+try {
+    // Execute the query
+    $stmt->execute();
+
+    if ($stmt->rowCount() > 0) {
+        // Success response
+        jsonSuccess(null, "Record(s) deleted successfully.");
+    } else {
+        // Failure response: no records found to delete
+        jsonError("No records found for the provided driver ID.");
+    }
+} catch (PDOException $e) {
+    // Handle any SQL errors
+    jsonError("Error deleting records: " . $e->getMessage());
+}
+
+?>

Admin/driver/find_driver_by_phone.php

@@ -0,0 +1,55 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+
+$phone = filterRequest("phone");
+
+if (empty($phone)) {
+    jsonError("Phone number is required.");
+    exit;
+}
+
+try {
+    // تشفير الرقم المدخل للبحث
+    $encPhone = $encryptionHelper->encryptData($phone);
+
+    // احضار كل الأعمدة باستثناء كلمة المرور
+    $sql = "SELECT * 
+            FROM driver 
+            WHERE phone = :phone 
+            LIMIT 1";
+    $stmt = $con->prepare($sql);
+    $stmt->execute([':phone' => $encPhone]);
+
+    $driver = $stmt->fetch(PDO::FETCH_ASSOC);
+
+    if ($driver) {
+        // ✅ الحقول المشفرة اللي لازم تنفك:
+        $encryptedFields = [
+            'phone',
+            'email',
+            'first_name',
+            'last_name',
+            'national_number',
+            'address','gender','site',
+            'birthdate',
+            'name_arabic',
+        ];
+
+        foreach ($encryptedFields as $field) {
+            if (!empty($driver[$field])) {
+                $driver[$field] = $encryptionHelper->decryptData($driver[$field]);
+            }
+        }
+
+        // ❌ احذف كلمة المرور من النتيجة
+        unset($driver['password']);
+
+        jsonSuccess($driver);
+
+    } else {
+        jsonError("No driver found with this phone.");
+    }
+
+} catch (PDOException $e) {
+    jsonError("Error searching driver: " . $e->getMessage());
+}

Admin/driver/getBestDriver.php

@@ -0,0 +1,48 @@
+<?php
+
+require_once __DIR__ . '/../../connect.php';
+
+$sql = "SELECT
+    COUNT(`car_locations`.driver_id) AS driver_count,
+    driver.id,
+    driver.phone,
+    driver.name_arabic,
+    MAX(dt.token) AS token
+FROM
+    `car_locations`
+LEFT JOIN driver ON driver.id = car_locations.driver_id
+LEFT JOIN driverToken dt ON dt.captain_id = driver.id
+WHERE
+    `car_locations`.created_at > TIMESTAMP(DATE_SUB(NOW(), INTERVAL 7 DAY))
+GROUP BY
+    driver.id
+ORDER BY
+    driver_count DESC
+LIMIT 19;
+";
+
+$stmt = $con->prepare($sql);
+$stmt->execute();
+
+if ($stmt->rowCount() > 0) {
+    $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    // فك التشفير للحقول الحساسة
+    foreach ($rows as &$row) {
+        if (!empty($row['phone'])) {
+            $row['phone'] = $encryptionHelper->decryptData($row['phone']);
+        }
+        if (!empty($row['name_arabic'])) {
+            $row['name_arabic'] = $encryptionHelper->decryptData($row['name_arabic']);
+        }
+        if (!empty($row['token'])) {
+            $row['token'] = $encryptionHelper->decryptData($row['token']);
+        }
+    }
+
+    jsonSuccess($rows);
+} else {
+    jsonError($message = "No recent driver location activity found");
+}
+
+?>

Admin/driver/getDriverGiftPayment.php

@@ -0,0 +1,45 @@
+<?php
+
+require_once __DIR__ . '/../../connect.php';
+
+$phone = filterRequest("phone");
+
+// Encrypt phone
+$encphone = $encryptionHelper->encryptData($phone);
+
+$sql = "SELECT
+            *
+        FROM
+            `driver`
+        WHERE
+            phone = :encPhone";
+
+$stmt = $con->prepare($sql);
+
+// FIX 1: Bind AFTER preparing the statement
+// FIX 2: Use the same placeholder name (:encPhone)
+$stmt->bindParam(':encPhone', $encphone, PDO::PARAM_STR);
+
+$stmt->execute();
+
+if ($stmt->rowCount() > 0) {
+
+    $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    // Decrypt sensitive fields
+    foreach ($rows as &$row) {
+        if (!empty($row['phone'])) {
+            $row['phone'] = $encryptionHelper->decryptData($row['phone']);
+        }
+      if (!empty($row['name_arabic'])) {
+            $row['name_arabic'] = $encryptionHelper->decryptData($row['name_arabic']);
+        }
+    }
+
+    jsonSuccess($rows);
+
+} else {
+    jsonError("No recent driver location activity found");
+}
+
+?>

Admin/driver/remove_from_blacklist.php

@@ -0,0 +1,27 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+
+$phone = filterRequest("phone");
+
+if (empty($phone)) {
+    jsonError("Phone number is required.");
+    exit;
+}
+
+try {
+    // تشفير الرقم للمطابقة مع المخزن
+    $encPhone = $encryptionHelper->encryptData($phone);
+
+    $sql = "DELETE FROM blacklist_driver WHERE phone = :phone";
+    $stmt = $con->prepare($sql);
+    $stmt->execute([':phone' => $encPhone]);
+
+    if ($stmt->rowCount() > 0) {
+        jsonSuccess(null, "Driver removed from blacklist successfully.");
+    } else {
+        jsonError("No driver found in blacklist with this phone.");
+    }
+
+} catch (PDOException $e) {
+    jsonError("Error removing from blacklist: " . $e->getMessage());
+}

Admin/driver/updateDriverFromAdmin.php

@@ -0,0 +1,30 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+
+$driver_id = filterRequest("id");
+$phone     = filterRequest("phone");
+
+// تشفير رقم الهاتف
+$encphone = $encryptionHelper->encryptData($phone);
+
+$sql = "UPDATE `driver` SET `phone` = :encphone WHERE `id` = :id";
+$stmt = $con->prepare($sql);
+
+// Bind values
+$stmt->bindParam(':encphone', $encphone, PDO::PARAM_STR);
+$stmt->bindParam(':id', $driver_id, PDO::PARAM_STR);
+
+try {
+    $stmt->execute();
+
+    if ($stmt->rowCount() > 0) {
+        // تم التحديث بنجاح
+        jsonSuccess(null, "Phone updated successfully.");
+    } else {
+        // لم يتم العثور على أي سجل للتحديث
+        jsonError("No records updated. Please check the driver ID.");
+    }
+} catch (PDOException $e) {
+    jsonError("Error updating record: " . $e->getMessage());
+}
+?>