Initial commit with updated Auth and media ignored

2026-04-28 13:04:27 +03:00
commit 67af97474c
477 changed files with 66444 additions and 0 deletions
--- a/Admin/rides/admin_get_rides_by_phone.php
+++ b/Admin/rides/admin_get_rides_by_phone.php
@@ -0,0 +1,103 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+
+$phone = filterRequest('phone');
+if (!$phone) {
+    error_log("[get_last_ride] Missing phone parameter");
+    jsonError("Phone is required");
+    exit;
+}
+
+$raw = $phone;
+
+// شَفِّر قبل الاستعلام
+$enc_raw = $encryptionHelper->encryptData($raw);
+
+try {
+    error_log("[get_last_ride] Searching passenger with phone=$raw");
+
+    // 1) ابحث عن الراكب بالهاتف المشفّر
+    $selP = $con->prepare("
+        SELECT id, first_name, last_name, phone
+        FROM passengers
+        WHERE phone =:enc_raw
+        LIMIT 1
+    ");
+    $selP->execute(['enc_raw' => $enc_raw]);
+    $passenger = $selP->fetch(PDO::FETCH_ASSOC);
+
+    if (!$passenger) {
+        error_log("[get_last_ride] Passenger not found (phone=$raw)");
+        jsonError('Passenger not found for provided phone');
+        exit;
+    }
+
+    error_log("[get_last_ride] Passenger found id=" . $passenger['id']);
+
+    // 2) آخر رحلة لهذا الراكب
+    $rideStmt = $con->prepare("
+        SELECT
+            r.id,
+            r.start_location,
+            r.end_location,
+            r.date,
+            r.time,
+            r.endtime,
+            r.status,
+            r.paymentMethod,
+            r.carType,
+            r.price,
+            r.price_for_driver,
+            r.price_for_passenger,
+            r.distance,
+            r.driver_id,
+            r.passenger_id,
+            r.created_at,
+            r.updated_at,
+            r.DriverIsGoingToPassenger,
+            r.rideTimeStart,
+            r.rideTimeFinish,
+            d.first_name AS driver_first_name,
+            d.last_name  AS driver_last_name
+        FROM ride r
+        LEFT JOIN driver d ON d.id = r.driver_id
+        WHERE r.passenger_id = :pid
+        ORDER BY r.created_at DESC, r.id DESC
+        LIMIT 1
+    ");
+    $rideStmt->execute(['pid' => $passenger['id']]);
+    $ride = $rideStmt->fetch(PDO::FETCH_ASSOC);
+
+    if (!$ride) {
+        error_log("[get_last_ride] No rides found for passenger_id=" . $passenger['id']);
+        jsonError('No rides found for this passenger');
+        exit;
+    }
+
+    error_log("[get_last_ride] Found ride id=" . $ride['id'] . " for passenger_id=" . $passenger['id']);
+
+    // فك التشفير
+    $passenger['first_name'] = $encryptionHelper->decryptData($passenger['first_name']);
+    $passenger['last_name']  = $encryptionHelper->decryptData($passenger['last_name']);
+    $passenger['phone']      = $encryptionHelper->decryptData($passenger['phone']);
+    $ride['driver_first_name'] = $encryptionHelper->decryptData($ride['driver_first_name']);
+    $ride['driver_last_name']  = $encryptionHelper->decryptData($ride['driver_last_name']);
+
+    // 3) اطبع النتيجة
+    $response = [
+        'passenger' => [
+            'id'         => $passenger['id'],
+            'first_name' => $passenger['first_name'],
+            'last_name'  => $passenger['last_name'],
+            'phone'      => $passenger['phone'],
+        ],
+        'ride' => $ride
+    ];
+
+    error_log("[get_last_ride] Success response for passenger_id=" . $passenger['id']);
+    jsonSuccess($response);
+
+} catch (Throwable $e) {
+    error_log("[get_last_ride] Exception: " . $e->getMessage());
+    jsonError("Error: " . $e->getMessage());
+}
--- a/Admin/rides/admin_update_ride_status.php
+++ b/Admin/rides/admin_update_ride_status.php
@@ -0,0 +1,87 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+
+
+
+$rideId = filterRequest('id');
+$status = filterRequest('status');
+$reason = filterRequest('reason'); // اختياري
+
+if (empty($rideId) || empty($status)) {
+    jsonError("id and status are required");
+    exit;
+}
+
+/* whitelist للحالات المسموحة – عدّل حسب نظامك */
+$allowed = [
+    'Pending', 'Accepted', 'EnRoute', 'Arrived',
+    'Started', 'Completed', 'Canceled'
+];
+
+if (!in_array($status, $allowed, true)) {
+    jsonError("Invalid status");
+    exit;
+}
+
+try {
+    $con->beginTransaction();
+
+    // إن أردت ختم وقت النهاية تلقائيًا عند الإكمال
+    if ($status === 'Completed') {
+        $sql = "UPDATE ride 
+                   SET status = :st, rideTimeFinish = IFNULL(rideTimeFinish, NOW()), updated_at = CURRENT_TIMESTAMP
+                 WHERE id = :id";
+    } else {
+        $sql = "UPDATE ride 
+                   SET status = :st, updated_at = CURRENT_TIMESTAMP
+                 WHERE id = :id";
+    }
+
+    $stmt = $con->prepare($sql);
+    $ok = $stmt->execute(['st' => $status, 'id' => $rideId]);
+
+    if (!$ok || $stmt->rowCount() === 0) {
+        $con->rollBack();
+        jsonError("Ride not found or no change");
+        exit;
+    }
+
+    // أعِدّ بيانات الرحلة المحدّثة (للتحديث الفوري في الواجهة)
+    $fetch = $con->prepare("
+        SELECT
+            r.id,
+            r.start_location,
+            r.end_location,
+            r.date,
+            r.time,
+            r.endtime,
+            r.status,
+            r.paymentMethod,
+            r.carType,
+            r.price,
+            r.price_for_driver,
+            r.price_for_passenger,
+            r.distance,
+            r.driver_id,
+            r.passenger_id,
+            r.created_at,
+            r.updated_at,
+            r.DriverIsGoingToPassenger,
+            r.rideTimeStart,
+            r.rideTimeFinish,
+            d.first_name AS driver_first_name,
+            d.last_name  AS driver_last_name
+        FROM ride r
+        LEFT JOIN driver d ON d.id = r.driver_id
+        WHERE r.id = :id
+        LIMIT 1
+    ");
+    $fetch->execute(['id' => $rideId]);
+    $ride = $fetch->fetch(PDO::FETCH_ASSOC);
+
+    $con->commit();
+    jsonSuccess(['ride' => $ride, 'message' => 'Status updated']);
+} catch (Throwable $e) {
+    if ($con->inTransaction()) $con->rollBack();
+    jsonError("Error: ".$e->getMessage());
+}
--- a/Admin/rides/get_driver_live_pos.php
+++ b/Admin/rides/get_driver_live_pos.php
@@ -0,0 +1,50 @@
+<?php
+// =================================================================
+// ملف: get_driver_live_pos.php
+// الوظيفة: جلب الموقع اللحظي لسائق محدد (بناءً على ID)
+// =================================================================
+
+require_once __DIR__ . '/../../connect.php'; // تأكد أن هذا الملف يحتوي على $con_tracking
+
+header("Access-Control-Allow-Origin: *");
+header("Content-Type: application/json; charset=UTF-8");
+
+try {
+    // 1. استقبال معرف السائق
+    $driver_id = filterRequest("driver_id");
+
+    if (!$driver_id) {
+        jsonError("driver_id is required");
+        exit;
+    }
+
+    // 2. الاستعلام من قاعدة بيانات التتبع (car_locations)
+    // نجلب أحدث إحداثيات تم تسجيلها لهذا السائق
+    $sql = "
+        SELECT 
+            latitude, 
+            longitude, 
+            heading, 
+            speed, 
+            updated_at 
+        FROM car_locations 
+        WHERE driver_id = ? 
+        ORDER BY updated_at DESC 
+        LIMIT 1
+    ";
+
+    $stmt = $con_tracking->prepare($sql);
+    $stmt->execute([$driver_id]);
+    $data = $stmt->fetch(PDO::FETCH_ASSOC);
+
+    if ($data) {
+        jsonSuccess($data);
+    } else {
+        // السائق ليس له موقع مسجل (ربما لم يشغل التطبيق بعد)
+        jsonError("No location found for this driver");
+    }
+
+} catch (PDOException $e) {
+    jsonError("Database Error: " . $e->getMessage());
+}
+?>
--- a/Admin/rides/get_rides_by_status.php
+++ b/Admin/rides/get_rides_by_status.php
@@ -0,0 +1,108 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+
+header("Access-Control-Allow-Origin: *");
+header('Content-Type: application/json; charset=utf-8');
+
+try {
+    $statusFilter = filterRequest("status"); 
+    // القيم المتوقعة من التطبيق: 'All', 'Begin', 'New', 'Completed', 'Canceled'
+    if (!$statusFilter) $statusFilter = "Begin";
+
+    $params = [];
+    $whereClause = "";
+
+    // --- منطق ترجمة الحالات (Mapping Logic) ---
+    switch ($statusFilter) {
+        case 'All':
+            $whereClause = ""; // لا يوجد شرط، اجلب الكل
+            break;
+            
+        case 'Begin':
+            // قد تكون الرحلة بدأت أو وصل السائق
+            $whereClause = "WHERE r.status IN ('Begin','Apply','Applied')";
+            break;
+
+        case 'New':
+            $whereClause = "WHERE r.status = 'New'";
+            break;
+
+        case 'Completed':
+            // في قاعدة البيانات الحالة اسمها Finished
+            $whereClause = "WHERE r.status = 'Finished'";
+            break;
+
+        case 'Canceled':
+            // نجمع كل حالات الإلغاء الممكنة
+            $whereClause = "WHERE r.status IN ('Cancel', 'CancelFromDriverAfterApply', 'TimeOut')";
+            break;
+            
+        default:
+            // في حال تم إرسال حالة محددة غير المذكورين
+            $whereClause = "WHERE r.status = ?";
+            $params[] = $statusFilter;
+            break;
+    }
+
+    // --- الاستعلام ---
+    $sql = "
+        SELECT 
+            r.*,
+            -- بيانات السائق
+            d.first_name as d_fname, d.last_name as d_lname, d.phone as d_phone, d.id as driver_real_id,
+            -- إحصائيات السائق (نحسب المكتمل والملغي بشكل أدق)
+            (SELECT COUNT(*) FROM ride WHERE driver_id = d.id AND status = 'Finished') as d_completed,
+            (SELECT COUNT(*) FROM ride WHERE driver_id = d.id AND status LIKE 'Cancel%') as d_canceled,
+            
+            -- بيانات الراكب
+            p.first_name as p_fname, p.last_name as p_lname, p.phone as p_phone,
+            -- إحصائيات الراكب
+            (SELECT COUNT(*) FROM ride WHERE passenger_id = p.id AND status = 'Finished') as p_completed,
+
+            -- سبب الإلغاء
+            -- نحاول جلبه من جدول driver_orders (ملاحظات السائق)
+            -- نستخدم COALESCE لجلب 'لا يوجد سبب' إذا كانت القيمة فارغة
+            COALESCE(
+                (SELECT notes FROM driver_orders WHERE order_id = r.id LIMIT 1),
+                'لا يوجد سبب مسجل'
+            ) as cancel_reason
+
+        FROM ride r
+        LEFT JOIN driver d ON r.driver_id = d.id
+        LEFT JOIN passengers p ON r.passenger_id = p.id
+        $whereClause
+        ORDER BY r.id DESC
+        LIMIT 100
+    ";
+
+    $stmt = $con->prepare($sql);
+    $stmt->execute($params);
+    $rides = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    $data = [];
+
+    foreach ($rides as $row) {
+        // فك التشفير
+        try { $row['d_fname'] = $encryptionHelper->decryptData($row['d_fname']); } catch(Exception $e){}
+        try { $row['d_lname'] = $encryptionHelper->decryptData($row['d_lname']); } catch(Exception $e){}
+        try { $row['d_phone'] = $encryptionHelper->decryptData($row['d_phone']); } catch(Exception $e){}
+        
+        try { $row['p_fname'] = $encryptionHelper->decryptData($row['p_fname']); } catch(Exception $e){}
+        try { $row['p_lname'] = $encryptionHelper->decryptData($row['p_lname']); } catch(Exception $e){}
+        try { $row['p_phone'] = $encryptionHelper->decryptData($row['p_phone']); } catch(Exception $e){}
+
+        $row['driver_full_name'] = trim($row['d_fname'] . ' ' . $row['d_lname']);
+        $row['passenger_full_name'] = trim($row['p_fname'] . ' ' . $row['p_lname']);
+        
+        if(empty($row['driver_full_name'])) $row['driver_full_name'] = "Unknown Driver";
+        if(empty($row['passenger_full_name'])) $row['passenger_full_name'] = "Unknown Passenger";
+
+        $data[] = $row;
+    }
+
+    jsonSuccess($data);
+
+} catch (PDOException $e) {
+    jsonError("Database Error: " . $e->getMessage());
+}
+?>
--- a/Admin/rides/monitorRide.php
+++ b/Admin/rides/monitorRide.php
@@ -0,0 +1,150 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+
+// 1. Log the start of the request
+$phone = filterRequest("phone");
+error_log("[MONITOR_RIDE] ---------------- START REQUEST ----------------");
+error_log("[MONITOR_RIDE] 1. Received Phone: " . $phone);
+
+//------------------------------------------------------------------------
+// 1) البحث عن الهاتف أولاً في جدول السائق ثم جدول الراكب
+//------------------------------------------------------------------------
+
+$encPhone = $encryptionHelper->encryptData($phone);
+error_log("[MONITOR_RIDE] 2. Encrypted Phone: " . $encPhone);
+
+// Check Driver Table
+$driverQuery = $con->prepare("SELECT id AS driverID FROM driver WHERE phone = :phone LIMIT 1");
+$driverQuery->execute([':phone' => $encPhone]);
+$driver = $driverQuery->fetch(PDO::FETCH_ASSOC);
+
+// Check Passenger Table
+$customerQuery = $con->prepare("SELECT id AS customerID FROM passengers WHERE phone = :phone LIMIT 1");
+$customerQuery->execute([':phone' => $encPhone]);
+$customer = $customerQuery->fetch(PDO::FETCH_ASSOC);
+
+
+// حدد نوع المستخدم
+$userType = '';
+$driverID = null;
+$customerID = null;
+
+if ($driver) {
+    $userType = 'driver';
+    $driverID = $driver['driverID'];
+    error_log("[MONITOR_RIDE] 3. User Found: Type = DRIVER, ID = " . $driverID);
+} elseif ($customer) {
+    $userType = 'customer';
+    $customerID = $customer['customerID'];
+    error_log("[MONITOR_RIDE] 3. User Found: Type = CUSTOMER, ID = " . $customerID);
+} else {
+    error_log("[MONITOR_RIDE] 3. FAILURE: Phone number not found in Driver or Passenger tables.");
+    jsonError("رقم الهاتف غير موجود في النظام.");
+    exit;
+}
+
+//------------------------------------------------------------------------
+// 2) جلب آخر رحلة حالتها "بدأت" بناءً على نوع المستخدم
+//------------------------------------------------------------------------
+
+if ($userType == 'driver') {
+    error_log("[MONITOR_RIDE] 4. Searching for active ride for Driver ID: " . $driverID);
+    $rideQuery = $con->prepare("
+        SELECT * FROM ride
+        WHERE driver_id = :driverID AND status = 'Begin'
+        ORDER BY id DESC LIMIT 1
+    ");
+    $rideQuery->execute([':driverID' => $driverID]);
+} else {
+    error_log("[MONITOR_RIDE] 4. Searching for active ride for Customer ID: " . $customerID);
+    $rideQuery = $con->prepare("
+        SELECT * FROM ride
+        WHERE passenger_id = :customerID AND status = 'Begin'
+        ORDER BY id DESC LIMIT 1
+    ");
+    $rideQuery->execute([':customerID' => $customerID]);
+}
+
+$ride = $rideQuery->fetch(PDO::FETCH_ASSOC);
+
+if (!$ride) {
+    error_log("[MONITOR_RIDE] 4. FAILURE: No ride with status 'Begin' found.");
+    jsonError("لا توجد رحلة بدأت لهذا المستخدم.");
+    exit;
+} else {
+    error_log("[MONITOR_RIDE] 4. SUCCESS: Active Ride Found. Ride ID: " . $ride['id']);
+}
+
+//------------------------------------------------------------------------
+// 3) جلب معلومات السائق من الرحلة
+//------------------------------------------------------------------------
+
+// FIX 1: Safe assignment of driver ID (checking driverID vs driver_id)
+$rideDriverID = $ride['driverID'] ?? $ride['driver_id'];
+
+error_log("[MONITOR_RIDE] 5. Fetching info for Driver ID from Ride: " . $rideDriverID);
+
+// FIX 2: Select first_name and last_name instead of fullname
+$driverInfoQuery = $con->prepare("
+    SELECT id, first_name, last_name, phone
+    FROM driver 
+    WHERE id = :driverID
+    LIMIT 1
+");
+
+$driverInfoQuery->execute([':driverID' => $rideDriverID]);
+$driverInfo = $driverInfoQuery->fetch(PDO::FETCH_ASSOC);
+
+if ($driverInfo) {
+    // فك التشفير للهاتف
+    $driverInfo['phone'] = $encryptionHelper->decryptData($driverInfo['phone']);
+    
+    // FIX 4: Decrypt First Name and Last Name
+    $driverInfo['first_name'] = $encryptionHelper->decryptData($driverInfo['first_name']);
+    $driverInfo['last_name']  = $encryptionHelper->decryptData($driverInfo['last_name']);
+
+    // Construct fullname for the response
+    $fullName = $driverInfo['first_name'] . " " . $driverInfo['last_name'];
+    $driverInfo['fullname'] = $fullName;
+
+    error_log("[MONITOR_RIDE] 5. Driver Info Found: " . $fullName);
+} else {
+    error_log("[MONITOR_RIDE] 5. WARNING: Driver info not found for ID " . $rideDriverID);
+}
+
+//------------------------------------------------------------------------
+// 4) جلب آخر موقع للسائق من جدول driver_location بشرط الحالة ON
+//------------------------------------------------------------------------
+
+error_log("[MONITOR_RIDE] 6. Querying Tracking DB for Driver ID: " . $rideDriverID);
+
+// FIX 3: Changed ORDER BY id DESC to ORDER BY updated_at DESC
+$locationQuery = $con_tracking->prepare("
+    SELECT latitude, longitude, speed, heading, updated_at 
+    FROM car_locations
+    WHERE driver_id = :driverID AND status = 'ON'
+    ORDER BY updated_at DESC LIMIT 1
+");
+$locationQuery->execute([':driverID' => $rideDriverID]);
+$location = $locationQuery->fetch(PDO::FETCH_ASSOC);
+
+if ($location) {
+    error_log("[MONITOR_RIDE] 6. Location Found: Lat=" . $location['latitude'] . " Lng=" . $location['longitude'] . " Updated=" . $location['updated_at']);
+} else {
+    error_log("[MONITOR_RIDE] 6. WARNING: No live location found (status=ON) or list empty.");
+}
+
+//------------------------------------------------------------------------
+// 5) تجهيز البيانات للرد
+//------------------------------------------------------------------------
+
+$response = [
+    "ride_details"    => $ride,
+    "driver_details" => $driverInfo,
+    "driver_location" => $location ?: "No live location"
+];
+
+error_log("[MONITOR_RIDE] 7. Sending Success Response.");
+jsonSuccess($response);
+
+?>