Hamza/intaleq_v3_pure_php
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit with updated Auth and media ignored

Browse Source
This commit is contained in:
Hamza-Ayed
2026-04-28 13:04:27 +03:00
commit 67af97474c
477 changed files with 66444 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

67
auth/token_passenger/driver/send_otp_driver.php Executable file
View File

@@ -0,0 +1,67 @@
<?php
// File: send_otp_driver.php (إصدار بدون RaseelPlus)
require_once __DIR__ . '/../../../connect.php';
/* 1) توليد رمز التحقق --------------------------------------------------- */
$otp = rand(10000, 99999);
$receiver = filterRequest("receiver");
if (empty($receiver)) {
jsonError('Phone number is required.');
exit();
}
/* 2) نص الرسالة وإرسالها عبر دالتك الجديدة ------------------------------ */
$messageBody = "رمز التحقق الخاص بك لتطبيق انطلق درايفر هو: " . $otp;
/**
* نفترض أن sendWhatsAppFromServer() تُرجع:
* [
* 'success' => true/false,
* 'message' => 'Message sent successfully!',
* 'details' => ['status' => 'PENDING' | 'SENT' | …]
* ]
*/
$raw = sendWhatsAppFromServer($receiver, $messageBody);
$response = is_string($raw) ? json_decode($raw, true) : (array) $raw;
$sentOK = $response['success'] ?? false;
$waStatus = $response['details']['status'] ?? '';
if ($sentOK ) {
/* 3) تشفير البيانات وحفظها في DB ----------------------------------- */
$receiver_enc = $encryptionHelper->encryptData($receiver);
$otp_enc = $encryptionHelper->encryptData($otp);
$exp = date('Y-m-d H:i:s', strtotime('+5 minutes'));
$now = date('Y-m-d H:i:s');
try {
// حذف رموز قديمة
$con->prepare("DELETE FROM token_verification_driver WHERE phone_number = ?")
->execute([$receiver_enc]);
$stmt = $con->prepare("
INSERT INTO token_verification_driver
(phone_number, token, expiration_time, verified, created_at)
VALUES (?, ?, ?, 0, ?)
");
$stmt->execute([$receiver_enc, $otp_enc, $exp, $now]);
jsonSuccess(null, 'OTP sent and saved successfully');
} catch (PDOException $e) {
jsonError('OTP sent but failed to save to database');
}
} else {
$errMsg = $response['message'] ?? 'Unknown error';
jsonError('Failed to send OTP: ' . $errMsg);
}
/* -----------------------------------------------------------------------
* أبقينا callAPI() فقط إذا كان يُستخدم في ملفات أخرى احذفه إن شئت.
* --------------------------------------------------------------------- */
function callAPI($method, $url, $data) { /* … */ }
?>

81
auth/token_passenger/driver/verify_otp_driver.php Executable file
View File

@@ -0,0 +1,81 @@
<?php
require_once __DIR__ . '/../../../connect.php';
$phoneNumber = filterRequest("phone_number");
$otp = filterRequest("otp");
if (empty($phoneNumber) || empty($otp)) {
jsonError("Phone number and OTP are required.");
exit();
}
$phoneNumber_encrypted = $encryptionHelper->encryptData($phoneNumber);
$otp_encrypted = $encryptionHelper->encryptData($otp);
try {
$stmt = $con->prepare("
SELECT * FROM token_verification_driver
WHERE phone_number = ? AND token = ?
");
$stmt->execute([$phoneNumber_encrypted, $otp_encrypted]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result) {
$expiration_time = strtotime($result['expiration_time']);
if (time() <= $expiration_time) {
$con->prepare("UPDATE token_verification_driver SET verified = 1 WHERE id = ?")
->execute([$result['id']]);
$driverStmt = $con->prepare("SELECT id FROM driver WHERE phone = ?");
$driverStmt->execute([$phoneNumber_encrypted]);
$driver = $driverStmt->fetch(PDO::FETCH_ASSOC);
if ($driver) {
$driverID = $driver['id'];
$newToken = filterRequest("token");
$fingerPrint = filterRequest("fingerPrint");
if ($newToken && $fingerPrint) {
$tokenEncrypted = $encryptionHelper->encryptData($newToken);
$checkTokenStmt = $con->prepare("SELECT id FROM driverToken WHERE captain_id = ?");
$checkTokenStmt->execute([$driverID]);
if ($checkTokenStmt->rowCount() > 0) {
$con->prepare("UPDATE driverToken SET token = ?, fingerPrint = ? WHERE captain_id = ?")
->execute([$tokenEncrypted, $fingerPrint, $driverID]);
} else {
$con->prepare("INSERT INTO driverToken (token, fingerPrint, captain_id, created_at) VALUES (?, ?, ?, NOW())")
->execute([$tokenEncrypted, $fingerPrint, $driverID]);
}
$response = [
"message" => "Driver token verified and updated.",
"isRegistered" => true,
"driverID" => $driverID
];
jsonSuccess($response);
} else {
jsonError("Token or fingerprint missing.");
}
} else {
printSuccess([
"message" => "Phone verified, but driver not found.",
"isRegistered" => false
]);
}
} else {
jsonError("OTP expired. Request a new one.");
}
} else {
jsonError("Invalid OTP.");
}
} catch (PDOException $e) {
jsonError("Database error occurred.");
}

65
auth/token_passenger/send_otp.php Executable file
View File

@@ -0,0 +1,65 @@
<?php
// File: send_otp.php (بديل عن النسخة المعتمدة على RaseelPlus)
require_once __DIR__ . '/../../connect.php';
/* 1) توليد رمز التحقق */
$otp = rand(10000, 99999);
$receiver = filterRequest("receiver");
if (empty($receiver)) {
jsonError('Phone number is required.');
exit();
}
/* 2) نصّ الرسالة وإرسالها عبر دالتك الجديدة */
$messageBody = "Your verification code for Intaleq is: " . $otp;
$raw = sendWhatsAppFromServer($receiver, $messageBody);
$response = is_string($raw) ? json_decode($raw, true) : (array) $raw;
/*
* نتوقع بنية مثل:
* [
* 'success' => true,
* 'details' => ['status' => 'PENDING' | 'SENT' | …]
* ]
*/
$sentOK = $response['success'] ?? false;
$statusOK = in_array($response['details']['status'] ?? '', ['PENDING', 'SENT', 'DELIVERED'], true);
if ($sentOK ) {
/* 3) تشفير البيانات وحفظ الرمز في قاعدة البيانات */
$receiver_enc = $encryptionHelper->encryptData($receiver);
$otp_enc = $encryptionHelper->encryptData($otp);
$exp = date('Y-m-d H:i:s', strtotime('+5 minutes'));
$now = date('Y-m-d H:i:s');
try {
$con->prepare("DELETE FROM token_verification WHERE phone_number = ?")
->execute([$receiver_enc]);
$stmt = $con->prepare("
INSERT INTO token_verification
(phone_number, token, expiration_time, verified, created_at)
VALUES (?, ?, ?, 0, ?)
");
$stmt->execute([$receiver_enc, $otp_enc, $exp, $now]);
jsonSuccess(null, 'OTP sent and saved successfully');
} catch (PDOException $e) {
jsonError('OTP sent but failed to save to database');
}
} else {
$errMsg = $response['message'] ?? 'Unknown error';
jsonError('Failed to send OTP: ' . $errMsg);
}
/* -----------------------------------------------------------------
* يمكن حذف callAPI() تمامًا إن لم يعد مستخدمًا في أي ملف آخر.
* ---------------------------------------------------------------- */
function callAPI($method, $url, $data) { /* … (أبقِها أو احذفها) */ }
?>

80
auth/token_passenger/verify_otp.php Executable file
View File

@@ -0,0 +1,80 @@
<?php
// File: verify_otp.php (with enhanced logging)
// intaleq_v1/auth/token_passenger
require_once __DIR__ . '/../../connect.php';
// --- Start of Script Execution ---
error_log("--- [verify_otp.php] Script execution started. ---");
$phoneNumber = filterRequest("phone_number");
$otp = filterRequest("otp");
// Log received data for debugging. Be mindful of logging sensitive data in production.
error_log("[verify_otp.php] Received phone_number: $phoneNumber | Received otp: $otp");
if (empty($phoneNumber) || empty($otp)) {
error_log("[verify_otp.php] Error: Phone number or OTP is empty.");
jsonError("Phone number and OTP are required.");
exit();
}
$phoneNumber_encrypted = $encryptionHelper->encryptData($phoneNumber);
$otp_encrypted = $encryptionHelper->encryptData($otp);
try {
// 1. التحقق من Redis بدلاً من MySQL
if (!$redis) {
jsonError("Security service unavailable");
exit;
}
$cachedOtp = $redis->get("otp:passenger:$phoneNumber");
if ($cachedOtp && $cachedOtp == $otp) {
// ننجح في التحقق ونحذف المفتاح من Redis لمنع استخدامه مرة أخرى (One-time use)
$redis->del("otp:passenger:$phoneNumber");
error_log("[verify_otp.php] OTP verified via Redis for phone: $phoneNumber");
// 2. التحقق من وجود الراكب في قاعدة البيانات
$passengerStmt = $con->prepare("SELECT id FROM passengers WHERE phone = ?");
$passengerStmt->execute([$phoneNumber_encrypted]);
$passenger = $passengerStmt->fetch(PDO::FETCH_ASSOC);
if ($passenger) {
$passengerID = $passenger['id'];
// تحديث التوكن والبصمة إن وجدا
$newToken = filterRequest("token");
$fingerPrint = filterRequest("fingerPrint");
if ($newToken && $fingerPrint) {
$tokenEncrypted = $encryptionHelper->encryptData($newToken);
$updateTokenStmt = $con->prepare("UPDATE tokens SET token = ?, fingerPrint = ? WHERE passengerID = ?");
$updateTokenStmt->execute([$tokenEncrypted, $fingerPrint, $passengerID]);
}
printSuccess([
"message" => "Token verified and updated.",
"isRegistered" => true,
"passengerID" => $passengerID
]);
} else {
printSuccess([
"message" => "Phone verified, passenger not found.",
"isRegistered" => false
]);
}
} else {
error_log("[verify_otp.php] Invalid or expired OTP for phone: $phoneNumber");
jsonError("Invalid or expired OTP.");
}
} catch (Exception $e) {
// Log the detailed database error message for debugging.
error_log("[verify_otp.php] FATAL DATABASE ERROR: " . $e->getMessage());
jsonError("Database error: " . $e->getMessage());
}
?>