Initial commit with updated Auth and media ignored

auth/token_passenger/driver/send_otp_driver.php

@@ -0,0 +1,67 @@
+<?php
+// File: send_otp_driver.php   (إصدار بدون RaseelPlus)
+require_once __DIR__ . '/../../../connect.php';
+
+/* 1) توليد رمز التحقق --------------------------------------------------- */
+$otp      = rand(10000, 99999);
+$receiver = filterRequest("receiver");
+
+if (empty($receiver)) {
+    jsonError('Phone number is required.');
+    exit();
+}
+
+/* 2) نص الرسالة وإرسالها عبر دالتك الجديدة ------------------------------ */
+$messageBody = "رمز التحقق الخاص بك لتطبيق انطلق درايفر هو: " . $otp;
+
+/**
+ * نفترض أن sendWhatsAppFromServer() تُرجع:
+ *   [
+ *      'success' => true/false,
+ *      'message' => 'Message sent successfully!',
+ *      'details' => ['status' => 'PENDING' | 'SENT' | …]
+ *   ]
+ */
+$raw       = sendWhatsAppFromServer($receiver, $messageBody);
+$response  = is_string($raw) ? json_decode($raw, true) : (array) $raw;
+
+$sentOK    = $response['success'] ?? false;
+$waStatus  = $response['details']['status'] ?? '';
+
+if ($sentOK ) {
+
+    /* 3) تشفير البيانات وحفظها في DB ----------------------------------- */
+    $receiver_enc = $encryptionHelper->encryptData($receiver);
+    $otp_enc      = $encryptionHelper->encryptData($otp);
+
+    $exp = date('Y-m-d H:i:s', strtotime('+5 minutes'));
+    $now = date('Y-m-d H:i:s');
+
+    try {
+        // حذف رموز قديمة
+        $con->prepare("DELETE FROM token_verification_driver WHERE phone_number = ?")
+            ->execute([$receiver_enc]);
+
+        $stmt = $con->prepare("
+            INSERT INTO token_verification_driver
+                (phone_number, token, expiration_time, verified, created_at)
+            VALUES (?, ?, ?, 0, ?)
+        ");
+        $stmt->execute([$receiver_enc, $otp_enc, $exp, $now]);
+
+        jsonSuccess(null, 'OTP sent and saved successfully');
+
+    } catch (PDOException $e) {
+        jsonError('OTP sent but failed to save to database');
+    }
+
+} else {
+    $errMsg = $response['message'] ?? 'Unknown error';
+    jsonError('Failed to send OTP: ' . $errMsg);
+}
+
+/* -----------------------------------------------------------------------
+ * أبقينا callAPI() فقط إذا كان يُستخدم في ملفات أخرى – احذفه إن شئت.
+ * --------------------------------------------------------------------- */
+function callAPI($method, $url, $data) { /* … */ }
+?>

auth/token_passenger/driver/verify_otp_driver.php

@@ -0,0 +1,81 @@
+<?php
+require_once __DIR__ . '/../../../connect.php';
+
+$phoneNumber = filterRequest("phone_number");
+$otp = filterRequest("otp");
+
+if (empty($phoneNumber) || empty($otp)) {
+    jsonError("Phone number and OTP are required.");
+    exit();
+}
+
+$phoneNumber_encrypted = $encryptionHelper->encryptData($phoneNumber);
+$otp_encrypted = $encryptionHelper->encryptData($otp);
+
+try {
+    $stmt = $con->prepare("
+        SELECT * FROM token_verification_driver 
+        WHERE phone_number = ? AND token = ?
+    ");
+    $stmt->execute([$phoneNumber_encrypted, $otp_encrypted]);
+    $result = $stmt->fetch(PDO::FETCH_ASSOC);
+
+    if ($result) {
+        $expiration_time = strtotime($result['expiration_time']);
+
+        if (time() <= $expiration_time) {
+            $con->prepare("UPDATE token_verification_driver SET verified = 1 WHERE id = ?")
+                ->execute([$result['id']]);
+
+            $driverStmt = $con->prepare("SELECT id FROM driver WHERE phone = ?");
+            $driverStmt->execute([$phoneNumber_encrypted]);
+            $driver = $driverStmt->fetch(PDO::FETCH_ASSOC);
+
+            if ($driver) {
+                $driverID = $driver['id'];
+                $newToken = filterRequest("token");
+                $fingerPrint = filterRequest("fingerPrint");
+
+                if ($newToken && $fingerPrint) {
+                    $tokenEncrypted = $encryptionHelper->encryptData($newToken);
+
+                    $checkTokenStmt = $con->prepare("SELECT id FROM driverToken WHERE captain_id = ?");
+                    $checkTokenStmt->execute([$driverID]);
+
+                    if ($checkTokenStmt->rowCount() > 0) {
+                        $con->prepare("UPDATE driverToken SET token = ?, fingerPrint = ? WHERE captain_id = ?")
+                            ->execute([$tokenEncrypted, $fingerPrint, $driverID]);
+                    } else {
+                        $con->prepare("INSERT INTO driverToken (token, fingerPrint, captain_id, created_at) VALUES (?, ?, ?, NOW())")
+                            ->execute([$tokenEncrypted, $fingerPrint, $driverID]);
+                    }
+
+                    $response = [
+                        "message" => "Driver token verified and updated.",
+                        "isRegistered" => true,
+                        "driverID" => $driverID
+                    ];
+                    jsonSuccess($response);
+
+                } else {
+                    jsonError("Token or fingerprint missing.");
+                }
+
+            } else {
+                printSuccess([
+                    "message" => "Phone verified, but driver not found.",
+                    "isRegistered" => false
+                ]);
+            }
+
+        } else {
+            jsonError("OTP expired. Request a new one.");
+        }
+
+    } else {
+        jsonError("Invalid OTP.");
+    }
+
+} catch (PDOException $e) {
+    jsonError("Database error occurred.");
+}