Initial commit with updated Auth and media ignored

ride/driverWallet/add.php

@@ -0,0 +1,58 @@
+<?php
+
+// Include the database connection file
+require_once __DIR__ . '/../../connect.php';
+
+// Get the request parameters
+$driverID = filterRequest("driverID");
+$paymentID = filterRequest("paymentID");
+$amount = filterRequest("amount");
+$paymentMethod = filterRequest("paymentMethod");
+$token = filterRequest("token");
+
+// Retrieve token details from the database
+$stmt = $con->prepare("SELECT * FROM payment_tokens WHERE token = :token AND isUsed = FALSE");
+$stmt->execute(array(
+    ':token' => $token
+));
+
+$tokenData = $stmt->fetch();
+
+if ($tokenData) {
+    // Add payment to the driver's wallet table
+    $sql = "INSERT INTO `driverWallet` (
+        `driverID`,
+        `paymentID`,
+        `amount`,
+        `paymentMethod`
+    ) VALUES (
+        :driverID,
+        :paymentID,
+        :amount,
+        :paymentMethod
+    );";
+
+    $stmt = $con->prepare($sql);
+    $stmt->execute(array(
+        ':driverID' => $driverID,
+        ':paymentID' => $paymentID,
+        ':amount' => $amount,
+        ':paymentMethod' => $paymentMethod
+    ));
+
+    if ($stmt->rowCount() > 0) {
+        // Print a success message
+        jsonSuccess(null, "Record saved successfully");
+        
+        // Mark the token as used in the database
+        $stmt = $con->prepare("UPDATE payment_tokens SET isUsed = TRUE WHERE id = :tokenID");
+        $stmt->execute(array(
+            ':tokenID' => $tokenData['id']
+        ));
+    } else {
+        // Print a failure message
+        jsonError("Failed to save record");
+    }
+} else {
+    jsonError("Invalid or already used token");
+}

ride/driverWallet/addPaymentToken.php

@@ -0,0 +1,49 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+
+$driverID = filterRequest("driverID");
+$amount = filterRequest("amount");
+
+// Check if required fields are present
+if ($driverID === null || $amount === null) {
+    jsonError("Missing required fields: driverID and amount must be provided");
+    exit;
+}
+
+// Generate a more secure token
+$token = generateSecureToken($driverID, $amount);
+
+// Store the token in the database
+$stmt = $con->prepare("INSERT INTO payment_tokens (token, driverID, dateCreated, amount) VALUES (?, ?, NOW(), ?)");
+
+try {
+    $stmt->execute([$token, $driverID, $amount]);
+    if ($stmt->rowCount() > 0) {
+        jsonSuccess($token);
+    } else {
+        jsonError("Failed to save record");
+    }
+} catch (PDOException $e) {
+    jsonError("Database error: " . $e->getMessage());
+}
+
+function generateSecureToken($driverID, $amount) {
+    global $secretKey;
+    // Concatenate the parameters
+    $data = $driverID . $amount . time();
+
+    // Add the secret key from the environment variable
+    $data .= $secretKey;
+
+    // Generate a hash
+    $hash = hash('sha256', $data);
+
+    // Add some randomness
+    $randomBytes = bin2hex(random_bytes(16));
+
+    // Combine hash and random bytes
+    $token = $hash . $randomBytes;
+
+    // Truncate to a reasonable length (e.g., 64 characters)
+    return substr($token, 0, 64);
+}

ride/driverWallet/driverStatistic.php

@@ -0,0 +1,46 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+$driverID = filterRequest("driverID");
+
+$sql = "SELECT
+    YEAR(`driver_orders`.`created_at`) AS `year`,
+    MONTH(`driver_orders`.`created_at`) AS `month`,
+    COUNT(*) AS `total_orders`,
+    SUM(CASE WHEN `ride`.`status` = 'Finished' THEN 1 ELSE 0 END) AS `completed_orders`,
+    SUM(CASE WHEN `ride`.`status` = 'Apply' THEN 1 ELSE 0 END) AS `pending_orders`,
+    SUM(CASE WHEN `ride`.`status` = 'Cancel' THEN 1 ELSE 0 END) AS `canceled_orders`,
+    ROUND(SUM(CASE WHEN `ride`.`status` = 'Finished' THEN 1 ELSE 0 END) / COUNT(*) * 100, 2) AS `percent_completed`,
+    ROUND(SUM(CASE WHEN `ride`.`status` = 'Apply' THEN 1 ELSE 0 END) / COUNT(*) * 100, 2) AS `percent_pending`,
+    ROUND(SUM(CASE WHEN `ride`.`status` = 'Cancel' THEN 1 ELSE 0 END) / COUNT(*) * 100, 2) AS `percent_canceled`,
+    SUM(CASE WHEN `ride`.`status` = 'Refused' THEN 1 ELSE 0 END) AS `rejected_orders`,
+    ROUND(SUM(CASE WHEN `ride`.`status` = 'Refused' THEN 1 ELSE 0 END) / COUNT(*) * 100, 2) AS `percent_rejected`
+FROM
+    `driver_orders`
+LEFT JOIN `ride` ON `ride`.`id` = `driver_orders`.`order_id`
+WHERE
+    `driver_orders`.`driver_id` = '$driverID'
+    AND YEAR(`driver_orders`.`created_at`) = YEAR(CURDATE())
+    AND MONTH(`driver_orders`.`created_at`) = MONTH(CURDATE())
+GROUP BY
+    YEAR(`driver_orders`.`created_at`),
+    MONTH(`driver_orders`.`created_at`)
+ORDER BY
+    `year`,
+    `month`;
+
+";
+$stmt = $con->prepare($sql);
+$stmt->execute();
+
+if ($stmt->rowCount() > 0) {
+    // Fetch the record
+    $row = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    jsonSuccess($row);
+    
+}
+    else{
+    // Print a failure message
+    jsonError($message = "No wallet record found");
+}
+?>

ride/driverWallet/get.php

@@ -0,0 +1,42 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+$driverID = filterRequest("driverID");
+
+$sql = "SELECT
+    COALESCE(dw.id, 0) AS id,
+    COALESCE(dw.driverID, '0') AS driverID,
+    COALESCE(dw.paymentID, '0') AS paymentID,
+    COALESCE(dw.dateCreated, '1970-01-01 00:00:00') AS dateCreated,
+    COALESCE(dw.amount, 0) AS amount,
+    COALESCE(dw.paymentMethod, '0') AS paymentMethod,
+    COALESCE(dw.dateUpdated, '1970-01-01 00:00:00') AS dateUpdated,
+    COALESCE((SELECT SUM(amount) FROM driverWallet WHERE driverID = '$driverID'), 0) AS total_amount
+FROM
+    driverWallet dw
+WHERE
+    dw.driverID = '$driverID'
+GROUP BY
+    dw.id,
+    dw.driverID,
+    dw.paymentID,
+    dw.dateCreated,
+    dw.amount,
+    dw.paymentMethod,
+    dw.dateUpdated
+
+     ";
+$stmt = $con->prepare($sql);
+$stmt->execute();
+
+if ($stmt->rowCount() > 0) {
+    // Fetch the record
+    $row = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    jsonSuccess($row);
+    
+}
+    else{
+    // Print a failure message
+    jsonError($message = "No wallet record found");
+}
+?>

ride/driverWallet/getDriverDetails.php

@@ -0,0 +1,34 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+
+$driver_phone = filterRequest("driver_phone");
+
+$sql = "SELECT
+    `driverToken`.`token`,
+    `driver`.`id`,
+    `driver`.`phone`,
+    `driver`.`name_arabic`as name,
+    driver.national_number
+FROM
+    `driverToken`
+LEFT JOIN `driver` ON `driver`.`id` = `driverToken`.`captain_id`
+WHERE
+    `driver`.`phone` = '$driver_phone'";
+
+$stmt = $con->prepare($sql);
+$stmt->execute();
+$data = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+if ($data) {
+    // Print the car location data as JSON
+    echo json_encode([
+            'status' => 'success',
+            
+            'data' => $data
+        ]);
+} else {
+    // Print a failure message
+    jsonError($message = "No car locations found");
+}
+
+?>

ride/driverWallet/getDriverWeekPaymentMove.php

@@ -0,0 +1,37 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+$driverID = filterRequest("driverID");
+
+$sql = "SELECT 
+    `id`, 
+    `driverID`, 
+    `paymentID`, 
+    `dateCreated`, 
+    `amount`, 
+    `paymentMethod`, 
+    `dateUpdated`, 
+    (SELECT SUM(`amount`) 
+     FROM `driverWallet` 
+     WHERE `driverID` = '$driverID' 
+     AND `dateCreated` >= DATE_SUB(NOW(), INTERVAL 1 WEEK)
+    ) AS totalAmount
+FROM `driverWallet`
+WHERE `driverID` = '$driverID'
+AND `dateCreated` >= DATE_SUB(NOW(), INTERVAL 1 WEEK)
+ORDER BY `dateCreated` DESC;
+";
+$stmt = $con->prepare($sql);
+$stmt->execute();
+
+if ($stmt->rowCount() > 0) {
+    // Fetch the record
+    $row = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    jsonSuccess($row);
+    
+}
+    else{
+    // Print a failure message
+    jsonError($message = "No wallet record found");
+}
+?>

ride/driverWallet/getWalletByDriver.php

@@ -0,0 +1,30 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+$driverID = filterRequest("driverID");
+
+$sql = "SELECT
+    paymentsDriverPoints.`id`,
+    paymentsDriverPoints.amount,
+    paymentsDriverPoints.created_at
+FROM
+    `paymentsDriverPoints`
+WHERE
+    paymentsDriverPoints.driverID = '$driverID' AND paymentsDriverPoints.created_at >= DATE_SUB(NOW(), INTERVAL 1 MONTH)
+ORDER BY
+    `paymentsDriverPoints`.`id`
+DESC";
+$stmt = $con->prepare($sql);
+$stmt->execute();
+
+if ($stmt->rowCount() > 0) {
+    // Fetch the record
+    $row = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    jsonSuccess($row);
+    
+}
+    else{
+    // Print a failure message
+    jsonError($message = "No wallet record found");
+}
+?>

ride/driverWallet/sendEmailTransfer.php

@@ -0,0 +1,122 @@
+<?php
+
+// Connect to database
+require_once __DIR__ . '/../../connect.php';
+
+// Get trip details
+$driverName = filterRequest('name');
+$driverEmail = filterRequest('email');
+$driverPhone = filterRequest('phone');
+$amount = filterRequest('amount');
+$newDriverName = filterRequest('newDriver');
+$newEmail=filterRequest('newEmail');
+
+// Get language preference from database or user input
+$language = 'en'; // Default to English
+// Email content
+if ($language === 'ar') {
+  $bodyEmail = "<html>
+    <head>
+      <style>
+        body {
+          font-family: Arial, sans-serif;
+          background-color: #f5f8fa;
+          color: #14171a;
+        }
+        .container {
+          max-width: 600px;
+          margin: 0 auto;
+          padding: 20px;
+          background-color: white;
+          border-radius: 5px;
+          box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
+        }
+        h1 {
+          color: #1da1f2;
+          margin-top: 0;
+        }
+        p {
+          line-height: 1.5;
+        }
+        a {
+          color: #1da1f2;
+          text-decoration: none;
+        }
+        a:hover {
+          text-decoration: underline;
+        }
+      </style>
+    </head>
+    <body>
+      <div class='container'>
+        <h1>تفاصيل نقلك على سفر</h1>
+        <p>شكراً لاستخدام خدمتنا. نتمنى لك يوماً رائعاً!</p>
+        <p>نريد إعلامك أن مبلغ $amount تم نقله من حسابك إلى السائق الجديد، $newDriverName (هاتف: $driverPhone).</p>
+        <p>مع خالص التحية،<br> فريق سفر</p>
+      </div>
+    </body>
+  </html>";
+} else {
+  $bodyEmail = "<html>
+    <head>
+      <style>
+        body {
+          font-family: Arial, sans-serif;
+          background-color: #f5f8fa;
+          color: #14171a;
+        }
+        .container {
+          max-width: 600px;
+          margin: 0 auto;
+          padding: 20px;
+          background-color: white;
+          border-radius: 5px;
+          box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
+        }
+        h1 {
+          color: #1da1f2;
+          margin-top: 0;
+        }
+        p {
+          line-height: 1.5;
+        }
+        a {
+          color: #1da1f2;
+          text-decoration: none;
+        }
+        a:hover {
+          text-decoration: underline;
+        }
+      </style>
+    </head>
+    <body>
+      <div class='container'>
+      <img src='https://lh3.googleusercontent.com/a/ACg8ocLe5TgvmTjoFx7KjIoWGxX0G2ryKBTzUZi2-mBYb9DI1dsKQ0WEYh5ZPdnA3WeFbp9VnaTNzJuA0w8S4RiQ7042AKrOwXo3=s576-c-no' alt='SEFER App Logo' style='width: 150px; margin: 20px auto; display: block;'>
+
+        <h1>Your SEFER Transfer Details</h1>
+        <p>Thank you for using our service. We hope you have a great day!</p>
+        <p>We want to inform you that an amount of $amount has been transferred from your account to the new driver: $newDriverName (Phone: $driverPhone).</p>
+        <p>Regards,<br> SEFER Team</p>
+      </div>
+    </body>
+  </html>";
+}
+
+// Email headers
+$supportEmail = 'seferteam@sefer.live';
+$headers = "MIME-Version: 1.0\r\n";
+$headers .= "Content-Type: text/html; charset=UTF-8\r\n";
+$headers .= "From: $supportEmail\r\n";
+
+// Send email
+if (!empty($driverEmail)) {
+  if (mail($driverEmail, "Your SEFER Transfer Details", $bodyEmail, $headers)) {
+   
+    mail($newEmail, "Your SEFER Transfer Details", $bodyEmail, $headers);
+     echo "Email sent successfully.";
+  } else {
+    echo "Email sending failed.";
+  }
+} else {
+  echo "Invalid email address: $driverEmail";
+}