Initial commit with updated Auth and media ignored

ride/driverWallet/addPaymentToken.php

@@ -0,0 +1,49 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+
+$driverID = filterRequest("driverID");
+$amount = filterRequest("amount");
+
+// Check if required fields are present
+if ($driverID === null || $amount === null) {
+    jsonError("Missing required fields: driverID and amount must be provided");
+    exit;
+}
+
+// Generate a more secure token
+$token = generateSecureToken($driverID, $amount);
+
+// Store the token in the database
+$stmt = $con->prepare("INSERT INTO payment_tokens (token, driverID, dateCreated, amount) VALUES (?, ?, NOW(), ?)");
+
+try {
+    $stmt->execute([$token, $driverID, $amount]);
+    if ($stmt->rowCount() > 0) {
+        jsonSuccess($token);
+    } else {
+        jsonError("Failed to save record");
+    }
+} catch (PDOException $e) {
+    jsonError("Database error: " . $e->getMessage());
+}
+
+function generateSecureToken($driverID, $amount) {
+    global $secretKey;
+    // Concatenate the parameters
+    $data = $driverID . $amount . time();
+
+    // Add the secret key from the environment variable
+    $data .= $secretKey;
+
+    // Generate a hash
+    $hash = hash('sha256', $data);
+
+    // Add some randomness
+    $randomBytes = bin2hex(random_bytes(16));
+
+    // Combine hash and random bytes
+    $token = $hash . $randomBytes;
+
+    // Truncate to a reasonable length (e.g., 64 characters)
+    return substr($token, 0, 64);
+}