Initial commit with updated Auth and media ignored

2026-04-28 13:04:27 +03:00
commit 67af97474c
477 changed files with 66444 additions and 0 deletions
--- a/ride/passengerWallet/add.php
+++ b/ride/passengerWallet/add.php
@@ -0,0 +1,32 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+$passenger_id = filterRequest("passenger_id");
+$balance = filterRequest("balance");
+$token = filterRequest("token");
+
+
+// Retrieve token details from the database
+$stmt = $con->prepare("SELECT * FROM payment_tokens_passenger WHERE token = :token AND isUsed = FALSE");
+$stmt->execute([':token' => $token]);
+
+$tokenData = $stmt->fetch();
+
+if ($tokenData) {
+    // Insert into passengerWallet securely using prepared statements
+    $sql = "INSERT INTO `passengerWallet` (`passenger_id`, `balance`) VALUES (:passenger_id, :balance)";
+    $stmt = $con->prepare($sql);
+    $stmt->execute([':passenger_id' => $passenger_id, ':balance' => $balance]);
+
+    if ($stmt->rowCount() > 0) {
+        // Mark the token as used
+        $updateTokenStmt = $con->prepare("UPDATE payment_tokens_passenger SET isUsed = TRUE WHERE token = :token");
+        $updateTokenStmt->execute([':token' => $token]);
+        
+        jsonSuccess(null, "Wallet record created successfully");
+    } else {
+        jsonError("Failed to create wallet record");
+    }
+} else {
+    jsonError("Invalid or already used token");
+}
+?>
--- a/ride/passengerWallet/addPaymentTokenPassenger.php
+++ b/ride/passengerWallet/addPaymentTokenPassenger.php
@@ -0,0 +1,53 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+
+$passengerId = filterRequest("passengerId");
+$amount = filterRequest("amount");
+
+// Check if required fields are present
+if ($passengerId === null || $amount === null) {
+    jsonError("Missing required fields: passengerId and amount must be provided");
+    exit;
+}
+
+// Generate the token using current time
+$token = generateSecureToken($passengerId, $amount, date('Y-m-d H:i:s', time()));
+
+// Store the token in the database, using NOW() for dateCreated
+$stmt = $con->prepare("INSERT INTO payment_tokens_passenger (token, passengerId, dateCreated, amount) VALUES (?, ?, NOW(), ?)");
+
+try {
+    $stmt->execute([$token, $passengerId, $amount]);
+    if ($stmt->rowCount() > 0) {
+        jsonSuccess($token);
+    } else {
+        jsonError("Failed to save record");
+    }
+} catch (PDOException $e) {
+    jsonError("Database error: " . $e->getMessage());
+}
+
+// Rest of your code including the generateSecureToken function...
+
+// Rest of your code including the generateSecureToken function...
+
+function generateSecureToken($passengerId, $amount, $dateCreated) {
+    global $secretKey;
+    // Concatenate the parameters
+    $data = $passengerId . $amount . $dateCreated;
+
+    // Add the secret key from the environment variable
+    $data .= $secretKey;
+
+    // Generate a hash
+    $hash = hash('sha256', $data);
+
+    // Add some randomness
+    $randomBytes = bin2hex(random_bytes(16));
+
+    // Combine hash and random bytes
+    $token = $hash . $randomBytes;
+
+    // Truncate to a reasonable length (e.g., 64 characters)
+    return substr($token, 0, 64);
+}
--- a/ride/passengerWallet/delete.php
+++ b/ride/passengerWallet/delete.php
@@ -0,0 +1,17 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+
+$id = filterRequest("id");
+
+$sql = "DELETE FROM `passengerWallet` WHERE `id` = '$id'";
+$stmt = $con->prepare($sql);
+$stmt->execute();
+
+if ($stmt->rowCount() > 0) {
+    // Print a success message
+    jsonSuccess($message = "Wallet record deleted successfully");
+} else {
+    // Print a failure message
+    jsonError($message = "Failed to delete wallet record");
+}
+?>
--- a/ride/passengerWallet/error_log
+++ b/ride/passengerWallet/error_log
--- a/ride/passengerWallet/get.php
+++ b/ride/passengerWallet/get.php
@@ -0,0 +1,32 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+$passenger_id = filterRequest("passenger_id");
+
+$sql = "SELECT
+    passengerWallet.`id`,
+    passengerWallet.`passenger_id`,
+    SUM(passengerWallet.balance) AS total,
+    passengers.first_name,
+    passengers.last_name,
+    passengers.phone,
+    passengers.email
+FROM
+    `passengerWallet`
+LEFT JOIN passengers ON passengers.id = passengerWallet.passenger_id
+GROUP BY
+    passenger_id";
+$stmt = $con->prepare($sql);
+$stmt->execute();
+
+if ($stmt->rowCount() > 0) {
+    // Fetch the record
+    $row = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    jsonSuccess($row);
+    
+}
+    else{
+    // Print a failure message
+    jsonError($message = "No wallet record found");
+}
+?>
--- a/ride/passengerWallet/getAllPassengerTransaction.php
+++ b/ride/passengerWallet/getAllPassengerTransaction.php
@@ -0,0 +1,40 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+$passenger_id = filterRequest("passenger_id");
+
+$sql = "SELECT
+    `id`,
+    `passenger_id`,
+    `balance`,
+    `created_at`,
+    `updated_at`,
+    (
+    SELECT
+        SUM(balance)
+    FROM
+        passengerWallet
+    WHERE
+        passenger_id = '$passenger_id'
+) AS total
+FROM
+    `passengerWallet`
+WHERE
+    passenger_id = '$passenger_id'
+GROUP BY
+    `passenger_id`,
+    `id`;";
+$stmt = $con->prepare($sql);
+$stmt->execute();
+
+if ($stmt->rowCount() > 0) {
+    // Fetch the record
+    $row = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    jsonSuccess($row);
+    
+}
+    else{
+    // Print a failure message
+    jsonError($message = "No wallet record found");
+}
+?>
--- a/ride/passengerWallet/getPassengerWalletArchive.php
+++ b/ride/passengerWallet/getPassengerWalletArchive.php
@@ -0,0 +1,30 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+$passenger_id = filterRequest("passenger_id");
+
+$sql = "SELECT
+    passengerWallet.`id`,
+    passengerWallet.balance,
+    passengerWallet.`created_at`
+FROM
+    `passengerWallet`
+WHERE
+    passenger_id = '$passenger_id'AND created_at >= DATE_SUB(NOW(), INTERVAL 1 MONTH)
+ORDER BY
+    `passengerWallet`.`id`
+DESC";
+$stmt = $con->prepare($sql);
+$stmt->execute();
+
+if ($stmt->rowCount() > 0) {
+    // Fetch the record
+    $row = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    jsonSuccess($row);
+    
+}
+    else{
+    // Print a failure message
+    jsonError($message = "No wallet record found");
+}
+?>
--- a/ride/passengerWallet/getWalletByPassenger.php
+++ b/ride/passengerWallet/getWalletByPassenger.php
@@ -0,0 +1,34 @@
+<?php
+require_once __DIR__ . '/../../connect.php';
+$passenger_id = filterRequest("passenger_id");
+
+$sql = "SELECT 
+    COALESCE(pw.`id`, 0) AS id,
+    COALESCE(pw.`passenger_id`, '$passenger_id') AS passenger_id,
+    COALESCE(SUM(pw.balance), 0) AS total,
+    COALESCE(p.first_name, '') AS first_name,
+    COALESCE(p.last_name, '') AS last_name,
+    COALESCE(p.phone, '') AS phone
+FROM 
+    (SELECT '$passenger_id' AS passenger_id) AS dummy
+LEFT JOIN `passengerWallet` pw ON pw.passenger_id = dummy.passenger_id
+LEFT JOIN passengers p ON p.id = pw.passenger_id
+GROUP BY 
+    dummy.passenger_id, pw.id, p.first_name, p.last_name, p.phone
+LIMIT 0, 25;
+";
+$stmt = $con->prepare($sql);
+$stmt->execute();
+
+if ($stmt->rowCount() > 0) {
+    // Fetch the record
+    $row = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    jsonSuccess($row);
+    
+}
+    else{
+    // Print a failure message
+    jsonError($message = "No wallet record found");
+}
+?>
--- a/ride/passengerWallet/update.php
+++ b/ride/passengerWallet/update.php
@@ -0,0 +1,18 @@
+
+<?php
+require_once __DIR__ . '/../../connect.php';
+$id = filterRequest("id");
+$balance = filterRequest("balance");
+
+$sql = "UPDATE `passengerWallet` SET `balance` = '$balance' WHERE `id` = '$id'";
+$stmt = $con->prepare($sql);
+$stmt->execute();
+
+if ($stmt->rowCount() > 0) {
+    // Print a success message
+    jsonSuccess($message = "Wallet record updated successfully");
+} else {
+    // Print a failure message
+    jsonError($message = "Failed to update wallet record");
+}
+?>