admin 3

Admin/Staff/setup.php

@@ -31,23 +31,26 @@ $admins = [
 ];
 
 try {
+    $con->exec("DELETE FROM adminUser");
     foreach ($admins as $admin) {
-        $encName = $encryptionHelper->encryptData($admin['name']);
-        $sql = "INSERT INTO adminUser (id, fingerprint, name, password, role, created_at) 
-                VALUES (UUID(), :fp, :name, :pass, :role, NOW())";
+        $encName  = $encryptionHelper->encryptData($admin['name']);
+        $encFp    = $encryptionHelper->encryptData($admin['fp']);
+        $fpHash   = hash('sha256', $admin['fp']);
+        $uniqueId = bin2hex(random_bytes(16));
+
+        $sql = "INSERT INTO adminUser (id, fingerprint, fingerprint_hash, name, password, role, created_at) 
+                VALUES (:id, :fp, :fp_hash, :name, :pass, :role, NOW())";
         $stmt = $con->prepare($sql);
         $stmt->execute([
-            ':fp'   => $admin['fp'],
-            ':name' => $encName,
-            ':pass' => $hashedPass,
-            ':role' => $admin['role']
+            ':id'      => $uniqueId,
+            ':fp'      => $encFp,
+            ':fp_hash' => $fpHash,
+            ':name'    => $encName,
+            ':pass'    => $hashedPass,
+            ':role'    => $admin['role']
         ]);
     }
-
     echo "<h1>Initialization Successful</h1>";
-    echo "<p>Admins created successfully with password: <b>$password</b></p>";
-    echo "<p>Please delete this file (setup.php) immediately for security.</p>";
-
 } catch (Exception $e) {
     echo "Error: " . $e->getMessage();
 }