admin 8

2026-04-30 17:29:33 +03:00
parent 2ca910ec32
commit b602106b79
2 changed files with 26 additions and 11 deletions
--- a/Admin/Staff/add.php
+++ b/Admin/Staff/add.php
@@ -22,26 +22,27 @@ $phone       = filterRequest("phone");
 $email       = filterRequest("email");
 $password    = filterRequest("password");
 $role        = filterRequest("role"); // 'admin' or 'service'
-$fingerprint = filterRequest("fingerprint");
+$fingerprint = filterRequest("fingerprint") ?: '';
 $gender      = filterRequest("gender") ?? 'Male';
-$birthdate   = filterRequest("birthdate");
+$birthdate   = filterRequest("birthdate") ?? date('Y-m-d');
+$site        = filterRequest("site") ?? 'main';

-if (empty($name) || empty($password) || empty($role) || empty($fingerprint)) {
-    jsonError("Missing required fields (name, password, role, fingerprint).");
+if (empty($name) || empty($password) || empty($role)) {
+    jsonError("Missing required fields (name, password, role).");
    exit;
 }

 try {
    $hashedPassword = password_hash($password, PASSWORD_DEFAULT);

-    // تشفير البيانات الحساسة باستخدام الهيلبر العام من bootstrap
+    // تشفير البيانات الحساسة
    $encName  = $encryptionHelper->encryptData($name);
    $encPhone = $encryptionHelper->encryptData($phone);
    $encEmail = $encryptionHelper->encryptData($email);

-    // تشفير البصمة وهش البصمة
-    $encFp    = $encryptionHelper->encryptData($fingerprint);
-    $fpHash   = hash('sha256', $fingerprint);
+    // تشفير البصمة وهش البصمة (إذا تم إرسالها)
+    $encFp    = $fingerprint ? $encryptionHelper->encryptData($fingerprint) : '';
+    $fpHash   = $fingerprint ? hash('sha256', $fingerprint) : '';
    $uniqueId = bin2hex(random_bytes(16));

    if ($role === 'admin') {
@@ -59,8 +60,9 @@ try {
        ]);
    } else {
        // الإضافة لجدول المستخدمين (خدمة العملاء)
-        $sql = "INSERT INTO users (id, fingerprint, fingerprint_hash, phone, email, gender, password, birthdate, user_type, first_name, created_at) 
-                VALUES (:id, :fp, :fp_hash, :phone, :email, :gender, :pass, :bdate, 'service', :fname, NOW())";
+        // أضفنا site و last_name (كقيمة افتراضية فارغة إذا لم تتوفر)
+        $sql = "INSERT INTO users (id, fingerprint, fingerprint_hash, phone, email, gender, password, birthdate, user_type, first_name, last_name, site, created_at) 
+                VALUES (:id, :fp, :fp_hash, :phone, :email, :gender, :pass, :bdate, 'service', :fname, :lname, :site, NOW())";
        $stmt = $con->prepare($sql);
        $stmt->execute([
            ':id'      => $uniqueId,
@@ -71,7 +73,9 @@ try {
            ':gender'  => $gender,
            ':pass'    => $hashedPassword,
            ':bdate'   => $birthdate,
-            ':fname'   => $encName
+            ':fname'   => $encName,
+            ':lname'   => '', // last_name is empty for now
+            ':site'    => $site
        ]);
    }