admin 8

Admin/Staff/add.php

@@ -22,26 +22,27 @@ $phone       = filterRequest("phone");
 $email       = filterRequest("email");
 $password    = filterRequest("password");
 $role        = filterRequest("role"); // 'admin' or 'service'
-$fingerprint = filterRequest("fingerprint");
+$fingerprint = filterRequest("fingerprint") ?: '';
 $gender      = filterRequest("gender") ?? 'Male';
-$birthdate   = filterRequest("birthdate");
+$birthdate   = filterRequest("birthdate") ?? date('Y-m-d');
+$site        = filterRequest("site") ?? 'main';
 
-if (empty($name) || empty($password) || empty($role) || empty($fingerprint)) {
-    jsonError("Missing required fields (name, password, role, fingerprint).");
+if (empty($name) || empty($password) || empty($role)) {
+    jsonError("Missing required fields (name, password, role).");
     exit;
 }
 
 try {
     $hashedPassword = password_hash($password, PASSWORD_DEFAULT);
 
-    // تشفير البيانات الحساسة باستخدام الهيلبر العام من bootstrap
+    // تشفير البيانات الحساسة
     $encName  = $encryptionHelper->encryptData($name);
     $encPhone = $encryptionHelper->encryptData($phone);
     $encEmail = $encryptionHelper->encryptData($email);
 
-    // تشفير البصمة وهش البصمة
-    $encFp    = $encryptionHelper->encryptData($fingerprint);
-    $fpHash   = hash('sha256', $fingerprint);
+    // تشفير البصمة وهش البصمة (إذا تم إرسالها)
+    $encFp    = $fingerprint ? $encryptionHelper->encryptData($fingerprint) : '';
+    $fpHash   = $fingerprint ? hash('sha256', $fingerprint) : '';
     $uniqueId = bin2hex(random_bytes(16));
 
     if ($role === 'admin') {
@@ -59,8 +60,9 @@ try {
         ]);
     } else {
         // الإضافة لجدول المستخدمين (خدمة العملاء)
-        $sql = "INSERT INTO users (id, fingerprint, fingerprint_hash, phone, email, gender, password, birthdate, user_type, first_name, created_at) 
-                VALUES (:id, :fp, :fp_hash, :phone, :email, :gender, :pass, :bdate, 'service', :fname, NOW())";
+        // أضفنا site و last_name (كقيمة افتراضية فارغة إذا لم تتوفر)
+        $sql = "INSERT INTO users (id, fingerprint, fingerprint_hash, phone, email, gender, password, birthdate, user_type, first_name, last_name, site, created_at) 
+                VALUES (:id, :fp, :fp_hash, :phone, :email, :gender, :pass, :bdate, 'service', :fname, :lname, :site, NOW())";
         $stmt = $con->prepare($sql);
         $stmt->execute([
             ':id'      => $uniqueId,
@@ -71,7 +73,9 @@ try {
             ':gender'  => $gender,
             ':pass'    => $hashedPassword,
             ':bdate'   => $birthdate,
-            ':fname'   => $encName
+            ':fname'   => $encName,
+            ':lname'   => '', // last_name is empty for now
+            ':site'    => $site
         ]);
     }
 

check_users_cols.php

@@ -0,0 +1,11 @@
+<?php
+require_once 'connect.php';
+
+try {
+    $stmt = $con->query("DESCRIBE users");
+    $cols = $stmt->fetchAll(PDO::FETCH_ASSOC);
+    echo json_encode($cols, JSON_PRETTY_PRINT);
+} catch (Exception $e) {
+    echo $e->getMessage();
+}
+?>