add new features like realtime 2026-05-29-22
This commit is contained in:
Hamza-Ayed
@@ -6,6 +6,7 @@ require_once __DIR__ . '/../../connect.php';
|
||||
error_log("[Auth_Debug] Start processing phone verification request.");
|
||||
|
||||
$phoneNumber = filterRequest("phone_number");
|
||||
$otp = filterRequest("otp");
|
||||
|
||||
if (!$phoneNumber) {
|
||||
error_log("[Auth_Error] Phone number is missing in the request.");
|
||||
@@ -13,35 +14,60 @@ if (!$phoneNumber) {
|
||||
exit();
|
||||
}
|
||||
|
||||
// تسجيل الرقم (مشفر أو عادي حسب الحاجة، يفضل عدم تسجيله عادي لأسباب الخصوصية لكن هنا للتوضيح)
|
||||
error_log("[Auth_Debug] Received phone number (Masked): " . substr($phoneNumber, 0, 7) . "*****");
|
||||
if (!$otp) {
|
||||
error_log("[Auth_Error] OTP is missing in the request.");
|
||||
jsonError("OTP is required");
|
||||
exit();
|
||||
}
|
||||
|
||||
// تسجيل الرقم
|
||||
error_log("[Auth_Debug] Received phone number (Masked): " . substr($phoneNumber, 0, 7) . "***** | OTP: " . $otp);
|
||||
|
||||
// تشفير رقم الهاتف
|
||||
$phoneNumber_encrypted = $encryptionHelper->encryptData($phoneNumber);
|
||||
error_log("[Auth_Debug] Phone number encrypted successfully.");
|
||||
|
||||
try {
|
||||
// ✅ 1. حذف أي رموز قديمة لنفس الرقم
|
||||
// ✅ 1. التحقق من السجل المخزن في قاعدة البيانات
|
||||
$stmtSelect = $con->prepare("SELECT * FROM phone_verification_passenger WHERE phone_number = ? ORDER BY created_at DESC LIMIT 1");
|
||||
$stmtSelect->execute([$phoneNumber_encrypted]);
|
||||
$record = $stmtSelect->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
if (!$record) {
|
||||
error_log("[Auth_Error] No verification record found for this number.");
|
||||
jsonError("Verification session not found. Please request a new code.");
|
||||
exit();
|
||||
}
|
||||
|
||||
// ✅ 2. فك تشفير ومقارنة الرمز
|
||||
$decryptedOtp = $encryptionHelper->decryptData($record['token']);
|
||||
if ($decryptedOtp !== $otp) {
|
||||
error_log("[Auth_Error] OTP mismatch. Expected: $decryptedOtp, Got: $otp");
|
||||
jsonError("Invalid verification code.");
|
||||
exit();
|
||||
}
|
||||
|
||||
// ✅ 3. التحقق من الصلاحية (خلال 5 دقائق)
|
||||
$now = date('Y-m-d H:i:s');
|
||||
if ($record['expiration_time'] && $record['expiration_time'] < $now) {
|
||||
error_log("[Auth_Error] OTP expired.");
|
||||
jsonError("Verification code has expired. Please request a new one.");
|
||||
exit();
|
||||
}
|
||||
|
||||
// ✅ 4. حذف السجلات القديمة وإدخال سجل مؤكد (verified = 1)
|
||||
error_log("[Auth_Step_1] Deleting old verification records for this phone...");
|
||||
|
||||
$stmtDelete = $con->prepare("DELETE FROM phone_verification_passenger WHERE phone_number = ?");
|
||||
$stmtDelete->execute([$phoneNumber_encrypted]);
|
||||
|
||||
error_log("[Auth_Step_1] Old records deleted (if any).");
|
||||
|
||||
// ✅ 2. إدخال سجل جديد مع تحقق مباشر (بدون OTP)
|
||||
$now = date('Y-m-d H:i:s');
|
||||
error_log("[Auth_Step_2] Inserting new verified record at: " . $now);
|
||||
|
||||
$stmt = $con->prepare("
|
||||
$stmtInsert = $con->prepare("
|
||||
INSERT INTO phone_verification_passenger (phone_number, token, expiration_time, verified, created_at)
|
||||
VALUES (?, NULL, NULL, 1, ?)
|
||||
");
|
||||
$stmt->execute([$phoneNumber_encrypted, $now]);
|
||||
|
||||
error_log("[Auth_Step_2] New record inserted successfully.");
|
||||
$stmtInsert->execute([$phoneNumber_encrypted, $now]);
|
||||
error_log("[Auth_Step_1] Inserted verified record.");
|
||||
|
||||
// ✅ 3. فحص هل الراكب موجود مسبقاً
|
||||
// ✅ 5. فحص هل الراكب موجود مسبقاً
|
||||
error_log("[Auth_Step_3] Checking if passenger exists in passengers table...");
|
||||
|
||||
$checkPassengerStmt = $con->prepare("
|
||||
@@ -70,24 +96,19 @@ try {
|
||||
error_log("[Auth_Result] Passenger Not Found. Treating as new user.");
|
||||
|
||||
printSuccess([
|
||||
"message" => "Phone number verified automatically (no OTP required).",
|
||||
"message" => "Phone number verified successfully.",
|
||||
"isRegistered" => false
|
||||
]);
|
||||
}
|
||||
|
||||
} catch (PDOException $e) {
|
||||
// تسجيل الخطأ بالتفصيل في ملف اللوج
|
||||
error_log("[Auth_DB_Exception] Error: " . $e->getMessage() . " | File: " . $e->getFile() . " | Line: " . $e->getLine());
|
||||
|
||||
// طباعة رسالة الخطأ للمستخدم (يفضل عدم إظهار تفاصيل الـ SQL للمستخدم النهائي لأسباب أمنية)
|
||||
jsonError("Database error occurred. Please contact support.");
|
||||
} catch (Exception $e) {
|
||||
// التقاط أي أخطاء عامة أخرى
|
||||
error_log("[Auth_General_Exception] Error: " . $e->getMessage());
|
||||
jsonError("An unexpected error occurred.");
|
||||
}
|
||||
|
||||
// تسجيل نهاية الطلب
|
||||
error_log("[Auth_Debug] Request processing finished.");
|
||||
|
||||
?>
|
||||
Reference in New Issue
Block a user