88 lines
3.5 KiB
PHP
88 lines
3.5 KiB
PHP
<?php
|
|
/**
|
|
* Admin/Staff/add.php
|
|
* إضافة موظف جديد (أدمن أو خدمة عملاء) مع تشفير البيانات وحفظ بصمة الجهاز
|
|
*/
|
|
require_once __DIR__ . '/../../core/bootstrap.php';
|
|
|
|
$con = Database::get('main');
|
|
|
|
// التحقق من الصلاحيات: فقط المشرفين يمكنهم الإضافة
|
|
// إذا لم يكن هناك أي مدير في النظام، نسمح// تم تعطيل التحقق للسماح بإعادة التهيئة في مرحلة التطوير
|
|
// $count = $con->query("SELECT COUNT(*) FROM adminUser")->fetchColumn();
|
|
// if ($count > 0) die("Access Denied: Admin already initialized.");
|
|
// $auth = JwtService::authenticate($redis);
|
|
// if ($auth['role'] !== 'super_admin' && $auth['role'] !== 'admin') {
|
|
// jsonError("Unauthorized. Only Admins can add staff.");
|
|
// exit;
|
|
// }
|
|
|
|
$name = filterRequest("name");
|
|
$phone = filterRequest("phone");
|
|
$email = filterRequest("email");
|
|
$password = filterRequest("password");
|
|
$role = filterRequest("role"); // 'admin' or 'service'
|
|
$fingerprint = filterRequest("fingerprint");
|
|
$gender = filterRequest("gender") ?? 'Male';
|
|
$birthdate = filterRequest("birthdate");
|
|
|
|
if (empty($name) || empty($password) || empty($role) || empty($fingerprint)) {
|
|
jsonError("Missing required fields (name, password, role, fingerprint).");
|
|
exit;
|
|
}
|
|
|
|
try {
|
|
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
|
|
|
|
// تشفير البيانات الحساسة باستخدام الهيلبر العام من bootstrap
|
|
$encName = $encryptionHelper->encryptData($name);
|
|
$encPhone = $encryptionHelper->encryptData($phone);
|
|
$encEmail = $encryptionHelper->encryptData($email);
|
|
|
|
// تشفير البصمة وهش البصمة
|
|
$encFp = $encryptionHelper->encryptData($fingerprint);
|
|
$fpHash = hash('sha256', $fingerprint);
|
|
$uniqueId = bin2hex(random_bytes(16));
|
|
|
|
if ($role === 'admin') {
|
|
// الإضافة لجدول المديرين
|
|
$sql = "INSERT INTO adminUser (id, fingerprint, fingerprint_hash, name, password, role, created_at)
|
|
VALUES (:id, :fp, :fp_hash, :name, :pass, :role, NOW())";
|
|
$stmt = $con->prepare($sql);
|
|
$stmt->execute([
|
|
':id' => $uniqueId,
|
|
':fp' => $encFp,
|
|
':fp_hash' => $fpHash,
|
|
':name' => $encName,
|
|
':pass' => $hashedPassword,
|
|
':role' => $role
|
|
]);
|
|
} else {
|
|
// الإضافة لجدول المستخدمين (خدمة العملاء)
|
|
$sql = "INSERT INTO users (id, fingerprint, fingerprint_hash, phone, email, gender, password, birthdate, user_type, first_name, created_at)
|
|
VALUES (:id, :fp, :fp_hash, :phone, :email, :gender, :pass, :bdate, 'service', :fname, NOW())";
|
|
$stmt = $con->prepare($sql);
|
|
$stmt->execute([
|
|
':id' => $uniqueId,
|
|
':fp' => $encFp,
|
|
':fp_hash' => $fpHash,
|
|
':phone' => $encPhone,
|
|
':email' => $encEmail,
|
|
':gender' => $gender,
|
|
':pass' => $hashedPassword,
|
|
':bdate' => $birthdate,
|
|
':fname' => $encName
|
|
]);
|
|
}
|
|
|
|
if ($stmt->rowCount() > 0) {
|
|
jsonSuccess("Staff member added successfully.");
|
|
} else {
|
|
jsonError("Failed to add staff member.");
|
|
}
|
|
|
|
} catch (Exception $e) {
|
|
error_log("[Staff Add Error] " . $e->getMessage());
|
|
jsonError("Server error: " . $e->getMessage());
|
|
}
|