Hamza/musadaq-saas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update: 2026-05-08 14:05:50

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-08 14:05:50 +03:00
parent cfc330e291
commit 155c2d0fc0
13 changed files with 709 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/modules_app/auth/mobile_request_otp.php
View File

@@ -30,6 +30,13 @@ try {
}
$phone = preg_replace('/[^0-9+]/', '', $data['phone']);
$phone = ltrim($phone, '+');
if (str_starts_with($phone, '07')) {
$phone = '962' . substr($phone, 1);
} elseif (str_starts_with($phone, '7')) {
$phone = '962' . $phone;
}
$phoneHash = hash('sha256', $phone);
// 2. Find user by phone hash OR plain phone (Support both schemas)

7
app/modules_app/auth/mobile_verify_otp.php
View File

@@ -30,6 +30,13 @@ if ($errors) {
}
$phone = preg_replace('/[^0-9+]/', '', $data['phone']);
$phone = ltrim($phone, '+');
if (str_starts_with($phone, '07')) {
$phone = '962' . substr($phone, 1);
} elseif (str_starts_with($phone, '7')) {
$phone = '962' . $phone;
}
$phoneHash = hash('sha256', $phone);
$deviceId = $data['device_id'] ?? '';
$deviceName = $data['device_name'] ?? 'Unknown Device';

12
app/modules_app/users/create.php
View File

@@ -46,8 +46,16 @@ $encryptedName = Encryption::encrypt($data['name']);
$encryptedEmail = Encryption::encrypt($data['email']);
$emailHash = hash('sha256', strtolower($data['email'])); // For fast lookup during login
$encryptedPhone = Encryption::encrypt($data['phone']);
$phoneHash = hash('sha256', preg_replace('/[^0-9+]/', '', $data['phone']));
$phone = preg_replace('/[^0-9+]/', '', $data['phone']);
$phone = ltrim($phone, '+');
if (str_starts_with($phone, '07')) {
$phone = '962' . substr($phone, 1);
} elseif (str_starts_with($phone, '7')) {
$phone = '962' . $phone;
}
$encryptedPhone = Encryption::encrypt($phone);
$phoneHash = hash('sha256', $phone);
// 3. Determine Tenant ID
$tenantId = null;

19
app/modules_app/users/update.php
View File

@@ -34,14 +34,15 @@ $values = [];
if (isset($data['name'])) {
$fields[] = 'name = ?';
$values[] = $data['name'];
$values[] = \App\Core\Encryption::encrypt($data['name']);
}
if (isset($data['email'])) {
$fields[] = 'email = ?';
$values[] = $data['email'];
$values[] = \App\Core\Encryption::encrypt($data['email']);
$fields[] = 'email_hash = ?';
$values[] = hash('sha256', strtolower($data['email']));
}
if (isset($data['role'])) {
// Only super_admin can change roles
if ($role !== 'super_admin' && $data['role'] === 'super_admin') {
json_error('لا يمكنك منح صلاحية مدير النظام', 403);
}
@@ -49,8 +50,18 @@ if (isset($data['role'])) {
$values[] = $data['role'];
}
if (isset($data['phone'])) {
$phone = preg_replace('/[^0-9+]/', '', $data['phone']);
$phone = ltrim($phone, '+');
if (str_starts_with($phone, '07')) {
$phone = '962' . substr($phone, 1);
} elseif (str_starts_with($phone, '7')) {
$phone = '962' . $phone;
}
$fields[] = 'phone = ?';
$values[] = $data['phone'];
$values[] = \App\Core\Encryption::encrypt($phone);
$fields[] = 'phone_hash = ?';
$values[] = hash('sha256', $phone);
}
if (isset($data['is_active'])) {
$fields[] = 'is_active = ?';