From 813197c86904a2fbe91a17e2fdb32da83c27ee4d Mon Sep 17 00:00:00 2001
From: Hamza-Ayed <hamzaayedflutter@gmail.com>
Date: Fri, 15 May 2026 17:43:57 +0300
Subject: [PATCH] Update: 2026-05-15 17:43:57

---
 app/modules_app/invoices/export_excel.php     |   2 +-
 app/modules_app/invoices/verify_public.php    |   2 +
 .../services/thermal_printer_service.dart     |  45 ++++-
 public/.htaccess                              |  10 +
 public/shell.php                              |   2 +-
 public/v.php                                  | 176 ++++++++++++++++++
 6 files changed, 225 insertions(+), 12 deletions(-)
 create mode 100644 public/.htaccess
 create mode 100644 public/v.php

diff --git a/app/modules_app/invoices/export_excel.php b/app/modules_app/invoices/export_excel.php
index 3d5c4c0..8ad344c 100644
--- a/app/modules_app/invoices/export_excel.php
+++ b/app/modules_app/invoices/export_excel.php
@@ -367,7 +367,7 @@ foreach ($invoices as $invIdx => $inv) {
 
     // --- Add Verification QR Code ---
     try {
-        $verifyUrl = "https://musadaq.intaleqapp.com/index.php?route=verify&id=" . $inv['id'];
+        $verifyUrl = "https://musadaq.intaleqapp.com/v.php?id=" . $inv['id'];
         $qrApiUrl = "https://api.qrserver.com/v1/create-qr-code/?size=100x100&data=" . urlencode($verifyUrl);
         $qrData = $downloadUrl($qrApiUrl);
         if ($qrData) {
diff --git a/app/modules_app/invoices/verify_public.php b/app/modules_app/invoices/verify_public.php
index b326f01..130278f 100644
--- a/app/modules_app/invoices/verify_public.php
+++ b/app/modules_app/invoices/verify_public.php
@@ -7,6 +7,7 @@
 use App\Core\Database;
 use App\Core\Encryption;
 
+// die('REACHED VERIFY'); // Debug
 try {
     $invoiceId = $_GET['id'] ?? null;
 
@@ -167,6 +168,7 @@ try {
 </body>
 </html>
 <?php
+    exit;
 } catch (\Exception $e) {
     die("خطأ في النظام");
 }
diff --git a/musadaq-app/lib/core/services/thermal_printer_service.dart b/musadaq-app/lib/core/services/thermal_printer_service.dart
index feb7dfc..9ba5c87 100644
--- a/musadaq-app/lib/core/services/thermal_printer_service.dart
+++ b/musadaq-app/lib/core/services/thermal_printer_service.dart
@@ -29,7 +29,7 @@ class ThermalPrinterService {
       printer.feed(2);
       printer.cut();
       printer.disconnect();
-      
+
       return true;
     } catch (e) {
       AppLogger.error('Thermal printing failed', e);
@@ -37,7 +37,8 @@ class ThermalPrinterService {
     }
   }
 
-  void _buildInvoiceTicket(NetworkPrinter printer, Map<String, dynamic> invoice) {
+  void _buildInvoiceTicket(
+      NetworkPrinter printer, Map<String, dynamic> invoice) {
     // Header
     printer.text(
       'M U S A D A Q',
@@ -66,8 +67,14 @@ class ThermalPrinterService {
     // Table Header
     printer.row([
       PosColumn(text: 'البند', width: 6),
-      PosColumn(text: 'الكمية', width: 2, styles: const PosStyles(align: PosAlign.center)),
-      PosColumn(text: 'الإجمالي', width: 4, styles: const PosStyles(align: PosAlign.right)),
+      PosColumn(
+          text: 'الكمية',
+          width: 2,
+          styles: const PosStyles(align: PosAlign.center)),
+      PosColumn(
+          text: 'الإجمالي',
+          width: 4,
+          styles: const PosStyles(align: PosAlign.right)),
     ]);
     printer.hr();
 
@@ -76,8 +83,14 @@ class ThermalPrinterService {
     for (var item in items) {
       printer.row([
         PosColumn(text: item['description'] ?? '-', width: 6),
-        PosColumn(text: item['quantity']?.toString() ?? '1', width: 2, styles: const PosStyles(align: PosAlign.center)),
-        PosColumn(text: item['line_total']?.toString() ?? '0', width: 4, styles: const PosStyles(align: PosAlign.right)),
+        PosColumn(
+            text: item['quantity']?.toString() ?? '1',
+            width: 2,
+            styles: const PosStyles(align: PosAlign.center)),
+        PosColumn(
+            text: item['line_total']?.toString() ?? '0',
+            width: 4,
+            styles: const PosStyles(align: PosAlign.right)),
       ]);
     }
     printer.hr();
@@ -85,15 +98,27 @@ class ThermalPrinterService {
     // Totals
     printer.row([
       PosColumn(text: 'المجموع الجزئي:', width: 8),
-      PosColumn(text: '${invoice['subtotal'] ?? 0}', width: 4, styles: const PosStyles(align: PosAlign.right)),
+      PosColumn(
+          text: '${invoice['subtotal'] ?? 0}',
+          width: 4,
+          styles: const PosStyles(align: PosAlign.right)),
     ]);
     printer.row([
       PosColumn(text: 'الضريبة:', width: 8),
-      PosColumn(text: '${invoice['tax_amount'] ?? 0}', width: 4, styles: const PosStyles(align: PosAlign.right)),
+      PosColumn(
+          text: '${invoice['tax_amount'] ?? 0}',
+          width: 4,
+          styles: const PosStyles(align: PosAlign.right)),
     ]);
     printer.row([
-      PosColumn(text: 'الإجمالي الكلي:', width: 8, styles: const PosStyles(bold: true)),
-      PosColumn(text: '${invoice['grand_total'] ?? 0} JOD', width: 4, styles: const PosStyles(align: PosAlign.right, bold: true)),
+      PosColumn(
+          text: 'الإجمالي الكلي:',
+          width: 8,
+          styles: const PosStyles(bold: true)),
+      PosColumn(
+          text: '${invoice['grand_total'] ?? 0} JOD',
+          width: 4,
+          styles: const PosStyles(align: PosAlign.right, bold: true)),
     ]);
 
     printer.hr();
diff --git a/public/.htaccess b/public/.htaccess
new file mode 100644
index 0000000..c4bd0bb
--- /dev/null
+++ b/public/.htaccess
@@ -0,0 +1,10 @@
+RewriteEngine On
+
+# Ensure HTTPS
+RewriteCond %{HTTPS} off
+RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
+
+# Handle Clean URLs
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME} !-d
+RewriteRule ^(.*)$ index.php?route=$1 [QSA,L]
diff --git a/public/shell.php b/public/shell.php
index 4a503e4..b127222 100644
--- a/public/shell.php
+++ b/public/shell.php
@@ -3039,7 +3039,7 @@
                 getQrSrc(inv) {
                     if (!inv) return '';
                     if (inv.jofotara?.qr_image_uri) return inv.jofotara.qr_image_uri;
-                    const verifyUrl = 'https://musadaq.intaleqapp.com/index.php?route=verify&id=' + inv.id;
+                    const verifyUrl = `https://musadaq.intaleqapp.com/v.php?id=${inv.id}`;
                     const qr = new QRious({ value: verifyUrl, size: 300, level: 'H' });
                     return qr.toDataURL();
                 },
diff --git a/public/v.php b/public/v.php
new file mode 100644
index 0000000..10450ea
--- /dev/null
+++ b/public/v.php
@@ -0,0 +1,176 @@
+<?php
+/**
+ * Standalone Public Invoice Verification Page
+ * Bypass index.php router to avoid any accidental redirects.
+ */
+
+// 1. Load Bootstrap
+require_once __DIR__ . '/../app/bootstrap/init.php';
+
+use App\Core\Database;
+use App\Core\Encryption;
+
+try {
+    $invoiceId = $_GET['id'] ?? null;
+
+    if (!$invoiceId) {
+        die("<h1>رابط التحقق غير صالح</h1>");
+    }
+
+    $db = Database::getInstance();
+
+    // Fetch invoice with company and supplier details
+    $stmt = $db->prepare("
+        SELECT i.*, c.name as company_name_raw
+        FROM invoices i
+        JOIN companies c ON i.company_id = c.id
+        WHERE i.id = ? AND i.deleted_at IS NULL
+    ");
+    $stmt->execute([$invoiceId]);
+    $invoice = $stmt->fetch();
+
+    if (!$invoice) {
+        die("<h1>الفاتورة غير موجودة أو تم حذفها</h1>");
+    }
+
+    // Decrypt helper
+    $dec = function($val) {
+        if (empty($val)) return '-';
+        $result = Encryption::decrypt((string)$val);
+        return ($result !== false && $result !== null) ? $result : (string)$val;
+    };
+
+    $supplierName = $dec($invoice['supplier_name']);
+    $companyName = $dec($invoice['company_name_raw']);
+    $total = number_format((float)$invoice['grand_total'], 3);
+    $date = $invoice['invoice_date'] ?: 'غير محدد';
+    $status = match($invoice['status']) {
+        'extracted' => 'مستخرجة',
+        'approved' => 'معتمدة ✅',
+        'submitted' => 'مقدمة للضريبة 🏛️',
+        'rejected' => 'مرفوضة ❌',
+        default => 'قيد المعالجة'
+    };
+
+?>
+<!DOCTYPE html>
+<html lang="ar" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>التحقق من الفاتورة - مُصادَق</title>
+    <link href="https://fonts.googleapis.com/css2?family=Tajawal:wght@400;700&display=swap" rel="stylesheet">
+    <style>
+        :root {
+            --primary: #1C1550;
+            --accent: #00D1B2;
+            --bg: #F8F9FA;
+        }
+        body {
+            font-family: 'Tajawal', sans-serif;
+            background-color: var(--bg);
+            margin: 0;
+            display: flex;
+            justify-content: center;
+            align-items: center;
+            min-height: 100vh;
+            color: #333;
+        }
+        .verify-card {
+            background: white;
+            padding: 30px;
+            border-radius: 20px;
+            box-shadow: 0 10px 30px rgba(0,0,0,0.1);
+            max-width: 450px;
+            width: 90%;
+            text-align: center;
+        }
+        .logo {
+            font-size: 28px;
+            font-weight: bold;
+            color: var(--primary);
+            margin-bottom: 20px;
+        }
+        .status-badge {
+            display: inline-block;
+            padding: 8px 20px;
+            border-radius: 50px;
+            background: #E9ECEF;
+            font-weight: bold;
+            margin-bottom: 25px;
+            color: var(--primary);
+        }
+        .info-grid {
+            display: grid;
+            grid-template-columns: 1fr;
+            gap: 15px;
+            text-align: right;
+            border-top: 1px solid #EEE;
+            padding-top: 20px;
+        }
+        .info-item label {
+            font-size: 13px;
+            color: #888;
+            display: block;
+            margin-bottom: 4px;
+        }
+        .info-item span {
+            font-size: 16px;
+            font-weight: 700;
+            color: var(--primary);
+        }
+        .footer-note {
+            margin-top: 30px;
+            font-size: 12px;
+            color: #AAA;
+        }
+        .btn-home {
+            margin-top: 20px;
+            display: inline-block;
+            text-decoration: none;
+            color: var(--accent);
+            font-weight: bold;
+        }
+    </style>
+</head>
+<body>
+    <div class="verify-card">
+        <div class="logo">مُـصَـادَق</div>
+        <div class="status-badge"><?php echo $status; ?></div>
+        
+        <div class="info-grid">
+            <div class="info-item">
+                <label>اسم المكتب (الشركة)</label>
+                <span><?php echo htmlspecialchars($companyName); ?></span>
+            </div>
+            <div class="info-item">
+                <label>اسم المورّد</label>
+                <span><?php echo htmlspecialchars($supplierName); ?></span>
+            </div>
+            <div class="info-item">
+                <label>رقم الفاتورة</label>
+                <span><?php echo htmlspecialchars($invoice['invoice_number'] ?: '-'); ?></span>
+            </div>
+            <div class="info-item">
+                <label>تاريخ الفاتورة</label>
+                <span><?php echo htmlspecialchars($date); ?></span>
+            </div>
+            <div class="info-item">
+                <label>المبلغ الإجمالي</label>
+                <span style="font-size: 24px; color: var(--accent);"><?php echo $total; ?> JOD</span>
+            </div>
+        </div>
+
+        <div class="footer-note">
+            تم التحقق من هذه الفاتورة رسمياً عبر منصة مُصادَق.<br>
+            <?php echo date('Y-m-d H:i:s'); ?>
+        </div>
+        <a href="https://musadaq.intaleqapp.com/" class="btn-home">زيارة منصة مُصادَق</a>
+    </div>
+</body>
+</html>
+<?php
+    exit;
+} catch (\Exception $e) {
+    die("خطأ في النظام: " . $e->getMessage());
+}