Hamza/musadaq-saas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update: 2026-05-05 01:31:02

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-05 01:31:02 +03:00
parent 2f6a08800d
commit dcbf8bd04f
2 changed files with 22 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
app/modules_app/invoices/upload.php
View File

@@ -80,29 +80,29 @@ if (move_uploaded_file($_FILES['invoice']['tmp_name'], $targetFile)) {
json_success(['id' => $db->lastInsertId()], 'تم رفع الفاتورة ولكن فشل استخراج البيانات تلقائياً');
}
// 5.5 Duplicate Prevention Check
$supplierTin = $extracted['supplier']['tin'] ?? '';
$invoiceNum = $extracted['invoice_number'] ?? '';
$invoiceDate = $extracted['invoice_date'] ?? '';
// Only hash if we have the critical data to avoid false duplicate collisions
$invoiceHash = null;
if ($supplierTin && $invoiceNum && $invoiceDate) {
$rawHashString = $companyId . '_' . $supplierTin . '_' . $invoiceNum . '_' . $invoiceDate;
$invoiceHash = hash('sha256', strtolower($rawHashString));
$checkStmt = $db->prepare("SELECT id FROM invoices WHERE company_id = ? AND invoice_hash = ? AND deleted_at IS NULL");
$checkStmt->execute([$companyId, $invoiceHash]);
if ($checkStmt->fetch()) {
json_error('هذه الفاتورة تم رفعها مسبقاً لهذه الشركة (رقم الفاتورة مكرر لنفس المورد والتاريخ).', 409);
}
}
// 6. Save Extracted Data with Encryption
try {
$db->beginTransaction();
$invoiceId = bin2hex(random_bytes(16)); // Generate UUID (simple version for now or use a lib)
// 5.5 Duplicate Prevention Check (Now inside transaction for safety)
$supplierTin = $extracted['supplier']['tin'] ?? '';
$invoiceNum = $extracted['invoice_number'] ?? '';
$invoiceDate = $extracted['invoice_date'] ?? '';
$invoiceHash = null;
if ($supplierTin && $invoiceNum && $invoiceDate) {
$rawHashString = $companyId . '_' . $supplierTin . '_' . $invoiceNum . '_' . $invoiceDate;
$invoiceHash = hash('sha256', strtolower($rawHashString));
$checkStmt = $db->prepare("SELECT id FROM invoices WHERE company_id = ? AND invoice_hash = ? AND deleted_at IS NULL");
$checkStmt->execute([$companyId, $invoiceHash]);
if ($checkStmt->fetch()) {
$db->rollBack();
json_error('هذه الفاتورة تم رفعها مسبقاً لهذه الشركة (رقم الفاتورة مكرر لنفس المورد والتاريخ).', 409);
}
}
$invoiceId = bin2hex(random_bytes(16)); // Generate UUID
// Let's use a standard UUID format if possible, but MySQL CHAR(36) accepts anything.
// Actually, let's just use the DB's UUID() function but FETCH it back or generate it here.
// I'll use a better UUID generator logic.