Deploy: 2026-05-23 02:09:23

backend/app/Controllers/OTPController.php

@@ -17,14 +17,6 @@ class OTPController extends BaseController
      */
     private function generateOtpImage(string $code): string
     {
-        $dir = __DIR__ . '/../../public/otp';
-        if (!is_dir($dir)) {
-            mkdir($dir, 0755, true);
-        }
-        
-        $filename = 'otp_' . time() . '_' . rand(1000, 9999) . '.png';
-        $filepath = $dir . '/' . $filename;
-        
         if (function_exists('imagecreate')) {
             // Base image
             $img = imagecreatetruecolor(400, 200);
@@ -74,21 +66,20 @@ class OTPController extends BaseController
             // Scale up the text image to the main image using resampled for smooth (non-pixelated) edges
             imagecopyresampled($img, $tmp, 0, 0, 0, 0, 400, 200, 100, 40);
             
-            imagepng($img, $filepath);
+            ob_start();
+            imagepng($img);
+            $imageData = ob_get_clean();
+            
             imagedestroy($img);
             imagedestroy($tmp);
+            
+            return base64_encode($imageData);
         } else {
             // Fallback to placehold.co if PHP GD extension is missing
             $url = "https://placehold.co/400x200/e0f2fe/0f172a/png?text=" . $code . "&font=oswald";
             $content = file_get_contents($url);
-            file_put_contents($filepath, $content);
+            return base64_encode($content);
         }
-        
-        $appUrl = rtrim(getenv('APP_URL') ?: 'https://nabeh.intaleqapp.com', '/');
-        if (strpos($appUrl, 'localhost') !== false || strpos($appUrl, '127.0.0.1') !== false) {
-            $appUrl = 'https://nabeh.intaleqapp.com';
-        }
-        return $appUrl . '/otp/' . $filename;
     }
 
     /**
@@ -222,9 +213,9 @@ class OTPController extends BaseController
                 // Send voice note
                 ConversationFlowEngine::sendReply($session, $phone, '', null, $audioBase64, $mimeType);
             } else if ($type === 'image') {
-                // Generate OTP Image
-                $imageUrl = $this->generateOtpImage($code);
-                ConversationFlowEngine::sendReply($session, $phone, '', $imageUrl);
+                // Generate OTP Image as Base64
+                $imageBase64 = $this->generateOtpImage($code);
+                ConversationFlowEngine::sendReply($session, $phone, '', null, null, null, $imageBase64);
             } else {
                 // Send text
                 $textMsg = "رمز التحقق الخاص بك لمتجر نابه هو: *{$code}* \n الرجاء عدم مشاركته مع أي شخص.";

backend/app/Core/Flows/ConversationFlowEngine.php

@@ -213,7 +213,8 @@ class ConversationFlowEngine
         string $message,
         ?string $mediaUrl = null,
         ?string $audioBase64 = null,
-        ?string $mimetype = null
+        ?string $mimetype = null,
+        ?string $imageBase64 = null
     ): void {
         $gatewayUrl = rtrim(getenv('WHATSAPP_GATEWAY_URL') ?: 'http://localhost:3722', '/');
         if (substr($gatewayUrl, -4) === '/api') {
@@ -239,6 +240,9 @@ class ConversationFlowEngine
         if ($mimetype !== null) {
             $payloadData['mimetype'] = $mimetype;
         }
+        if ($imageBase64 !== null) {
+            $payloadData['image'] = $imageBase64;
+        }
 
         $payload = json_encode($payloadData);
 

whatsapp-gateway/baileys-client.js

@@ -360,7 +360,7 @@ function convertToOggOpus(base64Audio) {
 /**
  * Send a message using an active session
  */
-async function sendMessage(session_key, phone, message, mediaUrl = null, audioBase64 = null, mimetype = null) {
+async function sendMessage(session_key, phone, message, mediaUrl = null, audioBase64 = null, mimetype = null, imageBase64 = null) {
     const sock = sessions.get(session_key);
     if (!sock) {
         throw new Error(`Session ${session_key} is not active or connected`);
@@ -381,7 +381,13 @@ async function sendMessage(session_key, phone, message, mediaUrl = null, audioBa
     }
     let sentMsg;
 
-    if (audioBase64) {
+    if (imageBase64) {
+        const buffer = Buffer.from(imageBase64, 'base64');
+        sentMsg = await sock.sendMessage(jid, {
+            image: buffer,
+            caption: message || ''
+        });
+    } else if (audioBase64) {
         let finalAudioBase64 = audioBase64;
         let finalMime = mimetype || 'audio/mp4';
         

whatsapp-gateway/server.js

@@ -84,18 +84,18 @@ app.get('/api/sessions/active', (req, res) => {
 
 // Send outbound message
 app.post('/api/messages/send', async (req, res) => {
-    const { session_key, phone, message, media_url, audio, mimetype } = req.body;
+    const { session_key, phone, message, media_url, audio, mimetype, image } = req.body;
 
     if (!session_key || !phone) {
         return res.status(400).json({ error: 'Missing session_key or phone' });
     }
 
-    if (!message && !audio && !media_url) {
-        return res.status(400).json({ error: 'Missing message, audio or media_url' });
+    if (!message && !audio && !media_url && !image) {
+        return res.status(400).json({ error: 'Missing message, audio, media_url, or image' });
     }
 
     try {
-        const result = await sendMessage(session_key, phone, message, media_url, audio, mimetype);
+        const result = await sendMessage(session_key, phone, message, media_url, audio, mimetype, image);
         res.json({ status: 'success', data: result });
     } catch (err) {
         console.error(`Error sending message via ${session_key} to ${phone}:`, err);