Standardize UUID format: generateUUID() now returns unhyphenated 32-char hex

- Remove vsprintf hyphenation from generateUUID() in helpers.php
- Remove redundant str_replace('-', '', ...) wrappers in callers
- Fix grants/create, tabs/open, orders/getOrCreateCart which were storing hyphenated UUIDs
- Cast prices to float in getForBuilder.php
- Uppercase auth response keys (TOKEN, USERID, FIRSTNAME)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

api/auth/loginOTP.php

@@ -29,7 +29,7 @@ if (!$user) {
 
 $userUUID = $user['UUID'] ?? '';
 if (empty(trim($userUUID))) {
-    $userUUID = str_replace('-', '', generateUUID());
+    $userUUID = generateUUID();
     queryTimed("UPDATE Users SET UUID = ? WHERE ID = ?", [$userUUID, $user['ID']]);
 }
 

api/auth/sendOTP.php

@@ -30,14 +30,14 @@ $userUUID = '';
 if ($existing) {
     $userUUID = $existing['UUID'] ?? '';
     if (empty(trim($userUUID))) {
-        $userUUID = str_replace('-', '', generateUUID());
+        $userUUID = generateUUID();
     }
     queryTimed(
         "UPDATE Users SET MobileVerifyCode = ?, UUID = ? WHERE ID = ?",
         [$otp, $userUUID, $existing['ID']]
     );
 } else {
-    $userUUID = str_replace('-', '', generateUUID());
+    $userUUID = generateUUID();
     queryTimed(
         "INSERT INTO Users (ContactNumber, UUID, MobileVerifyCode, IsContactVerified, IsEmailVerified, IsActive, AddedOn, Password, PromoCode)
          VALUES (?, ?, ?, 0, 0, 0, ?, '', ?)",

api/auth/verifyEmailOTP.php

@@ -72,7 +72,7 @@ queryTimed(
 jsonResponse([
     'OK'        => true,
     'ERROR'     => '',
-    'UserID'    => $uid,
+    'USERID'    => $uid,
-    'FirstName' => $user['FirstName'],
+    'FIRSTNAME' => $user['FirstName'],
-    'Token'     => $token,
+    'TOKEN'     => $token,
 ]);

api/helpers.php

@@ -242,7 +242,7 @@ function generateUUID(): string {
     $bytes[6] = chr(ord($bytes[6]) & 0x0f | 0x40);
     // Set variant bits
     $bytes[8] = chr(ord($bytes[8]) & 0x3f | 0x80);
-    return vsprintf('%s%s-%s-%s-%s-%s%s%s', str_split(bin2hex($bytes), 4));
+    return bin2hex($bytes);
 }
 
 // ============================================

api/setup/uploadSavedPage.php

@@ -45,7 +45,7 @@ try {
     }
 
     // Generate unique folder name
-    $uniqueId = strtolower(str_replace('-', '', generateUUID()));
+    $uniqueId = generateUUID();
     $extractDir = "$tempBaseDir/$uniqueId";
 
     // Validate it's a ZIP file

api/tasks/complete.php

@@ -298,7 +298,7 @@ try {
     // Create rating records for service point tasks
     if ($hasServicePoint && $customerUserID > 0 && $workerUserID > 0) {
         // 1. Customer rates Worker
-        $customerToken = strtolower(str_replace('-', '', generateUUID()));
+        $customerToken = generateUUID();
         queryTimed("
             INSERT INTO TaskRatings (
                 TaskID, ByUserID, ForUserID, Direction,
@@ -309,7 +309,7 @@ try {
 
         // 2. Worker rates Customer (if provided)
         if (!empty($workerRating)) {
-            $workerToken = strtolower(str_replace('-', '', generateUUID()));
+            $workerToken = generateUUID();
             queryTimed("
                 INSERT INTO TaskRatings (
                     TaskID, ByUserID, ForUserID, Direction,