1210249f54
Update all SQL queries, query result references, and ColdFusion code to match
the renamed database schema. Tables use plural CamelCase, PKs are all `ID`,
column prefixes stripped (e.g. BusinessName→Name, UserFirstName→FirstName).
Key changes:
- Strip table-name prefixes from all column references (Businesses, Users,
Addresses, Hours, Menus, Categories, Items, Stations, Orders,
OrderLineItems, Tasks, TaskCategories, TaskRatings, QuickTaskTemplates,
ScheduledTaskDefinitions, ChatMessages, Beacons, ServicePoints, Employees,
VisitorTrackings, ApiPerfLogs, tt_States, tt_Days, tt_AddressTypes,
tt_OrderTypes, tt_TaskTypes)
- Rename PK references from {TableName}ID to ID in all queries
- Rewrite 7 admin beacon files to use ServicePoints.BeaconID instead of
dropped lt_Beacon_Businesses_ServicePoints link table
- Rewrite beacon assignment files (list, save, delete) for new schema
- Fix FK references incorrectly changed to ID (OrderLineItems.OrderID,
Categories.MenuID, Tasks.CategoryID, ServicePoints.BeaconID)
- Update Addresses: AddressLat→Latitude, AddressLng→Longitude
- Update Users: UserPassword→Password, UserIsEmailVerified→IsEmailVerified,
UserIsActive→IsActive, UserBalance→Balance, etc.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
120 lines
3.5 KiB
Text
120 lines
3.5 KiB
Text
<cfsetting showdebugoutput="false">
|
|
<cfsetting enablecfoutputonly="true">
|
|
<cfcontent type="application/json; charset=utf-8" reset="true">
|
|
<cfheader name="Cache-Control" value="no-store">
|
|
|
|
<cfscript>
|
|
/**
|
|
* Send OTP to phone number for LOGIN (existing verified accounts)
|
|
*
|
|
* POST: { "phone": "5551234567" }
|
|
*
|
|
* Returns: { OK: true, UUID: "..." } or { OK: false, ERROR: "..." }
|
|
*
|
|
* Only works for verified accounts. Returns error if no account found.
|
|
*/
|
|
|
|
function apiAbort(required struct payload) {
|
|
writeOutput(serializeJSON(payload));
|
|
abort;
|
|
}
|
|
|
|
function readJsonBody() {
|
|
var raw = getHttpRequestData().content;
|
|
if (isNull(raw)) raw = "";
|
|
if (!len(trim(raw))) return {};
|
|
try {
|
|
var data = deserializeJSON(raw);
|
|
if (isStruct(data)) return data;
|
|
} catch (any e) {}
|
|
return {};
|
|
}
|
|
|
|
function normalizePhone(required string p) {
|
|
var x = trim(arguments.p);
|
|
x = reReplace(x, "[^0-9]", "", "all");
|
|
if (len(x) == 11 && left(x, 1) == "1") {
|
|
x = right(x, 10);
|
|
}
|
|
return x;
|
|
}
|
|
|
|
function generateOTP() {
|
|
return randRange(100000, 999999);
|
|
}
|
|
|
|
try {
|
|
data = readJsonBody();
|
|
phone = structKeyExists(data, "phone") ? normalizePhone(data.phone) : "";
|
|
|
|
if (len(phone) != 10) {
|
|
apiAbort({ "OK": false, "ERROR": "invalid_phone", "MESSAGE": "Please enter a valid 10-digit phone number" });
|
|
}
|
|
|
|
// Find verified account with this phone
|
|
qUser = queryExecute("
|
|
SELECT ID, UUID
|
|
FROM Users
|
|
WHERE ContactNumber = :phone
|
|
AND IsContactVerified = 1
|
|
LIMIT 1
|
|
", { phone: { value: phone, cfsqltype: "cf_sql_varchar" } }, { datasource: "payfrit" });
|
|
|
|
if (qUser.recordCount == 0) {
|
|
apiAbort({ "OK": false, "ERROR": "no_account", "MESSAGE": "We couldn't find an account with this number. Try signing up instead!" });
|
|
}
|
|
|
|
// If user has no UUID (legacy account), generate one
|
|
userUUID = qUser.UUID;
|
|
if (!len(trim(userUUID))) {
|
|
userUUID = replace(createUUID(), "-", "", "all");
|
|
queryExecute("
|
|
UPDATE Users SET UUID = :uuid WHERE UserID = :userId
|
|
", {
|
|
uuid: { value: userUUID, cfsqltype: "cf_sql_varchar" },
|
|
userId: { value: qUser.ID, cfsqltype: "cf_sql_integer" }
|
|
}, { datasource: "payfrit" });
|
|
}
|
|
|
|
// Generate and save OTP
|
|
otp = generateOTP();
|
|
queryExecute("
|
|
UPDATE Users
|
|
SET MobileVerifyCode = :otp
|
|
WHERE UserID = :userId
|
|
", {
|
|
otp: { value: otp, cfsqltype: "cf_sql_varchar" },
|
|
userId: { value: qUser.ID, cfsqltype: "cf_sql_integer" }
|
|
}, { datasource: "payfrit" });
|
|
|
|
// Send OTP via Twilio (skip on dev server)
|
|
smsMessage = "Code saved (SMS skipped in dev)";
|
|
isDev = findNoCase("dev.payfrit.com", cgi.SERVER_NAME) > 0;
|
|
|
|
if (!isDev && structKeyExists(application, "twilioObj")) {
|
|
try {
|
|
smsResult = application.twilioObj.sendSMS(
|
|
recipientNumber: "+1" & phone,
|
|
messageBody: "Your Payfrit login code is: " & otp
|
|
);
|
|
smsMessage = smsResult.success ? "Login code sent" : "SMS failed - please try again";
|
|
} catch (any smsErr) {
|
|
smsMessage = "SMS error: " & smsErr.message;
|
|
}
|
|
}
|
|
|
|
writeOutput(serializeJSON({
|
|
"OK": true,
|
|
"UUID": userUUID,
|
|
"MESSAGE": smsMessage,
|
|
"DEV_OTP": otp
|
|
}));
|
|
|
|
} catch (any e) {
|
|
apiAbort({
|
|
"OK": false,
|
|
"ERROR": "server_error",
|
|
"MESSAGE": e.message
|
|
});
|
|
}
|
|
</cfscript>
|