CMXX - Update software downloader

api/v1/post/products_software.php

@@ -53,6 +53,14 @@ if (isset($post_content['productrowid']) && $post_content['productrowid'] != '')
         $input_insert = '';
         
         if ($command == 'insert'){
+
+            //USE PART OF FILENAME AS VERSION
+            if (($pos = strpos($post_content['software'], "_")) !== FALSE) {
+                $version = substr($post_content['software'], $pos+1);
+                $version = substr($version, 0, -4); //remove filetype
+                $post_content['version'] = $version;
+            }
+
             $post_content['latest'] = 1; //New software is always latest
             $post_content['created'] = $date;
             $post_content['createdby'] = $username;
@@ -100,6 +108,21 @@ if (isset($post_content['productrowid']) && $post_content['productrowid'] != '')
 
         }
         elseif ($command == 'delete' && isAllowed('products_software',$profile,$permission,'D') === 1){
+            
+            //GET FILENAME AND REMOVE FROM SERVER
+            $sql = 'SELECT * FROM products_software WHERE rowID = ? '.$whereclause.'';
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute([$id]);
+            //Get results
+            $softwares = $stmt->fetchAll(PDO::FETCH_ASSOC);
+    
+            foreach ($softwares as $software){
+                $software_file = dirname(__FILE__,4)."/firmware/".$software['software'];
+                $file = glob($software_file, GLOB_BRACE); 
+                if (!empty($file)){ 
+                    unlink($software_file); 
+                }
+            }
             $stmt = $pdo->prepare('DELETE FROM products_software WHERE rowID = ? '.$whereclause.'');
             $stmt->execute([ $id ]); 
 

api/v2/get/products_software.php

@@ -165,6 +165,18 @@ if (!isset($criterias['productrowid']) && isset($criterias['sn']) && $criterias[
         }
     }
 
+    //GET PRODUCTCODE BASED ON SN WHEN NO RECORDS FOUND
+    if (count($messages) === 0){
+        $sql = 'SELECT p.productcode FROM equipment e JOIN products p ON e.productrowid = p.rowID WHERE e.serialnumber =?';
+        $stmt = $pdo->prepare($sql);
+        //Excute Query
+        $stmt->execute([$criterias['sn']]);
+        //Get results
+        $productcodes = $stmt->fetchAll(PDO::FETCH_ASSOC);
+        //assign serialnumber to productcode
+        $criterias['productcode'] = $productcodes[0]['productcode'];
+    }
+
     if ($latest_check == 0){
         //GET LATEST BASED ON PRODUCTCODE 
         $sql = 'SELECT * FROM products_software ps JOIN products p ON ps.productrowid = p.rowID WHERE p.productcode = ? AND ps.status = "1" AND ps.latest = "1"';

api/v2/get/vin.php

@@ -8,7 +8,7 @@ defined($security_key) or exit;
 // translated from JS (kevinboutin on 3/11/18) to PHP
 // https://gist.github.com/kevboutin/3ac029e336fc7cafd20c05adda42ffa5
 //------------------------------------------
-// Transliterate VIN characters for validation
+/* Transliterate VIN characters for validation
 function transliterate($c) {
     $index = strpos('0123456789.ABCDEFGH..JKLMN.P.R..STUVWXYZ', $c);
     return $index % 10;
@@ -27,6 +27,41 @@ function getCheckDigit($vin) {
 function validateVIN($vin) {
     if (strlen($vin) !== 17) return false;
     return getCheckDigit($vin) === $vin[8];
+}*/
+
+function validateVIN($vin) {
+
+    $vin = strtolower($vin);
+    if (!preg_match('/^[^\Wioq]{17}$/', $vin)) { 
+        return false; 
+    }
+    $weights = array(8, 7, 6, 5, 4, 3, 2, 10, 0, 9, 8, 7, 6, 5, 4, 3, 2);
+    $transliterations = array(
+        "a" => 1, "b" => 2, "c" => 3, "d" => 4,
+        "e" => 5, "f" => 6, "g" => 7, "h" => 8,
+        "j" => 1, "k" => 2, "l" => 3, "m" => 4,
+        "n" => 5, "p" => 7, "r" => 9, "s" => 2,
+        "t" => 3, "u" => 4, "v" => 5, "w" => 6,
+        "x" => 7, "y" => 8, "z" => 9
+    );
+    $sum = 0;
+    for($i = 0 ; $i < strlen($vin) ; $i++ ) { // loop through characters of VIN
+        // add transliterations * weight of their positions to get the sum
+        $check_char = substr($vin, $i, 1);
+        if(!is_numeric($check_char)) {
+            $sum += $transliterations[$check_char] * $weights[$i];
+        } else {
+            $sum += $check_char * $weights[$i];
+        }
+    }
+
+    // find checkdigit by taking the mod of the sum
+    $checkdigit = $sum % 11;
+    if($checkdigit == 10) { // checkdigit of 10 is represented by "X"
+        $checkdigit = "x";
+    }
+    $actual_checkdigit = substr($vin, 8, 1);
+    return ($checkdigit == $actual_checkdigit); 
 }
 
 //------------------------------------------
@@ -79,14 +114,15 @@ if (strlen($get_content) == 17){
     
     $messages = [
         "VIN" => $vin,
-        "IsValid" => (validateVIN($vin) ? "Yes" : "No"),
         "Manufacturer" => getManufacturer(getWMI($vin)),
         "year" => getYear(getVIS($vin))
     ];
 }
 else {
     $messages = [
-        "IsValid" => "No"
+        "VIN" => $vin,
+        "Manufacturer" => "Unknown",
+        "year" => "Unknown"
     ];
 }
 

api/v2/post/products_software.php

@@ -53,6 +53,13 @@ if (isset($post_content['productrowid']) && $post_content['productrowid'] != '')
         $input_insert = '';
 
         if ($command == 'insert'){
+
+            if (($pos = strpos($post_content['software'], "_")) !== FALSE) {
+                $version = substr($post_content['software'], $pos+1);
+                $version = substr($version, 0, -4); //remove filetype
+                $post_content['version'] = $version;
+            }
+
             $post_content['latest'] = 1; //New software is always latest
             $post_content['created'] = $date;
             $post_content['createdby'] = $username;
@@ -99,11 +106,28 @@ if (isset($post_content['productrowid']) && $post_content['productrowid'] != '')
             $stmt->execute($execute_input);
         }
         elseif ($command == 'delete' && isAllowed('products_software',$profile,$permission,'D') === 1){
+            
+            //GET FILENAME AND REMOVE FROM SERVER
+            $sql = 'SELECT * FROM products_software WHERE rowID = ? '.$whereclause.'';
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute([$id]);
+            //Get results
+            $softwares = $stmt->fetchAll(PDO::FETCH_ASSOC);
+     
+            foreach ($softwares as $software){
+                $software_file = dirname(__FILE__,4)."/firmware/".$software['software'];
+                $file = glob($software_file, GLOB_BRACE); 
+                if (!empty($file)){ 
+                    unlink($software_file); 
+                }
+            }
+            
             $stmt = $pdo->prepare('DELETE FROM products_software WHERE rowID = ? '.$whereclause.'');
             $stmt->execute([ $id ]); 
 
             //Add deletion to changelog
             changelog($dbname,'products_',$id,'Delete','Delete',$username);
+            
         } else
         {
             //do nothing

products_software.php

@@ -187,7 +187,7 @@ $view .= '<div class="content-block tab-content active">
                     <option value="0" '.($products_software['status']==0?' selected':'').'>'.$prod_status_0 .'</option>
                 </select>
                 <label for=""><i class="required">*</i>'.$product_version_version.'</label>
-                <input id="name" type="text" name="version" placeholder="'.$product_version_version.'" value="'.$products_software['version'].'" required>
+                <input id="name" type="text" name="version" placeholder="'.$product_version_version.'" value="'.$products_software['version'].'" >
  ';             
  if ($products_software['software'] !=''){
     $view .= '