<?php
defined($security_key) or exit;
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
//------------------------------------------
// Products Software Upgrades API
//------------------------------------------

//Connect to DB
$pdo = dbConnect($dbname);

//NEW ARRAY
$criterias = [];
$clause = '';

//Check for $_GET variables and build up clause
if(isset($get_content) && $get_content!=''){
    //GET VARIABLES FROM URL
    $requests = explode("&", $get_content);
    //Check for keys and values
    foreach ($requests as $y){
        $v = explode("=", $y);
        //INCLUDE VARIABLES IN ARRAY
        $criterias[$v[0]] = $v[1];
    }
}

// IF SN IS PROVIDED, HANDLE UPGRADE OPTIONS
if (isset($criterias['sn']) && $criterias['sn'] != ''){

    //default output (array of options)
    $output = [];

    //check if current version is send and update the equipment record
    if(isset($criterias['version']) && $criterias['version'] !=''){
        $sql = 'UPDATE equipment SET sw_version = ?, updatedby = ? WHERE serialnumber = ? ';
        $stmt = $pdo->prepare($sql);
        $stmt->execute([$criterias['version'],$username,$criterias['sn']]);
    }

    //check if current hw_version is send and update the equipment record
    if(isset($criterias['hw_version']) && $criterias['hw_version'] !=''){
        $sql = 'UPDATE equipment SET hw_version = ?, updatedby = ? WHERE serialnumber = ? ';
        $stmt = $pdo->prepare($sql);
        $stmt->execute([$criterias['hw_version'],$username,$criterias['sn']]);
    }

    //GET EQUIPMENT AND PRODUCT DATA BASED ON SERIAL NUMBER
    $sql = 'SELECT
                p.rowID as product_rowid,
                p.productcode,
                e.sw_version as current_sw_version,
                e.hw_version,
                e.sw_version_license,
                e.rowID as equipment_rowid
            FROM equipment e
            JOIN products p ON e.productrowid = p.rowID
            WHERE e.serialnumber = ?';
    $stmt = $pdo->prepare($sql);
    $stmt->execute([$criterias['sn']]);
    $equipment_data = $stmt->fetch(PDO::FETCH_ASSOC);

    if (!$equipment_data) {
        $messages = ["error" => "No equipment found for serialnumber"];
    } else {
        $product_rowid = $equipment_data['product_rowid'];
        $productcode = $equipment_data['productcode'];
        $current_sw_version = $equipment_data['current_sw_version'];
        $hw_version = $equipment_data['hw_version'];
        $sw_version_license = $equipment_data['sw_version_license'];
        $equipment_rowid = $equipment_data['equipment_rowid'];

        //GET ALL DATA: active assignments, version details, and upgrade paths
        //Filter on active status and hw_version compatibility
        $sql = 'SELECT
                    psv.rowID as version_id,
                    psv.version,
                    psv.name,
                    psv.description,
                    psv.mandatory,
                    psv.latest,
                    psv.hw_version,
                    psv.file_path,
                    pup.price,
                    pup.currency,
                    pup.from_version_id,
                    from_ver.version as from_version
                FROM products_software_assignment psa
                JOIN products_software_versions psv ON psa.software_version_id = psv.rowID
                LEFT JOIN products_software_upgrade_paths pup ON pup.to_version_id = psv.rowID AND pup.is_active = 1
                LEFT JOIN products_software_versions from_ver ON pup.from_version_id = from_ver.rowID
                WHERE psa.product_id = ?
                    AND psa.status = 1
                    AND (psv.hw_version = ? OR psv.hw_version IS NULL OR psv.hw_version = "")
                    AND (? IS NULL OR ? = "" OR psv.version != ?)';

        $stmt = $pdo->prepare($sql);
        $stmt->execute([$product_rowid, $hw_version, $current_sw_version, $current_sw_version, $current_sw_version]);
        $versions = $stmt->fetchAll(PDO::FETCH_ASSOC);

        if (empty($versions)) {
            $messages = ["error" => "No active software assignments found for product"];
        } else {
            foreach ($versions as $version) {
                //Check if this version should be shown:
                //1. If there's a matching upgrade path from current version, show it
                //2. If no current version exists, show all
                //3. If there's no upgrade path but also no paths exist for this version at all, show it (free upgrade)

                $show_version = false;
                if (!$current_sw_version || $current_sw_version == '') {
                    //No current version - show all
                    $show_version = true;
                } elseif ($version['from_version'] == $current_sw_version) {
                    //Upgrade path exists from current version
                    $show_version = true;
                } else {
                    //Check if any upgrade paths exist for this version
                    $sql = 'SELECT COUNT(*) as path_count
                            FROM products_software_upgrade_paths
                            WHERE to_version_id = ? AND is_active = 1';
                    $stmt = $pdo->prepare($sql);
                    $stmt->execute([$version['version_id']]);
                    $path_check = $stmt->fetch(PDO::FETCH_ASSOC);

                    if ($path_check['path_count'] == 0) {
                        //No paths exist at all - show as free upgrade
                        $show_version = true;
                    }
                }

                if ($show_version) {
                    //Check if there's a valid license for this upgrade
                    $final_price = $version['price'] ?? '0.00';
                    $final_currency = $version['currency'] ?? '';

                    if ($final_price > 0 && $sw_version_license) {
                        //Check if the license is valid
                        $sql = 'SELECT status, start_at, expires_at
                                FROM products_software_licenses
                                WHERE license_key = ? AND equipment_id = ?';
                        $stmt = $pdo->prepare($sql);
                        $stmt->execute([$sw_version_license, $equipment_rowid]);
                        $license = $stmt->fetch(PDO::FETCH_ASSOC);

                        if ($license && $license['status'] == 1) {
                            $now = date('Y-m-d H:i:s');
                            $start_at = $license['start_at'];
                            $expires_at = $license['expires_at'];

                            //Check if license is within valid date range
                            if ((!$start_at || $start_at <= $now) && (!$expires_at || $expires_at >= $now)) {
                                $final_price = '0.00';
                            }
                        }
                    }

                    $output[] = [
                        "productcode" => $productcode,
                        "name" => $version['name'] ?? '',
                        "version" => $version['version'],
                        "version_id" => $version['version_id'],
                        "description" => $version['description'] ?? '',
                        "hw_version" => $version['hw_version'] ?? '',
                        "mandatory" => $version['mandatory'] ?? '',
                        "latest" => $version['latest'] ?? '',
                        "software" => $version['file_path'] ?? '',
                        "source" => '',
                        "source_type" => '',
                        "price" => $final_price,
                        "currency" => $final_currency
                    ];
                }
            }

            //GENERATE DOWNLOAD TOKENS FOR EACH OPTION
            foreach ($output as &$option) {
                // Generate time-based download token
                $download_token = create_download_url_token($criterias['sn'], $option['version_id']);

                // Create secure download URL
                $download_url = 'https://'.$_SERVER['SERVER_NAME'].'/api.php/v2/software_download/token='.$download_token;

                // Set source as download URL
                $option['source'] = $download_url;
                $option['source_type'] = 'token_url';
            }
            $messages = $output;
        }
    }
}
else {
    $messages = ["error" => "No serialnumber found"];
}
//Encrypt results
$messages = json_encode($messages, JSON_UNESCAPED_UNICODE);

//Send results
echo $messages;

?>