#!/bin/bash

if [ $# -lt 4 ]
then
  echo "Usage: $0 <epson_password> <current_ip> <new_ip> <gateway_ip>"
  exit 8
fi

EPSON_PWD=$1
CURR_IP=$2
NEW_IP=$3
GW_IP=$4


CURR_SUBNET=`expr match "$CURR_IP" '\([0-9]*\.[0-9]*\.[0-9]*\)'`

ifconfig eth0:9 down

if ! ifconfig | grep -q "$CURR_SUBNET"
then

  ALIAS_IP=$CURR_IP
  while [ "$ALIAS_IP" == "$CURR_IP" ]
  do
    LAST_BYTE=$(($RANDOM%255))
    if [ "$LAST_BYTE" == "0" ]
    then 
      LAST_BYTE=$(($LAST_BYTE+1))
    fi
    ALIAS_IP="${CURR_SUBNET}.$LAST_BYTE"
  done
  ifconfig eth0:9 $ALIAS_IP up
fi

rm -f /tmp/curl_enpc

epson_serie3() {

  RESULT=`curl -k --connect-timeout 10 --max-time 15 -w '%{http_code}' 'https://'${CURR_IP}'/tcp_setv4.cgi?W_IP8=1&W_IP1='${NEW_IP}'&W_IP2=255.255.255.0&W_IP3='${GW_IP}'&W_IP10=1&W_IP11=0&%7BRP_IP12E2%7D=Enable&W_PRIP1=1' -o /tmp/curl_enpc -s -I -uepson:${EPSON_PWD}`
  STATUS=$?
  echo "curl exit code: $STATUS, result $RESULT"

  if [ $STATUS -eq 7 -o $STATUS -eq 28 ] || ! [ -f /tmp/curl_enpc ]
  then
    return 1
  fi

  if cat /tmp/curl_enpc | grep -q 'HTTP/1.1 401 Unauthorized'
  then
    echo "incorrect password"
    return 2
  fi

  if [ $STATUS -eq 0 -a $RESULT -eq 200 ]
  then
    curl -k --connect-timeout 10 --max-time 15 'https://'${CURR_IP}'/reset.cgi' -s -uepson:${EPSON_PWD}
    return 0
  fi
  return 1
}

###################################
# EPSON TMT20IV
###################################

epson4_get_cookie() \
{
  # login, get cookie  
  echo "logging in to epson at $CURR_IP"  
  RESULT=`curl -k --connect-timeout 10 --max-time 15 'https://'${CURR_IP}'/PRESENTATION/ADVANCED/PASSWORD/SET' -s \
    -c /tmp/epson.cookie \
    -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8' \
    -H 'Accept-Language: en-US,en;q=0.6' \
    -H 'Cache-Control: no-cache' \
    -H 'Connection: keep-alive' \
    -H 'Content-Type: application/x-www-form-urlencoded' \
    -H 'Origin: https://'${CURR_IP}'' \
    -H 'Pragma: no-cache' \
    -H 'Referer: https://'${CURR_IP}'/PRESENTATION/ADVANCED/PASSWORD/TOP' \
    -H 'Sec-Fetch-Dest: iframe' \
    -H 'Sec-Fetch-Mode: navigate' \
    -H 'Sec-Fetch-Site: same-origin' \
    -H 'Sec-Fetch-User: ?1' \
    -H 'Sec-GPC: 1' \
    -H 'Upgrade-Insecure-Requests: 1' \
    -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36' \
    -H 'sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Brave";v="134"' \
    -H 'sec-ch-ua-mobile: ?0' \
    -H 'sec-ch-ua-platform: "Linux"' \
    --data-raw 'access=https&INPUTT_PASSWORD='${EPSON_PWD}'&INPUTT_ACCSESSMETHOD=0&INPUTT_DUMMY=' \
    --insecure  \
    -o /tmp/curl_enpc \
    -w '%{http_code}' \
    `
  STATUS=$?
  echo "login status $STATUS, result $RESULT"

  if cat /tmp/curl_enpc | grep -qi 'incorrect password'
  then
    echo "incorrect password"
    return 2
  fi
  if [ $STATUS -ne 0 -o $RESULT -ne 200 ]
  then
    echo "failed to login to epson printer"
    return 1
  fi
}

epson4_set_new_ip() \
{
  echo "setting new IP $NEW_IP, GW $GW_IP"
  # get confirm page
  RESULT=`curl -k --connect-timeout 10 --max-time 15 'https://'${CURR_IP}'/PRESENTATION/ADVANCED/NW_BASIC/CONFIRM' -s \
    -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8' \
    -H 'Accept-Language: en-US,en;q=0.6' \
    -H 'Cache-Control: no-cache' \
    -H 'Connection: keep-alive' \
    -H 'Content-Type: application/x-www-form-urlencoded' \
    -b '/tmp/epson.cookie' \
    -H 'Origin: https://'${CURR_IP}'' \
    -H 'Pragma: no-cache' \
    -H 'Referer: https://'${CURR_IP}'/PRESENTATION/ADVANCED/NW_BASIC/TOP' \
    -H 'Sec-Fetch-Dest: iframe' \
    -H 'Sec-Fetch-Mode: navigate' \
    -H 'Sec-Fetch-Site: same-origin' \
    -H 'Sec-Fetch-User: ?1' \
    -H 'Sec-GPC: 1' \
    -H 'Upgrade-Insecure-Requests: 1' \
    -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36' \
    -H 'sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Brave";v="134"' \
    -H 'sec-ch-ua-mobile: ?0' \
    -H 'sec-ch-ua-platform: "Linux"' \
    --data-raw 'INPUTT_PFNAME=EPSON2E2893&INPUTT_LOCATION=&INPUTR_TCPIPMETHOD=MANUAL&INPUTR_IPPRINT=ENABLE&INPUTT_IP='${NEW_IP}'&INPUTT_SUBNET=255.255.255.0&INPUTT_DEFAULTGW='${GW_IP}'&INPUTR_DNSMETHOD=MANUAL&INPUTT_PDNS='${GW_IP}'&INPUTT_SDNS='${GW_IP}'&INPUTR_DNSHOSTNAMEMETHOD=MANUAL&INPUTR_DNSDOMAINNAMEMETHOD=AUTO&INPUTR_REGISTERNWIFADDRESSTODNS=DISABLE&INPUTR_PROXYMETHOD=DISABLE&INPUTR_IPV6METHOD=DISABLE' \
    --insecure  \
    -o /tmp/curl_enpc \
    -w '%{http_code}' \
  `
  STATUS=$?
  echo "set status $STATUS, result $RESULT"

  if [ $STATUS -ne 0 -o $RESULT -ne 200 -o ! -f /tmp/curl_enpc ]
  then
    echo "failed to get confirm page from epson printer"
    return 1
  fi
  cp /tmp/curl_enpc /tmp/curl_enpc_confirm

  cat << EOF > /dev/null

  questo e' la risposta della stampante. Dobbiamo prendere la parte del config, costruire un POST identico e mandarlo alla stampante

  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN "
  "http://www.w3.org/TR/html4/strict.dtd">
  <html>
  <head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  <meta name="Author" content="SEIKO EPSON">
  <meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0">
  <meta name="format-detection" content="telephone=no">
  <meta http-equiv="X-UA-Compatible" content="IE=edge">
  <title>TM-T20IV</title>
  <link rel="stylesheet" type="text/css" href="../COMMON/STYLE.CSS">
  </head>
  <body class="contents">
    <div class="wrap">
      <div class="header-main">Basic</div>
      <div class="section">
        <div class="warning">Confirm the following settings.</div>
        <dl class="values">
          <dt class="key"><span class="key">Device Name&nbsp;:</span></dt>
          <dd class="value clearfix"><div class="preserve-white-space">EPSON2E2893</div></dd>

          <dt class="key"><span class="key">Location&nbsp;:</span></dt>
          <dd class="value clearfix"><div class="preserve-white-space"></div></dd>

          <dt class="key"><span class="key">Obtain IP Address&nbsp;:</span></dt>
          <dd class="value clearfix"><div class="preserve-white-space">Manual</div></dd>

          <dt class="key"><span class="key">IP Address Printing&nbsp;:</span></dt>
          <dd class="value clearfix"><div class="preserve-white-space">Enable</div></dd>

          <dt class="key"><span class="key">IP Address&nbsp;:</span></dt>
          <dd class="value clearfix"><div class="preserve-white-space">192.168.160.123</div></dd>

          <dt class="key"><span class="key">Subnet Mask&nbsp;:</span></dt>
          <dd class="value clearfix"><div class="preserve-white-space">255.255.255.0</div></dd>

          <dt class="key"><span class="key">Default Gateway&nbsp;:</span></dt>
          <dd class="value clearfix"><div class="preserve-white-space">192.168.160.128</div></dd>

          <dt class="key"><span class="key">DNS Server Setting&nbsp;:</span></dt>
          <dd class="value clearfix"><div class="preserve-white-space">Manual</div></dd>

          <dt class="key"><span class="key">Primary DNS Server&nbsp;:</span></dt>
          <dd class="value clearfix"><div class="preserve-white-space">192.168.160.128</div></dd>

          <dt class="key"><span class="key">Secondary DNS Server&nbsp;:</span></dt>
          <dd class="value clearfix"><div class="preserve-white-space">192.168.160.128</div></dd>

          <dt class="key"><span class="key">DNS Host Name Setting&nbsp;:</span></dt>
          <dd class="value clearfix"><div class="preserve-white-space">Manual</div></dd>

          <dt class="key"><span class="key">DNS Domain Name Setting&nbsp;:</span></dt>
          <dd class="value clearfix"><div class="preserve-white-space">Auto</div></dd>

          <dt class="key"><span class="key">Register the network interface address to DNS&nbsp;:</span></dt>
          <dd class="value clearfix"><div class="preserve-white-space">Disable</div></dd>

          <dt class="key"><span class="key">Proxy Server Setting&nbsp;:</span></dt>
          <dd class="value clearfix"><div class="preserve-white-space">Do Not Use</div></dd>

          <dt class="key"><span class="key">IPv6 Setting&nbsp;:</span></dt>
          <dd class="value clearfix"><div class="preserve-white-space">Disable</div></dd>
        </dl>

        <form method="post" action="SET" id="confirm_form">
          <div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_PFNAME" value="EPSON2E2893"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_LOCATION" value=""></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_TCPIPMETHOD" value="MANUAL"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_IPPRINT" value="ENABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_BOOTPSETTING" value="DISABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_APIPASETTING" value="DISABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_IP" value="192.168.160.123"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_SUBNET" value="255.255.255.0"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_DEFAULTGW" value="192.168.160.128"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_DNSMETHOD" value="MANUAL"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_PDNS" value="192.168.160.128"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_SDNS" value="192.168.160.128"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_DNSHOSTNAMEMETHOD" value="MANUAL"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_DNSDOMAINNAMEMETHOD" value="AUTO"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_DNSDOMAINNAME" value="spintec.lan"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_REGISTERNWIFADDRESSTODNS" value="DISABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_PROXYMETHOD" value="DISABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_PROXYADDRESS" value=""></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_PROXYPORT" value="0"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_PROXYUSERNAME" value=""></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_PROXYPASSWORD" value=""></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_IPV6METHOD" value="DISABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_IPV6ANNONYMOUS" value="DISABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_IPV6DHCPMETHOD" value="NOT_USE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_IPV6ADDRESS" value=""></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_IPV6DEFAULTGW" value=""></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_IPV6PDNS" value=""></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_IPV6SDNS" value=""></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_IEEE802_11KV" value="DISABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_IEEE802_11R" value="DISABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUT_POWERSAVING_WIFI" value="POWERSAVING_WIFI_ON"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTD_WIRELESS_BAND" value="AUTO"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_SETUPTOKEN" value="Hrldomoyw29jnpn6u3DSjvW9t0d6eXK5"></div>
          </div>
        </form>

        <form action="TOP" method="post" id="back_form">
          <div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_PFNAME" value="EPSON2E2893"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_LOCATION" value=""></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_TCPIPMETHOD" value="MANUAL"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_IPPRINT" value="ENABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_BOOTPSETTING" value="DISABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_APIPASETTING" value="DISABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_IP" value="192.168.160.123"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_SUBNET" value="255.255.255.0"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_DEFAULTGW" value="192.168.160.128"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_DNSMETHOD" value="MANUAL"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_PDNS" value="192.168.160.128"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_SDNS" value="192.168.160.128"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_DNSHOSTNAMEMETHOD" value="MANUAL"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_DNSDOMAINNAMEMETHOD" value="AUTO"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_DNSDOMAINNAME" value="spintec.lan"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_REGISTERNWIFADDRESSTODNS" value="DISABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_PROXYMETHOD" value="DISABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_PROXYADDRESS" value=""></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_PROXYPORT" value="0"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_PROXYUSERNAME" value=""></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_PROXYPASSWORD" value=""></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_IPV6METHOD" value="DISABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_IPV6ANNONYMOUS" value="DISABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_IPV6DHCPMETHOD" value="NOT_USE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_IPV6ADDRESS" value=""></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_IPV6DEFAULTGW" value=""></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_IPV6PDNS" value=""></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_IPV6SDNS" value=""></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_IEEE802_11KV" value="DISABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTR_IEEE802_11R" value="DISABLE"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUT_POWERSAVING_WIFI" value="POWERSAVING_WIFI_ON"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTD_WIRELESS_BAND" value="AUTO"></div>
            <div class="hidden"><input class="hidden" type="hidden" name="INPUTT_SETUPTOKEN" value="Hrldomoyw29jnpn6u3DSjvW9t0d6eXK5"></div>
          </div>
        </form>

        <div class="warning">Communication will be shut down temporarily to enable the new settings.</div>
        <div class="warning">You cannot access the network immediately after the settings are changed.</div>
      </div>

      <div class="footer">
        <ul class="buttons">
          <li class="button">
            <button type="button" class="button" onclick="document.getElementById('confirm_form').submit(); return false;">OK</button>
          </li>
          <li class="button">
            <button type="button" class="button" onclick="document.getElementById('back_form').submit(); return false;">Back</button>
          </li>
        </ul>
      </div>
    </div>
  </body>
  </html>
EOF

  # extract only the <form id="confirm_form"> … </form> block into /tmp/curl_enpc
  perl -0777 -ne '
    if (/<form\b[^>]*\bid\s*=\s*(?:"confirm_form"|\x27confirm_form\x27)[^>]*>.*?<\/form>/is) {
      print $&;
    }
  ' /tmp/curl_enpc > /tmp/curl_enpc.form || true

  if [ -s /tmp/curl_enpc.form ]
  then
    mv /tmp/curl_enpc.form /tmp/curl_enpc
  else
    rm -f /tmp/curl_enpc.form
  fi

  declare -A FORM_INPUTS

  # extract input tags and parse name/value attributes (handles single or double quotes)
  while IFS= read -r tag; do
    name=$(printf '%s\n' "$tag" | sed -n 's/.*[Nn][Aa][Mm][Ee]=["'"'"']\([^"'"'"']*\)["'"'"'].*/\1/p')
    value=$(printf '%s\n' "$tag" | sed -n 's/.*[Vv][Aa][Ll][Uu][Ee]=["'"'"']\([^"'"'"']*\)["'"'"'].*/\1/p')
    if [ -n "$name" ]; then
      FORM_INPUTS["$name"]="$value"
    fi
  done < <(grep -oi '<input[^>]*>' /tmp/curl_enpc)

  # example: print all parsed name=value pairs (can be removed if not needed)
  #for k in "${!FORM_INPUTS[@]}"; do
  #  printf '%s=%s\n' "$k" "${FORM_INPUTS[$k]}"
  #done

  cat << EOF > /dev/null
  # Build POST data string

  curl 'https://192.168.160.124/PRESENTATION/ADVANCED/NW_BASIC/SET' \
    -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8' \
    -H 'Accept-Language: en-US,en;q=0.7' \
    -H 'Cache-Control: no-cache' \
    -H 'Connection: keep-alive' \
    -H 'Content-Type: application/x-www-form-urlencoded' \
    -b 'EPSON_COOKIE_SESSION=session&62c65524-8b4d-4c9c-93af-4605a6ba8981' \
    -H 'Origin: https://192.168.160.124' \
    -H 'Pragma: no-cache' \
    -H 'Referer: https://192.168.160.124/PRESENTATION/ADVANCED/NW_BASIC/CONFIRM' \
    -H 'Sec-Fetch-Dest: iframe' \
    -H 'Sec-Fetch-Mode: navigate' \
    -H 'Sec-Fetch-Site: same-origin' \
    -H 'Sec-Fetch-User: ?1' \
    -H 'Sec-GPC: 1' \
    -H 'Upgrade-Insecure-Requests: 1' \
    -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36' \
    -H 'sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Brave";v="134"' \
    -H 'sec-ch-ua-mobile: ?0' \
    -H 'sec-ch-ua-platform: "Linux"' \
    --data-raw 'INPUTT_PFNAME=EPSON2E2893&INPUTT_LOCATION=&INPUTR_TCPIPMETHOD=MANUAL&INPUTR_IPPRINT=ENABLE&INPUTR_BOOTPSETTING=DISABLE&INPUTT_APIPASETTING=DISABLE&INPUTT_IP=192.168.160.123&INPUTT_SUBNET=255.255.255.0&INPUTT_DEFAULTGW=192.168.160.128&INPUTR_DNSMETHOD=MANUAL&INPUTT_PDNS=192.168.160.128&INPUTT_SDNS=192.168.160.128&INPUTR_DNSHOSTNAMEMETHOD=MANUAL&INPUTR_DNSDOMAINNAMEMETHOD=AUTO&INPUTT_DNSDOMAINNAME=spintec.lan&INPUTR_REGISTERNWIFADDRESSTODNS=DISABLE&INPUTR_PROXYMETHOD=DISABLE&INPUTT_PROXYADDRESS=&INPUTT_PROXYPORT=0&INPUTR_PROXYUSERNAME=&INPUTR_PROXYPASSWORD=&INPUTR_IPV6METHOD=DISABLE&INPUTR_IPV6ANNONYMOUS=DISABLE&INPUTR_IPV6DHCPMETHOD=NOT_USE&INPUTT_IPV6ADDRESS=&INPUTT_IPV6DEFAULTGW=&INPUTT_IPV6PDNS=&INPUTT_IPV6SDNS=&INPUTR_IEEE802_11KV=DISABLE&INPUTR_IEEE802_11R=DISABLE&INPUT_POWERSAVING_WIFI=POWERSAVING_WIFI_ON&INPUTD_WIRELESS_BAND=AUTO&INPUTT_SETUPTOKEN=vM4OGCTreOf7tekq2LQlkWau6m0PrdB4' \
    --insecure

## novejsi verze Epsona
curl 'http://10.0.1.58:8888/PRESENTATION/ADVANCED/NW_BASIC/SET' \
  -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8' \
  -H 'Accept-Language: en-US,en;q=0.5' \
  -H 'Cache-Control: no-cache' \
  -H 'Connection: keep-alive' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -b 'EPSON_COOKIE_SESSION=session&e5bb53d9-c9f8-48ab-9722-d2ec2e1b1217' \
  -H 'Origin: http://10.0.1.58:8888' \
  -H 'Pragma: no-cache' \
  -H 'Referer: http://10.0.1.58:8888/PRESENTATION/ADVANCED/NW_BASIC/CONFIRM' \
  -H 'Sec-GPC: 1' \
  -H 'Upgrade-Insecure-Requests: 1' \
  -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36' \
  --data-raw 'INPUTT_PFNAME=EPSON2EF336&INPUTT_LOCATION=&INPUTR_TCPIPMETHOD=MANUAL&INPUTR_IPPRINT=ENABLE&INPUTR_BOOTPSETTING=DISABLE&INPUTT_APIPASETTING=DISABLE&INPUTT_IP=192.168.160.121&INPUTT_SUBNET=255.255.255.0&INPUTT_DEFAULTGW=192.168.160.128&INPUTR_DNSMETHOD=MANUAL&INPUTT_PDNS=192.168.160.128&INPUTT_SDNS=192.168.160.128&INPUTR_DNSHOSTNAMEMETHOD=MANUAL&INPUTR_DNSDOMAINNAMEMETHOD=AUTO&INPUTT_DNSDOMAINNAME=homenet.telecomitalia.it&INPUTR_REGISTERNWIFADDRESSTODNS=DISABLE&INPUTR_PROXYMETHOD=DISABLE&INPUTT_PROXYADDRESS=&INPUTT_PROXYPORT=0&INPUTR_PROXYUSERNAME=&INPUTR_PROXYPASSWORD=&INPUTR_IPV6METHOD=DISABLE&INPUTR_IPV6ANNONYMOUS=DISABLE&INPUTR_IPV6DHCPMETHOD=NOT_USE&INPUTT_IPV6ADDRESS=&INPUTT_IPV6DEFAULTGW=&INPUTT_IPV6PDNS=&INPUTT_IPV6SDNS=&INPUTR_IEEE802_11KV=DISABLE&INPUTR_IEEE802_11R=DISABLE&INPUT_POWERSAVING_WIFI=POWERSAVING_WIFI_ON&INPUTD_WIRELESS_BAND=AUTO&INPUTT_SETUPTOKEN=HeAGBplhXJKD02RzvSoNxGhPMY4nwcIo' \
  --insecure


starej    --data-raw 'INPUTT_PFNAME=EPSON2E2893&INPUTT_LOCATION=&INPUTR_TCPIPMETHOD=MANUAL&INPUTR_IPPRINT=ENABLE&INPUTR_BOOTPSETTING=DISABLE&INPUTT_APIPASETTING=DISABLE&INPUTT_IP=192.168.160.123&INPUTT_SUBNET=255.255.255.0&INPUTT_DEFAULTGW=192.168.160.128&INPUTR_DNSMETHOD=MANUAL&INPUTT_PDNS=192.168.160.128&INPUTT_SDNS=192.168.160.128&INPUTR_DNSHOSTNAMEMETHOD=MANUAL&INPUTR_DNSDOMAINNAMEMETHOD=AUTO&INPUTT_DNSDOMAINNAME=spintec.lan             &INPUTR_REGISTERNWIFADDRESSTODNS=DISABLE&INPUTR_PROXYMETHOD=DISABLE&INPUTT_PROXYADDRESS=&INPUTT_PROXYPORT=0&INPUTR_PROXYUSERNAME=&INPUTR_PROXYPASSWORD=&INPUTR_IPV6METHOD=DISABLE&INPUTR_IPV6ANNONYMOUS=DISABLE&INPUTR_IPV6DHCPMETHOD=NOT_USE&INPUTT_IPV6ADDRESS=&INPUTT_IPV6DEFAULTGW=&INPUTT_IPV6PDNS=&INPUTT_IPV6SDNS=&INPUTR_IEEE802_11KV=DISABLE&INPUTR_IEEE802_11R=DISABLE&INPUT_POWERSAVING_WIFI=POWERSAVING_WIFI_ON&INPUTD_WIRELESS_BAND=AUTO&INPUTT_SETUPTOKEN=vM4OGCTreOf7tekq2LQlkWau6m0PrdB4' \
novej     --data-raw 'INPUTT_PFNAME=EPSON2EF336&INPUTT_LOCATION=&INPUTR_TCPIPMETHOD=MANUAL&INPUTR_IPPRINT=ENABLE&INPUTR_BOOTPSETTING=DISABLE&INPUTT_APIPASETTING=DISABLE&INPUTT_IP=192.168.160.121&INPUTT_SUBNET=255.255.255.0&INPUTT_DEFAULTGW=192.168.160.128&INPUTR_DNSMETHOD=MANUAL&INPUTT_PDNS=192.168.160.128&INPUTT_SDNS=192.168.160.128&INPUTR_DNSHOSTNAMEMETHOD=MANUAL&INPUTR_DNSDOMAINNAMEMETHOD=AUTO&INPUTT_DNSDOMAINNAME=homenet.telecomitalia.it&INPUTR_REGISTERNWIFADDRESSTODNS=DISABLE&INPUTR_PROXYMETHOD=DISABLE&INPUTT_PROXYADDRESS=&INPUTT_PROXYPORT=0&INPUTR_PROXYUSERNAME=&INPUTR_PROXYPASSWORD=&INPUTR_IPV6METHOD=DISABLE&INPUTR_IPV6ANNONYMOUS=DISABLE&INPUTR_IPV6DHCPMETHOD=NOT_USE&INPUTT_IPV6ADDRESS=&INPUTT_IPV6DEFAULTGW=&INPUTT_IPV6PDNS=&INPUTT_IPV6SDNS=&INPUTR_IEEE802_11KV=DISABLE&INPUTR_IEEE802_11R=DISABLE&INPUT_POWERSAVING_WIFI=POWERSAVING_WIFI_ON&INPUTD_WIRELESS_BAND=AUTO&INPUTT_SETUPTOKEN=HeAGBplhXJKD02RzvSoNxGhPMY4nwcIo' \


EOF

  # build URL-encoded POST data from FORM_INPUTS associative array
  urlencode() {
    # fast pure-shell URL-encoder using od and printf (no python)
    local s="$1"
    local out=""
    local -a bytes
    local h c

    # ensure byte-wise processing
    LC_ALL=C

    # od -An -tx1 -v prints hex bytes; read them line by line into array
    while read -r -a bytes; do
      for h in "${bytes[@]}"; do
        # build the byte as \xHH and expand to the character
        printf -v c "%b" "\\x$h"
        case "$c" in
          [a-zA-Z0-9.~_-]) out+="$c" ;;
          ' ') out+='+' ;;
          *) out+=$(printf '%%%s' "$h") ;;
        esac
      done
    done < <(printf '%s' "$s" | od -An -tx1 -v)

    printf '%s' "$out"
  }

  POST_PAIRS=()
  for name in "${!FORM_INPUTS[@]}"; do
    value="${FORM_INPUTS[$name]}"
    en=$(urlencode "$name")
    ev=$(urlencode "$value")
    POST_PAIRS+=("${en}=${ev}")
  done

  POST_DATA=$(IFS='&'; echo "${POST_PAIRS[*]}")

  # POST_DATA now contains the urlencoded form body
  # send it to the printer using the saved cookie
#  echo "posting data to epson at $CURR_IP"
#  echo "POST_DATA: $POST_DATA"
  RESULT=`curl -k --connect-timeout 10 --max-time 15 "https://${CURR_IP}/PRESENTATION/ADVANCED/NW_BASIC/SET" \
    -b /tmp/epson.cookie \
    -H 'Content-Type: application/x-www-form-urlencoded' \
    -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8' \
    -H 'Accept-Language: en-US,en;q=0.7' \
    -H 'Cache-Control: no-cache' \
    -H 'Connection: keep-alive' \
    -H 'Origin: https://'${CURR_IP}'' \
    -H 'Pragma: no-cache' \
    -H 'Referer: https://'${CURR_IP}'/PRESENTATION/ADVANCED/NW_BASIC/CONFIRM' \
    -H 'Sec-GPC: 1' \
    -H 'Upgrade-Insecure-Requests: 1' \
    -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36' \
    --data-raw "$POST_DATA" -s -o /tmp/curl_enpc -w '%{http_code}'
  `
#    -H 'Sec-Fetch-Dest: iframe' \
#    -H 'Sec-Fetch-Mode: navigate' \
#    -H 'Sec-Fetch-Site: same-origin' \
#    -H 'Sec-Fetch-User: ?1' \
#    -H 'sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Brave";v="134"' \
#    -H 'sec-ch-ua-mobile: ?0' \
#    -H 'sec-ch-ua-platform: "Linux"' \
  STATUS=$?
  echo "post status $STATUS, result $RESULT"
  if [ $STATUS -ne 0 -o $RESULT -ne 200 ]
  then
    echo "failed to post new settings to epson printer"
    return 1
  fi
  cat /tmp/curl_enpc | grep -q "Setup complete"
  if [ $? -ne 0 ]
  then
    echo "unexpected response from printer after posting new settings"
    return 1
  fi
  return 0
}

epson4_set_secure_print_off() \
{

  cat << EOF > /dev/null

  # pagina di disabilitazione secure print

  curl 'https://10.0.1.34:8888/PRESENTATION/ADVANCED/PRINTER_PRINT_SECURE/TOP' \
  -b '/tmp/epson.cookie' \
  -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8' \
  -H 'Accept-Language: en-US,en;q=0.8' \
  -H 'Cache-Control: no-cache' \
  -H 'Connection: keep-alive' \
  -H 'Pragma: no-cache' \
  -H 'Referer: https://10.0.1.34:8888/PRESENTATION/ADVANCED/COMMON/TOP' \
  -H 'Sec-Fetch-Dest: iframe' \
  -H 'Sec-Fetch-Mode: navigate' \
  -H 'Sec-Fetch-Site: same-origin' \
  -H 'Sec-Fetch-User: ?1' \
  -H 'Sec-GPC: 1' \
  -H 'Upgrade-Insecure-Requests: 1' \
  -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36' \
  -H 'sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Brave";v="134"' \
  -H 'sec-ch-ua-mobile: ?0' \
  -H 'sec-ch-ua-platform: "Linux"' \
  --insecure

# risposta

  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN "
"http://www.w3.org/TR/html4/strict.dtd">
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
        <meta name="Author" content="SEIKO EPSON">
        <meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0">
        <meta name="format-detection" content="telephone=no">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <title>TM-T20IV</title>
        <link rel='stylesheet' type='text/css' href='../COMMON/STYLE.CSS'>
        <script type='text/javascript' src='SCRIPT.JS'></script>
    </head>
    <body class="contents">
        <div class="wrap">
            <div class="header-main">Secure Printing</div>
            <div class="section">
                <form action="SET" method="post" id="input_form">
                    <div class="hidden">
                        <input class="hidden" type="hidden" name="INPUTT_SETUPTOKEN" value="KKJxX8VQE6r1TemuYP36aAlPJO7iyHjw">
                    </div>
                    <dl class="values">
                        <dt class="key">
                            <span class="key">Secure Printing &nbsp;:</span>
                        </dt>
                        <dd class="value clearfix">
                            <ul class="radios">
                                <li class="radio">
                                    <label>
                                        <input class="radio" type="radio" name="INPUTR_NWFOLDERSEND" value="ENABLED" id="INPUTR_NWFOLDERSEND-ENABLED">&nbsp;Enable
                                    </label>
                                </li>
                                <li class="radio">
                                    <label>
                                        <input class="radio" type="radio" name="INPUTR_NWFOLDERSEND" value="DISABLED" checked id="INPUTR_NWFOLDERSEND-DISABLED">&nbsp;Disable
                                    </label>
                                </li>
                            </ul>
                        </dd>
                    </dl>
                    <div>
                        <input type="text" name="dummy" style="display:none">
                    </div>
                </form>
            </div>
            <div class="footer">
                <ul class="buttons">
                    <li class="button">
                        <button type="button" class="button" onclick="OnSetButton(); return false;">OK</button>
                    </li>
                </ul>
            </div>
        </div>
    </body>
</html>


# request POST data:
curl 'https://10.0.1.34:8888/PRESENTATION/ADVANCED/PRINTER_PRINT_SECURE/SET' \
  -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8' \
  -H 'Accept-Language: en-US,en;q=0.8' \
  -H 'Cache-Control: no-cache' \
  -H 'Connection: keep-alive' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -b 'EPSON_COOKIE_SESSION=session&35e43d40-3e7e-49e6-93fa-ed8c1ce0e6d8' \
  -H 'Origin: https://10.0.1.34:8888' \
  -H 'Pragma: no-cache' \
  -H 'Referer: https://10.0.1.34:8888/PRESENTATION/ADVANCED/PRINTER_PRINT_SECURE/TOP' \
  -H 'Sec-Fetch-Dest: iframe' \
  -H 'Sec-Fetch-Mode: navigate' \
  -H 'Sec-Fetch-Site: same-origin' \
  -H 'Sec-GPC: 1' \
  -H 'Upgrade-Insecure-Requests: 1' \
  -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36' \
  -H 'sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Brave";v="134"' \
  -H 'sec-ch-ua-mobile: ?0' \
  -H 'sec-ch-ua-platform: "Linux"' \
  --data-raw 'INPUTT_SETUPTOKEN=KKJxX8VQE6r1TemuYP36aAlPJO7iyHjw&INPUTR_NWFOLDERSEND=DISABLED&dummy=' \
  --insecure

EOF
  echo "disabling secure print on epson at $CURR_IP"
  RESULT=`curl -sk --connect-timeout 10 --max-time 15 "https://${CURR_IP}/PRESENTATION/ADVANCED/PRINTER_PRINT_SECURE/TOP" \
  -b /tmp/epson.cookie \
  -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8' \
  -H 'Accept-Language: en-US,en;q=0.8' \
  -H 'Cache-Control: no-cache' \
  -H 'Connection: keep-alive' \
  -H 'Pragma: no-cache' \
  -H 'Referer: https://${CURR_IP}/PRESENTATION/ADVANCED/COMMON/TOP' \
  -H 'Sec-Fetch-Dest: iframe' \
  -H 'Sec-Fetch-Mode: navigate' \
  -H 'Sec-Fetch-Site: same-origin' \
  -H 'Sec-Fetch-User: ?1' \
  -H 'Sec-GPC: 1' \
  -H 'Upgrade-Insecure-Requests: 1' \
  -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36' \
  -H 'sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Brave";v="134"' \
  -H 'sec-ch-ua-mobile: ?0' \
  -H 'sec-ch-ua-platform: "Linux"' \
  --insecure \
  -o /tmp/curl_enpc \
  -w '%{http_code}' \
    `
  STATUS=$?
  echo "get secure config page status $STATUS, result $RESULT"

  if [ $STATUS -ne 0 -o $RESULT -ne 200 -o ! -f /tmp/curl_enpc ]
  then
    echo "failed to get secure print page from epson printer"
    return 1
  fi

  cp /tmp/curl_enpc /tmp/curl_enpc.secure
  SECURE_TOKEN=`cat /tmp/curl_enpc | sed 's/>/>\n/g' | grep -oP 'name="INPUTT_SETUPTOKEN" value="\K[^"]+' | head -1`
#  SECURE_TOKEN=`grep -oi 'name=["'"'"']INPUTT_SETUPTOKEN["'"'"'] value=["'"'"'][^"'"'"']*["'"'"']' /tmp/curl_enpc | head -n1 | sed -n 's/.*value=["'"'"']\([^"'"'"']*\)["'"'"'].*/\1/p'`
  if [ -z "$SECURE_TOKEN" ]
  then
    echo "failed to extract secure print token from epson printer"
    cp /tmp/curl_enpc /tmp/curl_enpc.err
    return 1
  fi

# <input class="radio" type="radio" name="INPUTR_NWFOLDERSEND" value="DISABLED" checked id="INPUTR_NWFOLDERSEND-DISABLED">
  cat /tmp/curl_enpc | sed 's/>/>\n/g' | grep -q -oP 'name="INPUTR_NWFOLDERSEND".*DISABLED.*checked'
  if [ $? -eq 0 ]
  then
    echo "secure print is elready disabled"
    return 0
  fi
  echo "setting secure print OFF"
  RESULT=`curl -sk --connect-timeout 10 --max-time 15 "https://${CURR_IP}/PRESENTATION/ADVANCED/PRINTER_PRINT_SECURE/SET" \
    -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8' \
    -H 'Accept-Language: en-US,en;q=0.8' \
    -H 'Cache-Control: no-cache' \
    -H 'Connection: keep-alive' \
    -H 'Content-Type: application/x-www-form-urlencoded' \
    -b /tmp/epson.cookie \
    -H 'Origin: https://'${CURR_IP}'' \
    -H 'Pragma: no-cache' \
    -H 'Referer: https://'${CURR_IP}'/PRESENTATION/ADVANCED/PRINTER_PRINT_SECURE/TOP' \
    -H 'Sec-Fetch-Dest: iframe' \
    -H 'Sec-Fetch-Mode: navigate' \
    -H 'Sec-Fetch-Site: same-origin' \
    -H 'Sec-GPC: 1' \
    -H 'Upgrade-Insecure-Requests: 1' \
    -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.0.0 Safari/537.36' \
    -H 'sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Brave";v="134"' \
    -H 'sec-ch-ua-mobile: ?0' \
    -H 'sec-ch-ua-platform: "Linux"' \
    --data-raw 'INPUTT_SETUPTOKEN='"${SECURE_TOKEN}"'&INPUTR_NWFOLDERSEND=DISABLED&dummy=' \
    -o /tmp/curl_enpc \
    -w '%{http_code}' \
    --insecure \
  `
  STATUS=$?
  echo "set secure print status $STATUS, result $RESULT"
  if [ $STATUS -ne 0 -o $RESULT -ne 200 ]
  then
    echo "failed to set secure print off on epson printer"
    return 1
  fi
  cat /tmp/curl_enpc | grep -q "Setup complete"
  if [ $? -ne 0 ]
  then
    echo "unexpected response from printer after posting new settings"
    return 1
  fi
  return 2

}

epson_serie4() \
{
  epson4_get_cookie || return 1
  epson4_set_secure_print_off 
  if [ $? -eq 2 ]
  then
    echo "secure print was on, printer is rebooting, waiting for it to come back online"
    sleep 10
    TIME=`date +%s`
    OK=false
    while [ $(( $(date +%s) - TIME )) -lt 30 ]
    do
      sleep 1
      epson4_get_cookie && OK=true && break
    done
    if [ "$OK" = false ]
    then
      echo "printer did not come back online after reboot, giving up"
      return 1
    fi
  fi
  epson4_set_new_ip || return 1
  sleep 5
  return 0
}


# main

echo "trying epson serie 3"
epson_serie3
S=$?
echo "epson serie 3 returned $S"
if [ $S -ne 1 ]
then
  exit $S
fi

echo "trying epson serie 4"
epson_serie4
S=$?
if [ $S -ne 1 ]
then
  exit $S
fi

echo "failed to set new IP on epson printer"



exit 1

