From 7436c4d3dcdf25e18dde187ee9f0694f30d78b0c Mon Sep 17 00:00:00 2001
From: Herman van Rink <rink@initfour.nl>
Date: Mon, 28 Mar 2022 20:00:18 +0200
Subject: [PATCH] Use email adres from the client table, +error handling

---
 interface/web/login/lib/lang/ar.lng |  1 +
 interface/web/login/lib/lang/bg.lng |  1 +
 interface/web/login/lib/lang/br.lng |  1 +
 interface/web/login/lib/lang/ca.lng |  1 +
 interface/web/login/lib/lang/cz.lng |  1 +
 interface/web/login/lib/lang/de.lng |  1 +
 interface/web/login/lib/lang/dk.lng |  1 +
 interface/web/login/lib/lang/el.lng |  1 +
 interface/web/login/lib/lang/en.lng |  1 +
 interface/web/login/lib/lang/es.lng |  1 +
 interface/web/login/lib/lang/fi.lng |  1 +
 interface/web/login/lib/lang/fr.lng |  1 +
 interface/web/login/lib/lang/hr.lng |  1 +
 interface/web/login/lib/lang/hu.lng |  1 +
 interface/web/login/lib/lang/id.lng |  1 +
 interface/web/login/lib/lang/it.lng |  1 +
 interface/web/login/lib/lang/ja.lng |  1 +
 interface/web/login/lib/lang/nl.lng |  1 +
 interface/web/login/lib/lang/pl.lng |  1 +
 interface/web/login/lib/lang/pt.lng |  1 +
 interface/web/login/lib/lang/ro.lng |  1 +
 interface/web/login/lib/lang/ru.lng |  1 +
 interface/web/login/lib/lang/se.lng |  1 +
 interface/web/login/lib/lang/sk.lng |  1 +
 interface/web/login/lib/lang/tr.lng |  1 +
 interface/web/login/otp.php         | 24 ++++++++++++++++--------
 26 files changed, 41 insertions(+), 8 deletions(-)

diff --git a/interface/web/login/lib/lang/ar.lng b/interface/web/login/lib/lang/ar.lng
index f7cb6ea03a..74e4c49ecd 100644
--- a/interface/web/login/lib/lang/ar.lng
+++ b/interface/web/login/lib/lang/ar.lng
@@ -46,4 +46,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/bg.lng b/interface/web/login/lib/lang/bg.lng
index 1d44e64d55..6d6f92c873 100644
--- a/interface/web/login/lib/lang/bg.lng
+++ b/interface/web/login/lib/lang/bg.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/br.lng b/interface/web/login/lib/lang/br.lng
index 4b2040fa21..e8df8f25dc 100644
--- a/interface/web/login/lib/lang/br.lng
+++ b/interface/web/login/lib/lang/br.lng
@@ -39,3 +39,4 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
diff --git a/interface/web/login/lib/lang/ca.lng b/interface/web/login/lib/lang/ca.lng
index eb8a189931..0895c1df49 100644
--- a/interface/web/login/lib/lang/ca.lng
+++ b/interface/web/login/lib/lang/ca.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/cz.lng b/interface/web/login/lib/lang/cz.lng
index dff3646bf6..8089dcc5fc 100644
--- a/interface/web/login/lib/lang/cz.lng
+++ b/interface/web/login/lib/lang/cz.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/de.lng b/interface/web/login/lib/lang/de.lng
index 08dedddcac..6c8472fe76 100644
--- a/interface/web/login/lib/lang/de.lng
+++ b/interface/web/login/lib/lang/de.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/dk.lng b/interface/web/login/lib/lang/dk.lng
index b039450cc5..b971e10bd6 100644
--- a/interface/web/login/lib/lang/dk.lng
+++ b/interface/web/login/lib/lang/dk.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/el.lng b/interface/web/login/lib/lang/el.lng
index ee415bac81..578b342c5e 100644
--- a/interface/web/login/lib/lang/el.lng
+++ b/interface/web/login/lib/lang/el.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/en.lng b/interface/web/login/lib/lang/en.lng
index d27b880fd9..405e320500 100644
--- a/interface/web/login/lib/lang/en.lng
+++ b/interface/web/login/lib/lang/en.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/es.lng b/interface/web/login/lib/lang/es.lng
index 641acc0917..a6da15296e 100644
--- a/interface/web/login/lib/lang/es.lng
+++ b/interface/web/login/lib/lang/es.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/fi.lng b/interface/web/login/lib/lang/fi.lng
index 939187f03e..496383401b 100644
--- a/interface/web/login/lib/lang/fi.lng
+++ b/interface/web/login/lib/lang/fi.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/fr.lng b/interface/web/login/lib/lang/fr.lng
index dad6c367c2..e8104aacaa 100644
--- a/interface/web/login/lib/lang/fr.lng
+++ b/interface/web/login/lib/lang/fr.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/hr.lng b/interface/web/login/lib/lang/hr.lng
index 7acfdda363..ae20203acd 100644
--- a/interface/web/login/lib/lang/hr.lng
+++ b/interface/web/login/lib/lang/hr.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/hu.lng b/interface/web/login/lib/lang/hu.lng
index 9f0ba953c7..f8ad853a48 100644
--- a/interface/web/login/lib/lang/hu.lng
+++ b/interface/web/login/lib/lang/hu.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/id.lng b/interface/web/login/lib/lang/id.lng
index 311ed123a7..fb0ba69e37 100644
--- a/interface/web/login/lib/lang/id.lng
+++ b/interface/web/login/lib/lang/id.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/it.lng b/interface/web/login/lib/lang/it.lng
index 2a1f2582b8..4ea0a12f4b 100644
--- a/interface/web/login/lib/lang/it.lng
+++ b/interface/web/login/lib/lang/it.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/ja.lng b/interface/web/login/lib/lang/ja.lng
index 4940d14b0a..8ec65a03e3 100644
--- a/interface/web/login/lib/lang/ja.lng
+++ b/interface/web/login/lib/lang/ja.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/nl.lng b/interface/web/login/lib/lang/nl.lng
index 3e328c06d6..2a3fc75eea 100644
--- a/interface/web/login/lib/lang/nl.lng
+++ b/interface/web/login/lib/lang/nl.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/pl.lng b/interface/web/login/lib/lang/pl.lng
index f4ca20cc25..2a037016f7 100644
--- a/interface/web/login/lib/lang/pl.lng
+++ b/interface/web/login/lib/lang/pl.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/pt.lng b/interface/web/login/lib/lang/pt.lng
index 491e8225d1..b7eb8a2663 100644
--- a/interface/web/login/lib/lang/pt.lng
+++ b/interface/web/login/lib/lang/pt.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/ro.lng b/interface/web/login/lib/lang/ro.lng
index 5f8532ea25..21ba4da975 100644
--- a/interface/web/login/lib/lang/ro.lng
+++ b/interface/web/login/lib/lang/ro.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/ru.lng b/interface/web/login/lib/lang/ru.lng
index d1629c9268..e79ac35f10 100644
--- a/interface/web/login/lib/lang/ru.lng
+++ b/interface/web/login/lib/lang/ru.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/se.lng b/interface/web/login/lib/lang/se.lng
index acad6e04b6..04d81344e2 100644
--- a/interface/web/login/lib/lang/se.lng
+++ b/interface/web/login/lib/lang/se.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/sk.lng b/interface/web/login/lib/lang/sk.lng
index 1190e99cf3..28033ff210 100644
--- a/interface/web/login/lib/lang/sk.lng
+++ b/interface/web/login/lib/lang/sk.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/lib/lang/tr.lng b/interface/web/login/lib/lang/tr.lng
index f764bdd449..47be8107b6 100644
--- a/interface/web/login/lib/lang/tr.lng
+++ b/interface/web/login/lib/lang/tr.lng
@@ -39,4 +39,5 @@ $wb['otp_code_email_sent_txt'] = 'An email was sent to';
 $wb['otp_code_email_subject_txt'] = 'ISPConfig Login authentication';
 $wb['otp_code_email_template_txt'] = 'Your One time login code is %s' . PHP_EOL . 'This code is valid for 10 minutes.' . PHP_EOL;
 $wb['otp_code_resend_txt'] = 'Request new code';
+$wb['otp_code_email_sent_failed_txt'] = 'Failed sending an email to %s';
 ?>
diff --git a/interface/web/login/otp.php b/interface/web/login/otp.php
index 543ded4a44..66381d2947 100644
--- a/interface/web/login/otp.php
+++ b/interface/web/login/otp.php
@@ -149,22 +149,30 @@ if($_SESSION['otp']['type'] == 'email') {
 			$mail_config['use_smtp'] = true;
 			$app->ispcmail->setOptions($mail_config);
 		}
-		$email_to = $_SESSION['otp']['data'];
+
+		$clientuser = $app->db->queryOneRecord('SELECT email FROM sys_user u LEFT JOIN client c ON (u.client_id=c.client_id) WHERE u.userid = ?', $_SESSION['s_pending']['user']['userid']);
+		$email_to = $clientuser['email'];
+
 		$app->ispcmail->setSender($mail_config['admin_mail'], $mail_config['admin_name']);
 		$app->ispcmail->setSubject($wb['otp_code_email_subject_txt']);
 		$app->ispcmail->setMailText(sprintf($wb['otp_code_email_template_txt'], $new_otp_code));
 		$send_result = $app->ispcmail->send($email_to);
 		$app->ispcmail->finish();
 
+		if ($send_result) {
 
-		// Increase sent counter.
-		if(!isset($_SESSION['otp']['sent'])) {
-			$_SESSION['otp']['sent'] = 1;
-		} else {
-			$_SESSION['otp']['sent']++;
-		}
-		$token_sent_message = $wb['otp_code_email_sent_txt'] . ' ' . $email_to;
+			// Increase sent counter.
+			if(!isset($_SESSION['otp']['sent'])) {
+				$_SESSION['otp']['sent'] = 1;
+			} else {
+				$_SESSION['otp']['sent']++;
+			}
 
+			$token_sent_message = $wb['otp_code_email_sent_txt'] . ' ' . $email_to;
+		}
+		else {
+			$token_sent_message = sprintf($wb['otp_code_email_sent_failed_txt'], $email_to);
+		}
 	}
 
 	// Show form to enter email code
-- 
GitLab