From d4a940b723ae6c3683d1cb8de70cca792790ae01 Mon Sep 17 00:00:00 2001
From: Michael Kaufmann <d00p@froxlor.org>
Date: Wed, 8 Nov 2023 11:50:33 +0100
Subject: [PATCH] fix 2fa code verification if method==email altogether

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
---
 index.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/index.php b/index.php
index 827bdbf98d..17554a95e8 100644
--- a/index.php
+++ b/index.php
@@ -327,11 +327,12 @@
 			if ($userinfo['type_2fa'] == 1) {
 				// generate code
 				$tfa = new FroxlorTwoFactorAuth('Froxlor ' . Settings::Get('system.hostname'));
-				$code = $tfa->getCode($tfa->createSecret());
+				$secret = $tfa->createSecret();
+				$code = $tfa->getCode($secret);
 				// set code for user
 				$stmt = Database::prepare("UPDATE $table SET `data_2fa` = :d2fa WHERE `$uid` = :uid");
 				Database::pexecute($stmt, [
-					"d2fa" => $code,
+					"d2fa" => $secret,
 					"uid" => $userinfo[$uid]
 				]);
 				// build up & send email