diff --git a/poverty-mapping/src/api/auth/mail_helper.php b/poverty-mapping/src/api/auth/mail_helper.php index 3e9372f..57c5beb 100644 --- a/poverty-mapping/src/api/auth/mail_helper.php +++ b/poverty-mapping/src/api/auth/mail_helper.php @@ -34,12 +34,21 @@ function send_mail_phpmailer($to, $subject, $body, $isHtml = false){ if($smtpHost){ $mail->isSMTP(); - $mail->Host = $smtpHost; + $mail->Host = gethostbyname($smtpHost); // Force IPv4 $mail->SMTPAuth = true; $mail->Username = $smtpUser; $mail->Password = $smtpPass; $mail->Port = intval($smtpPort); + // Bypass SSL verification issues with IP hostname in Docker + $mail->SMTPOptions = array( + 'ssl' => array( + 'verify_peer' => false, + 'verify_peer_name' => false, + 'allow_self_signed' => true + ) + ); + if(strtolower($smtpEnc) === 'ssl'){ $mail->SMTPSecure = PHPMailer::ENCRYPTION_SMTPS; } elseif(strtolower($smtpEnc) === 'tls'){ diff --git a/poverty-mapping/src/api/auth/send_verification_code.php b/poverty-mapping/src/api/auth/send_verification_code.php index 3f9780d..f58b404 100644 --- a/poverty-mapping/src/api/auth/send_verification_code.php +++ b/poverty-mapping/src/api/auth/send_verification_code.php @@ -92,18 +92,21 @@ try{ // Update/Insert attempts on database if($row){ - $newAttempts = ($row['locked_until'] && $nowTime >= strtotime($row['locked_until'])) ? 1 : ($row['attempts'] + 1); - $newLockedUntil = ($newAttempts >= 3) ? date('Y-m-d H:i:s', $nowTime + 24 * 3600) : null; + $newAttempts = $row['attempts']; + if($mailSuccess){ + $newAttempts = ($row['locked_until'] && $nowTime >= strtotime($row['locked_until'])) ? 1 : ($row['attempts'] + 1); + } + $newLockedUntil = ($newAttempts >= 3) ? date('Y-m-d H:i:s', $nowTime + 24 * 3600) : $row['locked_until']; $up = $conn->prepare("UPDATE verification_attempts SET attempts = ?, last_attempt_at = ?, locked_until = ?, code_hash = ?, expires_at = ? WHERE email = ?"); $up->bind_param('isssss', $newAttempts, $nowStr, $newLockedUntil, $codeHash, $expiresAt, $email); $up->execute(); $up->close(); } else { - $one = 1; + $attemptsVal = $mailSuccess ? 1 : 0; $nullVal = null; $ins = $conn->prepare("INSERT INTO verification_attempts (email, attempts, last_attempt_at, locked_until, code_hash, expires_at) VALUES (?, ?, ?, ?, ?, ?)"); - $ins->bind_param('sissss', $email, $one, $nowStr, $nullVal, $codeHash, $expiresAt); + $ins->bind_param('sissss', $email, $attemptsVal, $nowStr, $nullVal, $codeHash, $expiresAt); $ins->execute(); $ins->close(); }