From 192848b1f86948bb91b726875df8d346108903f5 Mon Sep 17 00:00:00 2001
From: David Goodwin <david@codepoets.co.uk>
Date: Mon, 1 Jan 2024 22:49:06 +0000
Subject: [PATCH] pass Login into TotpPf etc

---
 public/users/totp-exceptions.php | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/public/users/totp-exceptions.php b/public/users/totp-exceptions.php
index 92c3cf56..bebed10e 100644
--- a/public/users/totp-exceptions.php
+++ b/public/users/totp-exceptions.php
@@ -11,9 +11,9 @@
  * @version $Id$
  * @license GNU GPL v2 or later.
  *
- * File: totp-exceptions.php
- * Used by users to view and change their totp exception addresses.
- * Template File: totp-exception.tpl
+ * File: totp-exemptions.php
+ * Used by users to view and change their totp exemption addresses.
+ * Template File: totp-excemtion.tpl
  *
  *
  * Form POST \ GET Variables:
@@ -41,15 +41,15 @@ $username = authentication_get_username();
 
 if (authentication_has_role('global-admin')) {
     $login = new Login('admin');
-    $totppf = new TotpPf('admin');
+    $totppf = new TotpPf('admin', $login);
     $admin = 2;
 } elseif (authentication_has_role('admin')) {
     $login = new Login('admin');
-    $totppf = new TotpPf('admin');
+    $totppf = new TotpPf('admin', $login);
     $admin = 1;
 } else {
     $login = new Login('mailbox');
-    $totppf = new TotpPf('mailbox');
+    $totppf = new TotpPf('mailbox', $login);
     $admin = 0;
 }
 
@@ -85,8 +85,9 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
 
     if (isset($_POST['fId']) && $_POST['fId'] != '' && is_numeric($_POST['fId'])) {
         $fId = $_POST['fId'];
-        // No extra password check by design, user might be in a hurry
+
         $result = $totppf->deleteException($username, (int)$fId);
+
         if ($result) {
             flash_info($PALANG['pTotp_exceptions_revoked']);
         }