From 7bf8943b34fd6129263bd5c126d9f2c5cbc05223 Mon Sep 17 00:00:00 2001
From: phl0 <github@florian-wolters.de>
Date: Sun, 2 Nov 2025 17:24:19 +0100
Subject: [PATCH] Remove invalid LoTW credentials on failed login

---
 application/controllers/Lotw.php  |  9 +++++++--
 application/models/Lotw_model.php | 11 +++++++++++
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/application/controllers/Lotw.php b/application/controllers/Lotw.php
index c3a06e296..226cc38d3 100644
--- a/application/controllers/Lotw.php
+++ b/application/controllers/Lotw.php
@@ -748,13 +748,18 @@ class Lotw extends CI_Controller {
 					continue;
 				} else if(str_contains($content,"Username/password incorrect</I>")) {
 					$result = "LoTW download failed for user ".$user->user_lotw_name.": Username/password incorrect";
-					log_message('error', 'LoTW download failed for user '.$user->user_lotw_name.': Username/password incorrect');
+					log_message('error', 'LoTW download failed for user '.$user->user_name.': Username/password incorrect');
+					if ($this->Lotw_model->remove_lotw_credentials($user->user_id)) {
+						log_message('error', 'LoTW credentials deleted for user '.$user->user_name);
+					} else {
+						log_message('error', 'Deleting LoTW credentials for user '.$user->user_name.' failed');
+					}
 					continue;
 				}
 				file_put_contents($file, $content);
 				if (file_get_contents($file, false, null, 0, 39) != "ARRL Logbook of the World Status Report") {
 					$result = "Downloaded LoTW report for user ".$user->user_lotw_name." is invalid. Check your credentials.";
-					log_message('error', 'Downloaded LoTW report is invalid for user '.$user->user_lotw_name);
+					log_message('error', 'Downloaded LoTW report is invalid for user '.$user->user_name);
 					continue;
 				}
 
diff --git a/application/models/Lotw_model.php b/application/models/Lotw_model.php
index 388fa31aa..a72d34ebf 100644
--- a/application/models/Lotw_model.php
+++ b/application/models/Lotw_model.php
@@ -146,5 +146,16 @@ class Lotw_model extends CI_Model {
 		}
 	}
 
+	function remove_lotw_credentials($user_id = null) {
+		$sql = "UPDATE ".$this->config->item('auth_table')." SET user_lotw_name = '', user_lotw_password = '' WHERE user_id = ?;";
+		$query = $this->db->query($sql, array($user_id));
+		if ($this->db->affected_rows() > 0) {
+			return true;
+		} else {
+			return false;
+		}
+
+	}
+
 }
 ?>