fix(clients): match by email when client identifier is stale

DBs migrated from older versions where the same email lived in
multiple inbounds with different UUIDs/passwords/auths end up with one
merged ClientRecord but each inbound's settings.clients JSON still
carries its original protocol-specific identifier. Editing such a
client through /panel/api/clients/update/:email failed with
"empty client ID" because UpdateInboundClient couldn't locate the
entry by the ClientRecord's identifier.

When the primary lookup misses, fall back to resolving the
ClientRecord by the supplied identifier and matching the inbound
entry by email. The update then proceeds and the inbound JSON
converges to the merged identifier.

web/service/client.go

@@ -1615,6 +1615,30 @@ func (s *ClientService) UpdateInboundClient(inboundSvc *InboundService, data *mo
 		}
 	}
 
+	if clientIndex == -1 {
+		var rec model.ClientRecord
+		var lookupErr error
+		switch oldInbound.Protocol {
+		case "trojan":
+			lookupErr = database.GetDB().Where("password = ?", clientId).First(&rec).Error
+		case "shadowsocks":
+			lookupErr = database.GetDB().Where("email = ?", clientId).First(&rec).Error
+		case "hysteria", "hysteria2":
+			lookupErr = database.GetDB().Where("auth = ?", clientId).First(&rec).Error
+		default:
+			lookupErr = database.GetDB().Where("uuid = ?", clientId).First(&rec).Error
+		}
+		if lookupErr == nil && rec.Email != "" {
+			for index, oldClient := range oldClients {
+				if oldClient.Email == rec.Email {
+					oldEmail = oldClient.Email
+					clientIndex = index
+					break
+				}
+			}
+		}
+	}
+
 	if newClientId == "" || clientIndex == -1 {
 		return false, common.NewError("empty client ID")
 	}