From 84afd61eba8290a3adf778b06248b7b92dd87efe Mon Sep 17 00:00:00 2001
From: VESSILLER <lvessiller@open-dsi.fr>
Date: Thu, 16 Mar 2023 11:21:56 +0100
Subject: [PATCH 1/2] FIX missing protection on ajax public ticket page for
 valid email

---
 htdocs/public/ticket/ajax/ajax.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/public/ticket/ajax/ajax.php b/htdocs/public/ticket/ajax/ajax.php
index e125b0122e7..79c4b5bf530 100644
--- a/htdocs/public/ticket/ajax/ajax.php
+++ b/htdocs/public/ticket/ajax/ajax.php
@@ -55,7 +55,7 @@ include_once '../../../main.inc.php'; // Load $user and permissions
 
 $action = GETPOST('action', 'aZ09');
 $id = GETPOST('id', 'int');
-$email = GETPOST('email', 'alphanohtml');
+$email = GETPOST('email', 'custom', 0, 'FILTER_VALIDATE_EMAIL');
 
 
 if (!isModEnabled('ticket')) {

From bb7b69ef43673ed403436eac05e0bc31d5033ff7 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis.houssin@inodbox.com>
Date: Fri, 17 Mar 2023 06:43:15 +0100
Subject: [PATCH 2/2] FIX FILTER_VALIDATE_EMAIL param is not a string

---
 htdocs/public/ticket/ajax/ajax.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/public/ticket/ajax/ajax.php b/htdocs/public/ticket/ajax/ajax.php
index 79c4b5bf530..9092bf37b77 100644
--- a/htdocs/public/ticket/ajax/ajax.php
+++ b/htdocs/public/ticket/ajax/ajax.php
@@ -55,7 +55,7 @@ include_once '../../../main.inc.php'; // Load $user and permissions
 
 $action = GETPOST('action', 'aZ09');
 $id = GETPOST('id', 'int');
-$email = GETPOST('email', 'custom', 0, 'FILTER_VALIDATE_EMAIL');
+$email = GETPOST('email', 'custom', 0, FILTER_VALIDATE_EMAIL);
 
 
 if (!isModEnabled('ticket')) {