From da2f654cd93dc438293e2591e810f06ff329436b Mon Sep 17 00:00:00 2001
From: Matt Fletcher <github@ecartz.biz>
Date: Fri, 4 Dec 2020 12:28:35 +0000
Subject: [PATCH] Use email address class validation

Originally there was a validation function for email addresses.  The
customer data changes switched to a method on the cd_email class for
processing the email address input.  These two pages do not use the
customer data input or processing.  So they continued to use the old
way.

This will allow us to deprecate the functions/validations.php file.
---
 contact_us.php     | 8 ++++++--
 password_reset.php | 9 +++++----
 2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/contact_us.php b/contact_us.php
index 85e3d28ee..775eb1576 100644
--- a/contact_us.php
+++ b/contact_us.php
@@ -21,12 +21,16 @@
     $email_address = tep_db_prepare_input($_POST['email']);
     $enquiry = tep_db_prepare_input($_POST['enquiry']);
 
-    if (!tep_validate_email($email_address)) {
+    $email_class = $customer_data->has('email_address')
+                 ? get_class($customer_data->get_module('email_address'))
+                 : 'cd_email_address';
+
+    if (!$email_class::validate($email_address)) {
       tep_block_form_processing();
 
       $messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
     }
-    
+
     $OSCOM_Hooks->call('siteWide', 'injectFormVerify');
 
     $actionRecorder = new actionRecorder('ar_contact_us', ($_SESSION['customer_id'] ?? null), $name);
diff --git a/password_reset.php b/password_reset.php
index 709374cb2..33b1bb00b 100644
--- a/password_reset.php
+++ b/password_reset.php
@@ -27,7 +27,9 @@
     $email_address = tep_db_prepare_input($_GET['account']);
     $password_key = tep_db_prepare_input($_GET['key']);
 
-    if ( (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) || !tep_validate_email($email_address) ) {
+    $email_class = get_class($customer_data->get_module('email_address'));
+
+    if ( (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) || !$email_class::validate($email_address) ) {
       $error = true;
 
       $messageStack->add_session('password_forgotten', TEXT_NO_EMAIL_ADDRESS_FOUND);
@@ -61,7 +63,6 @@
 
   if (tep_validate_form_action_is('process')) {
     $customer_details = $customer_data->process($page_fields);
-    $OSCOM_Hooks->call('siteWide', 'injectFormVerify');
 
     if (tep_form_processing_is_valid()) {
       $customer_data->update(['password' => $customer_data->get('password', $customer_details)], ['id' => (int)$customer_data->get('id', $check_customer)]);
@@ -70,9 +71,9 @@
 
       $messageStack->add_session('login', SUCCESS_PASSWORD_RESET, 'success');
 
-      tep_redirect(tep_href_link('login.php', '', 'SSL'));
+      tep_redirect(tep_href_link('login.php'));
     }
   }
-  
+
   require $oscTemplate->map_to_template(__FILE__, 'page');
   require 'includes/application_bottom.php';