Email Sanitizer permits leading `$` which is not a valid selector

[jefhar]

We've run into an issue where an email with a leading $ cannot be used to fetch a user.

An email address containing a $ is technically legal. However, starting the email address with that character breaks ProcessWire, and the Sanitizer returns a string with a leading $.

use function ProcessWire\wire;

$email = '[email protected]';
$email = wire('sanitizer')->email($email); // "[email protected]"
wire('users')->get('email=' . $email);

>>  ProcessWire\WireException  Unrecognized operator: $.

Adding a $ to the middle of an email address does not break the selector.

use function ProcessWire\wire;

$email = '[email protected]';
$email = wire('sanitizer')->email($email); "[email protected]"
wire('users')->get('email=' . $email);

>> ProcessWire\NullPage

[ryancramerdesign]

@jefhar You'd want to put quotes around the email address, i.e.

$user = $users->get('email="' . $email . '"'); 

But if you don't want to have to consider it, then just always use the selectorValue sanitizer:

$user = $users->get('email=' . $sanitizer->selectorValue($email));