diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php index c29743b60c4..0d7869d12db 100644 --- a/htdocs/adherents/card.php +++ b/htdocs/adherents/card.php @@ -951,14 +951,14 @@ else // Address print ''.$langs->trans("Address").''; - print ''; + print ''; print ''; // Zip / Town print ''.$langs->trans("Zip").' / '.$langs->trans("Town").''; - print $formcompany->select_ziptown((GETPOST('zipcode','alpha')?GETPOST('zipcode','alpha'):$object->zip),'zipcode',array('town','selectcountry_id','state_id'),6); + print $formcompany->select_ziptown((GETPOST('zipcode','alphanohtml')?GETPOST('zipcode','alphanohtml'):$object->zip),'zipcode',array('town','selectcountry_id','state_id'),6); print ' '; - print $formcompany->select_ziptown((GETPOST('town','alpha')?GETPOST('town','alpha'):$object->town),'town',array('zipcode','selectcountry_id','state_id')); + print $formcompany->select_ziptown((GETPOST('town','alphanohtml')?GETPOST('town','alphanohtml'):$object->town),'town',array('zipcode','selectcountry_id','state_id')); print ''; // Country diff --git a/htdocs/adherents/type.php b/htdocs/adherents/type.php index 56363599c10..81375220a85 100644 --- a/htdocs/adherents/type.php +++ b/htdocs/adherents/type.php @@ -42,7 +42,7 @@ $backtopage = GETPOST('backtopage','alpha'); $search_lastname = GETPOST('search_lastname','alpha'); $search_login = GETPOST('search_login','alpha'); $search_email = GETPOST('search_email','alpha'); -$type = GETPOST('type','alpha'); +$type = GETPOST('type','intcomma'); $status = GETPOST('status','alpha'); $limit = GETPOST('limit','int')?GETPOST('limit','int'):$conf->liste_limit; @@ -59,8 +59,8 @@ if (! $sortfield) { $sortfield="d.lastname"; } $label=GETPOST("label","alpha"); $subscription=GETPOST("subscription","int"); $vote=GETPOST("vote","int"); -$comment=GETPOST("comment"); -$mail_valid=GETPOST("mail_valid"); +$comment=GETPOST("comment",'alphanohtml'); +$mail_valid=GETPOST("mail_valid",'none'); // Security check $result=restrictedArea($user,'adherent',$rowid,'adherent_type');