From 24048564098d6d12a603187ccac099f75c33cba4 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Thu, 24 Sep 2020 15:38:27 +0200
Subject: [PATCH] Fix sql inj

---
 htdocs/compta/localtax/list.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/compta/localtax/list.php b/htdocs/compta/localtax/list.php
index 2015e16da93..2702a962281 100644
--- a/htdocs/compta/localtax/list.php
+++ b/htdocs/compta/localtax/list.php
@@ -31,7 +31,7 @@ $langs->load("compta");
 $socid = GETPOST('socid', 'int');
 if ($user->socid) $socid = $user->socid;
 $result = restrictedArea($user, 'tax', '', '', 'charges');
-$ltt = GETPOST("localTaxType");
+$ltt = GETPOST("localTaxType", 'int');
 
 
 /*
@@ -50,7 +50,7 @@ print load_fiche_titre($langs->transcountry($ltt == 2 ? "LT2Payments" : "LT1Paym
 
 $sql = "SELECT rowid, amount, label, f.datev, f.datep";
 $sql .= " FROM ".MAIN_DB_PREFIX."localtax as f ";
-$sql .= " WHERE f.entity = ".$conf->entity." AND localtaxtype=".$db->escape($ltt);
+$sql .= " WHERE f.entity = ".$conf->entity." AND localtaxtype = ".$db->escape($ltt);
 $sql .= " ORDER BY datev DESC";
 
 $result = $db->query($sql);