diff --git a/htdocs/takepos/invoice.php b/htdocs/takepos/invoice.php
index 2f45d24c401..1dfdce43af4 100644
--- a/htdocs/takepos/invoice.php
+++ b/htdocs/takepos/invoice.php
@@ -94,8 +94,8 @@ function fail($message)
 $number = GETPOST('number', 'alpha');
 $idline = GETPOST('idline', 'int');
 $selectedline = GETPOST('selectedline', 'int');
-$desc = GETPOST('desc', 'alpha');
-$pay = GETPOST('pay', 'alpha');
+$desc = GETPOST('desc', 'alphanohtml');
+$pay = GETPOST('pay', 'aZ09');
 $amountofpayment = price2num(GETPOST('amount', 'alpha'));
 
 $invoiceid = GETPOST('invoiceid', 'int');