diff --git a/htdocs/accountancy/admin/card.php b/htdocs/accountancy/admin/card.php
index 6a92a3f6080..b64bf291955 100644
--- a/htdocs/accountancy/admin/card.php
+++ b/htdocs/accountancy/admin/card.php
@@ -73,25 +73,28 @@ if ($action == 'add' && $user->rights->accounting->chartofaccount)
 		// To manage zero or not at the end of the accounting account
 		if($conf->global->ACCOUNTING_MANAGE_ZERO == 1)
 		{
-			$account_number = GETPOST('account_number');
+			$account_number = GETPOST('account_number','int');
 		}
 		else
 		{
-			$account_number = clean_account(GETPOST('account_number'));
+			$account_number = clean_account(GETPOST('account_number','int'));
 		}
 
-		if (GETPOST('account_parent') <= 0) {
+		if (GETPOST('account_parent','int') <= 0)
+		{
 			$account_parent = 0;
-		} else {
+		}
+		else
+		{
 			$account_parent = GETPOST('account_parent','int');
 		}
 
 		$object->fk_pcg_version = $obj->pcg_version;
-		$object->pcg_type = GETPOST('pcg_type');
-		$object->pcg_subtype = GETPOST('pcg_subtype');
+		$object->pcg_type = GETPOST('pcg_type','alpha');
+		$object->pcg_subtype = GETPOST('pcg_subtype','alpha');
 		$object->account_number = $account_number;
 		$object->account_parent = $account_parent;
-		$object->account_category = GETPOST('account_category');
+		$object->account_category = GETPOST('account_category','alpha');
 		$object->label = GETPOST('label', 'alpha');
 		$object->active = 1;
 
@@ -135,25 +138,28 @@ if ($action == 'add' && $user->rights->accounting->chartofaccount)
 		// To manage zero or not at the end of the accounting account
 		if($conf->global->ACCOUNTING_MANAGE_ZERO == 1)
 		{
-			$account_number = GETPOST('account_number');
+			$account_number = GETPOST('account_number','int');
 		}
 		else
 		{
-			$account_number = clean_account(GETPOST('account_number'));
+			$account_number = clean_account(GETPOST('account_number','int'));
 		}
 
-		if (GETPOST('account_parent') <= 0) {
+		if (GETPOST('account_parent','int') <= 0)
+		{
 			$account_parent = 0;
-		} else {
+		}
+		else
+		{
 			$account_parent = GETPOST('account_parent','int');
 		}
 
 		$object->fk_pcg_version = $obj->pcg_version;
-		$object->pcg_type = GETPOST('pcg_type');
-		$object->pcg_subtype = GETPOST('pcg_subtype');
+		$object->pcg_type = GETPOST('pcg_type','alpha');
+		$object->pcg_subtype = GETPOST('pcg_subtype','alpha');
 		$object->account_number = $account_number;
 		$object->account_parent = $account_parent;
-		$object->account_category = GETPOST('account_category');
+		$object->account_category = GETPOST('account_category','alpha');
 		$object->label = GETPOST('label', 'alpha');
 
 		$result = $object->update($user);
diff --git a/htdocs/accountancy/admin/categories_list.php b/htdocs/accountancy/admin/categories_list.php
index 900205b7588..14a6b56512d 100644
--- a/htdocs/accountancy/admin/categories_list.php
+++ b/htdocs/accountancy/admin/categories_list.php
@@ -51,8 +51,8 @@ $acts[1] = "disable";
 $actl[0] = img_picto($langs->trans("Disabled"),'switch_off');
 $actl[1] = img_picto($langs->trans("Activated"),'switch_on');
 
-$listoffset=GETPOST('listoffset');
-$listlimit=GETPOST('listlimit')>0?GETPOST('listlimit'):1000;
+$listoffset=GETPOST('listoffset','alpha');
+$listlimit=GETPOST('listlimit','int')>0?GETPOST('listlimit','int'):1000;
 $active = 1;
 
 $sortfield = GETPOST("sortfield",'aZ09comma');
@@ -134,13 +134,13 @@ $sourceList=array();
  * Actions
  */
 
-if (GETPOST('button_removefilter') || GETPOST('button_removefilter.x') || GETPOST('button_removefilter_x'))
+if (GETPOST('button_removefilter','alpha') || GETPOST('button_removefilter.x','alpha') || GETPOST('button_removefilter_x','alpha'))
 {
     $search_country_id = '';
 }
 
 // Actions add or modify an entry into a dictionary
-if (GETPOST('actionadd') || GETPOST('actionmodify'))
+if (GETPOST('actionadd','alpha') || GETPOST('actionmodify','alpha'))
 {
     $listfield=explode(',', str_replace(' ', '',$tabfield[$id]));
     $listfieldinsert=explode(',',$tabfieldinsert[$id]);
@@ -250,7 +250,7 @@ if (GETPOST('actionadd') || GETPOST('actionmodify'))
     }
 
     // Si verif ok et action modify, on modifie la ligne
-    if ($ok && GETPOST('actionmodify'))
+    if ($ok && GETPOST('actionmodify','alpha'))
     {
         if ($tabrowid[$id]) { $rowidcol=$tabrowid[$id]; }
         else { $rowidcol="rowid"; }
@@ -291,7 +291,7 @@ if (GETPOST('actionadd') || GETPOST('actionmodify'))
     //$_GET["id"]=GETPOST('id', 'int');       // Force affichage dictionnaire en cours d'edition
 }
 
-if (GETPOST('actioncancel'))
+if (GETPOST('actioncancel','alpha'))
 {
     //$_GET["id"]=GETPOST('id', 'int');       // Force affichage dictionnaire en cours d'edition
 }
@@ -513,7 +513,7 @@ if ($id)
 
         $obj = new stdClass();
         // If data was already input, we define them in obj to populate input fields.
-        if (GETPOST('actionadd'))
+        if (GETPOST('actionadd','alpha'))
         {
             foreach ($fieldlist as $key=>$val)
             {