From 9e6bb6f784c69749ce56f378c6f86a87c077f917 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Tue, 2 Jun 2020 20:19:45 +0200
Subject: [PATCH] Sanitize params

---
 htdocs/commande/card.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php
index 21f558219eb..795602cd95d 100644
--- a/htdocs/commande/card.php
+++ b/htdocs/commande/card.php
@@ -1160,7 +1160,7 @@ if (empty($reshook))
 
 	elseif ($action == 'confirm_validate' && $confirm == 'yes' && $usercanvalidate)
 	{
-		$idwarehouse = GETPOST('idwarehouse');
+		$idwarehouse = GETPOST('idwarehouse', 'int');
 
 		$qualified_for_stock_change = 0;
 		if (empty($conf->global->STOCK_SUPPORTS_SERVICES))
@@ -1269,7 +1269,7 @@ if (empty($reshook))
 
 	elseif ($action == 'confirm_cancel' && $confirm == 'yes' && $usercanvalidate)
 	{
-		$idwarehouse = GETPOST('idwarehouse');
+		$idwarehouse = GETPOST('idwarehouse', 'int');
 
 		$qualified_for_stock_change = 0;
 		if (empty($conf->global->STOCK_SUPPORTS_SERVICES))