diff --git a/htdocs/fichinter/card.php b/htdocs/fichinter/card.php
index c096a889ab4..5e360739ea4 100644
--- a/htdocs/fichinter/card.php
+++ b/htdocs/fichinter/card.php
@@ -818,10 +818,7 @@ llxHeader('', $langs->trans("Intervention"));
if ($action == 'create')
{
- /*
- * Mode creation
- * Creation d'une nouvelle fiche d'intervention
- */
+ // Create new intervention
$soc = new Societe($db);
@@ -831,11 +828,12 @@ if ($action == 'create')
if ($socid) $res = $soc->fetch($socid);
- if (GETPOST('origin') && GETPOST('originid'))
+ if (GETPOST('origin', 'alphanohtml') && GETPOST('originid', 'int'))
{
// Parse element/subelement (ex: project_task)
- $element = $subelement = GETPOST('origin');
- if (preg_match('/^([^_]+)_([^_]+)/i', GETPOST('origin'), $regs))
+ $regs = array();
+ $element = $subelement = GETPOST('origin', 'alphanohtml');
+ if (preg_match('/^([^_]+)_([^_]+)/i', GETPOST('origin', 'alphanohtml'), $regs))
{
$element = $regs[1];
$subelement = $regs[2];
@@ -843,7 +841,7 @@ if ($action == 'create')
if ($element == 'project')
{
- $projectid = GETPOST('originid');
+ $projectid = GETPOST('originid', 'int');
}
else
{
@@ -941,7 +939,7 @@ if ($action == 'create')
$numprojet = $formproject->select_projects($soc->id, $projectid, 'projectid');
if ($numprojet == 0)
{
- print ' '.$langs->trans("AddProject").'';
+ print ' ';
}
print '';
}
@@ -954,7 +952,7 @@ if ($action == 'create')
$numcontrat = $formcontract->select_contract($soc->id, GETPOST('contratid', 'int'), 'contratid', 0, 1);
if ($numcontrat == 0)
{
- print ' '.$langs->trans("AddContract").'';
+ print ' ';
}
print '';
}