From cb11b6c4a781651a81230a4e12b41bd3ec1dd7c5 Mon Sep 17 00:00:00 2001
From: NextGestion <contact@nextgestion.com>
Date: Sat, 6 May 2023 09:59:46 +0100
Subject: [PATCH] Avoid the msg "Found non quoted or not casted var into sql
 request"

---
 htdocs/core/boxes/box_project.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/core/boxes/box_project.php b/htdocs/core/boxes/box_project.php
index a6b0c74e97a..c88752ca3a8 100644
--- a/htdocs/core/boxes/box_project.php
+++ b/htdocs/core/boxes/box_project.php
@@ -106,7 +106,7 @@ class box_project extends ModeleBoxes
 			$sql .= " FROM ".MAIN_DB_PREFIX."projet as p";
 			$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on p.fk_soc = s.rowid";
 			$sql .= " WHERE p.entity IN (".getEntity('project').")"; // Only current entity or severals if permission ok
-			$sql .= " AND p.fk_statut = ".$projectstatic::STATUS_VALIDATED; // Only open projects
+			$sql .= " AND p.fk_statut = ".(int) $projectstatic::STATUS_VALIDATED; // Only open projects
 			if (empty($user->rights->projet->all->lire)) {
 				$sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; // public and assigned to, or restricted to company for external users
 			}