From d9f067eabb17ba32f54c2293a65adb59404672da Mon Sep 17 00:00:00 2001
From: Gauthier PC portable 024 <gauthier.verdol@atm-consulting.fr>
Date: Mon, 24 Oct 2022 09:46:41 +0200
Subject: [PATCH] FIX : travis & stickler feedbacks

---
 htdocs/core/class/html.form.class.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php
index 564c917ef1a..5efbdeae8e1 100644
--- a/htdocs/core/class/html.form.class.php
+++ b/htdocs/core/class/html.form.class.php
@@ -2452,7 +2452,7 @@ class Form
 		$sql.= ' WHERE b.entity IN ('.getEntity('bom').')';
 		if (!empty($status)) $sql.= ' AND status = '. (int) $status;
 		if (!empty($type)) $sql.= ' AND bomtype = '. (int) $type;
-		if(! empty($TProducts)) $sql .= ' AND fk_product IN ('.implode(',', $TProducts).')';
+		if (!empty($TProducts)) $sql .= ' AND fk_product IN ('.$this->db->sanitize(implode(',', $TProducts)).')';
 		if (!empty($limit)) $sql.= ' LIMIT '. (int) $limit;
 		$resql = $db->query($sql);
 		if ($resql) {