diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php
index 6ab40c3924c80..f901500cc6fc5 100644
--- a/htdocs/fourn/facture/card.php
+++ b/htdocs/fourn/facture/card.php
@@ -657,7 +657,7 @@
 				$_GET['socid'] = $_POST['socid'];
 				$error++;
 			}
-			if (!($_POST['fac_replacement'] > 0)) {
+			if (! (GETPOST('fac_replacement', 'int') > 0)) {
 				$error++;
 				setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("ReplaceInvoice")), null, 'errors');
 			}
@@ -870,7 +870,7 @@
 				if (!$error && $_POST['origin'] && $_POST['originid'])
 				{
 					// Parse element/subelement (ex: project_task)
-					$element = $subelement = GETPOST('origin');
+					$element = $subelement = GETPOST('origin', 'alpha');
 					/*if (preg_match('/^([^_]+)_([^_]+)/i',$_POST['origin'],$regs))
 					 {
 					$element = $regs[1];
@@ -894,8 +894,8 @@
 					{
 						$element = 'projet';
 					}
-					$object->origin    = GETPOST('origin');
-					$object->origin_id = GETPOST('originid');
+					$object->origin    = GETPOST('origin', 'alpha');
+					$object->origin_id = GETPOST('originid', 'int');
 
 
 					require_once DOL_DOCUMENT_ROOT.'/'.$element.'/class/'.$subelement.'.class.php';