diff --git a/htdocs/comm/action/index.php b/htdocs/comm/action/index.php
index 9442f14e5dba03a774b721a0cf0e01e59d9d31ae..e13a6af9fdf4e9c7ba60578c48b4bf794ff5fca7 100644
--- a/htdocs/comm/action/index.php
+++ b/htdocs/comm/action/index.php
@@ -35,10 +35,10 @@ if ($conf->projet->enabled) require_once(DOL_DOCUMENT_ROOT."/core/lib/project.li
 
 if (! isset($conf->global->AGENDA_MAX_EVENTS_DAY_VIEW)) $conf->global->AGENDA_MAX_EVENTS_DAY_VIEW=3;
 
-$filter=GETPOST("filter");
-$filtera = GETPOST("userasked","int")?GETPOST("userasked","int"):GETPOST("filtera","int");
-$filtert = GETPOST("usertodo","int")?GETPOST("usertodo","int"):GETPOST("filtert","int");
-$filterd = GETPOST("userdone","int")?GETPOST("userdone","int"):GETPOST("filterd","int");
+$filter=GETPOST("filter",'',3);
+$filtera = GETPOST("userasked","int",3)?GETPOST("userasked","int",3):GETPOST("filtera","int",3);
+$filtert = GETPOST("usertodo","int",3)?GETPOST("usertodo","int",3):GETPOST("filtert","int",3);
+$filterd = GETPOST("userdone","int",3)?GETPOST("userdone","int",3):GETPOST("filterd","int",3);
 $showbirthday = empty($conf->use_javascript_ajax)?GETPOST("showbirthday","int"):1;
 
 
@@ -72,8 +72,8 @@ $year=GETPOST("year","int")?GETPOST("year","int"):date("Y");
 $month=GETPOST("month","int")?GETPOST("month","int"):date("m");
 $week=GETPOST("week","int")?GETPOST("week","int"):date("W");
 $day=GETPOST("day","int")?GETPOST("day","int"):0;
-$actioncode=GETPOST("actioncode");
-$pid=GETPOST("projectid","int")?GETPOST("projectid","int"):0;
+$actioncode=GETPOST("actioncode","alpha",3);
+$pid=GETPOST("projectid","int",3);
 $status=GETPOST("status");
 $maxprint=(isset($_GET["maxprint"])?GETPOST("maxprint"):$conf->global->AGENDA_MAX_EVENTS_DAY_VIEW);
 
diff --git a/htdocs/comm/action/listactions.php b/htdocs/comm/action/listactions.php
index a60fbbe550a6a21981e70bcb01aeb38e15910715..76c3f79e62898dd96651336d068fd5ba86c85d3c 100644
--- a/htdocs/comm/action/listactions.php
+++ b/htdocs/comm/action/listactions.php
@@ -39,14 +39,14 @@ $action=GETPOST('action','alpha');
 $year=GETPOST("year",'int');
 $month=GETPOST("month",'int');
 $day=GETPOST("day",'int');
-$actioncode=GETPOST('actioncode');
-$pid=GETPOST("projectid",'int');
+$actioncode=GETPOST("actioncode","alpha",3);
+$pid=GETPOST("projectid",'int',3);
 $status=GETPOST("status",'alpha');
 
-$filter=GETPOST("filter");
-$filtera = GETPOST("userasked","int")?GETPOST("userasked","int"):GETPOST("filtera","int");
-$filtert = GETPOST("usertodo","int")?GETPOST("usertodo","int"):GETPOST("filtert","int");
-$filterd = GETPOST("userdone","int")?GETPOST("userdone","int"):GETPOST("filterd","int");
+$filter=GETPOST("filter",'',3);
+$filtera = GETPOST("userasked","int",3)?GETPOST("userasked","int",3):GETPOST("filtera","int",3);
+$filtert = GETPOST("usertodo","int",3)?GETPOST("usertodo","int",3):GETPOST("filtert","int",3);
+$filterd = GETPOST("userdone","int",3)?GETPOST("userdone","int",3):GETPOST("filterd","int",3);
 $showbirthday = empty($conf->use_javascript_ajax)?GETPOST("showbirthday","int"):1;
 
 $sortfield = GETPOST("sortfield",'alpha');