diff --git a/include/benutzer.class.php b/include/benutzer.class.php
index 87afb5f96..54101ff24 100644
--- a/include/benutzer.class.php
+++ b/include/benutzer.class.php
@@ -288,7 +288,7 @@ class benutzer extends person
 		
 		foreach($searchItems as $value)
 		{
-			$qry.=" OR lower(uid) = lower('".addslashes($value)."')"; 
+			$qry.=" OR lower(uid) = lower(".$this->db_add_param($value).")"; 
 		}
 		$qry.=")) a ORDER BY nachname, vorname";
 		
diff --git a/include/firma.class.php b/include/firma.class.php
index e0ce59d40..7e7c41825 100644
--- a/include/firma.class.php
+++ b/include/firma.class.php
@@ -796,7 +796,7 @@ class firma extends basis_db
 				'updateamum= now(), '.
 		     	'updatevon='.$this->db_add_param($this->updatevon).', '.
 		     	'ext_id='.$this->db_add_param($this->ext_id).' '.
-				'WHERE firma_organisationseinheit_id='.$this->db_add_param($this->firma_organisationseinheit_id).';';
+				'WHERE firma_organisationseinheit_id='.$this->db_add_param($this->firma_organisationseinheit_id, FHC_INTEGER).';';
 		}
 		if($this->db_query($qry))
 		{