diff --git a/ChangeLog b/ChangeLog
index a80ed5fa46f..b870df3e802 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -34,7 +34,7 @@ Following changes may create regressions for some external modules, but were nec
 * Method dolEscapeXML was moved from functions.lib.php into function2.lib.php (not used enough to be loaded by default).
 * Removed deprecated use of string in dol_print_date(). Only date allowed.
 * Deprecated property ->fk_departement is now ->state_id everywhere.
-
+* Removed the method 4 of GETPOST (to get $_COOKIE). It was not used and not recommanded to use in Dolibarr.
 
 
 ***** ChangeLog for 9.0.2 compared to 9.0.1 *****
diff --git a/htdocs/commande/stats/index.php b/htdocs/commande/stats/index.php
index 066f3e76070..3a40f6b1863 100644
--- a/htdocs/commande/stats/index.php
+++ b/htdocs/commande/stats/index.php
@@ -282,7 +282,7 @@ if ($mode == 'customer')
         Commande::STATUS_CLOSED=>$langs->trans("StatusOrderDelivered"),
         Commande::STATUS_CANCELED=>$langs->trans("StatusOrderCanceled")
     );
-    print $form->selectarray('object_status', $liststatus, GETPOST('object_status'), -4);
+    print $form->selectarray('object_status', $liststatus, GETPOST('object_status', 'int'), -4);
 }
 if ($mode == 'supplier')
 {
diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index ded966c6729..942f9f7ecfe 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -226,7 +226,7 @@ function GETPOSTISSET($paramname)
  *                               'san_alpha'=Use filter_var with FILTER_SANITIZE_STRING (do not use this for free text string)
  *                               'nohtml', 'alphanohtml'=check there is no html content
  *                               'custom'= custom filter specify $filter and $options)
- *  @param	int		$method	     Type of method (0 = get then post, 1 = only get, 2 = only post, 3 = post then get, 4 = post then get then cookie)
+ *  @param	int		$method	     Type of method (0 = get then post, 1 = only get, 2 = only post, 3 = post then get)
  *  @param  int     $filter      Filter to apply when $check is set to 'custom'. (See http://php.net/manual/en/filter.filters.php for détails)
  *  @param  mixed   $options     Options to pass to filter_var when $check is set to 'custom'
  *  @param	string	$noreplace	 Force disable of replacement of __xxx__ strings.
@@ -248,7 +248,6 @@ function GETPOST($paramname, $check = 'none', $method = 0, $filter = null, $opti
 	elseif ($method==1) $out = isset($_GET[$paramname])?$_GET[$paramname]:'';
 	elseif ($method==2) $out = isset($_POST[$paramname])?$_POST[$paramname]:'';
 	elseif ($method==3) $out = isset($_POST[$paramname])?$_POST[$paramname]:(isset($_GET[$paramname])?$_GET[$paramname]:'');
-	elseif ($method==4) $out = isset($_POST[$paramname])?$_POST[$paramname]:(isset($_GET[$paramname])?$_GET[$paramname]:(isset($_COOKIE[$paramname])?$_COOKIE[$paramname]:''));
 	else return 'BadThirdParameterForGETPOST';
 
 	if (empty($method) || $method == 3 || $method == 4)
diff --git a/htdocs/expensereport/stats/index.php b/htdocs/expensereport/stats/index.php
index 8980238c07b..2be1409bd45 100644
--- a/htdocs/expensereport/stats/index.php
+++ b/htdocs/expensereport/stats/index.php
@@ -234,7 +234,7 @@ print '</td></tr>';
 // Status
 print '<tr><td class="left">'.$langs->trans("Status").'</td><td class="left">';
 $liststatus=$tmpexpensereport->statuts;
-print $form->selectarray('object_status', $liststatus, GETPOST('object_status'), -4, 0, 0, '', 1);
+print $form->selectarray('object_status', $liststatus, GETPOST('object_status', 'int'), -4, 0, 0, '', 1);
 print '</td></tr>';
 // Year
 print '<tr><td>'.$langs->trans("Year").'</td><td>';
diff --git a/htdocs/opensurvey/results.php b/htdocs/opensurvey/results.php
index fb673bb4b98..eb731557c6a 100644
--- a/htdocs/opensurvey/results.php
+++ b/htdocs/opensurvey/results.php
@@ -80,7 +80,7 @@ if (GETPOST("boutonp") || GETPOST("boutonp.x") || GETPOST("boutonp_x"))		// bout
 			}
 		}
 
-		$nom=substr(GETPOST("nom"), 0, 64);
+		$nom=substr(GETPOST("nom", 'nohtml'), 0, 64);
 
 		// Check if vote already exists
 		$sql = 'SELECT id_users, nom as name';
diff --git a/htdocs/ticket/stats/index.php b/htdocs/ticket/stats/index.php
index 5eb206057c3..15f3a3cb897 100644
--- a/htdocs/ticket/stats/index.php
+++ b/htdocs/ticket/stats/index.php
@@ -251,7 +251,7 @@ $liststatus=array(
         Ticket::STATUS_CLOSED=>$langs->trans("StatusClosed"),
         Ticket::STATUS_WAITING=>$langs->trans("StatusWaiting")
     );
-print $form->selectarray('object_status', $liststatus, GETPOST('object_status'), -4);
+print $form->selectarray('object_status', $liststatus, GETPOST('object_status', 'int'), -4);
 print '</td></tr>';
 // Year
 print '<tr><td class="left">'.$langs->trans("Year").'</td><td class="left">';