diff --git a/src/messenger/webim/libs/chat.php b/src/messenger/webim/libs/chat.php
index b11be855..b4361c53 100644
--- a/src/messenger/webim/libs/chat.php
+++ b/src/messenger/webim/libs/chat.php
@@ -597,9 +597,9 @@ function create_thread($groupid, $username, $remoteHost, $referer, $lang, $useri
 	global $mysqlprefix;
 	$query = sprintf(
 		"insert into ${mysqlprefix}chatthread (userName,userid,ltoken,remote,referer,lrevision,locale,userAgent,dtmcreated,dtmmodified,istate" . ($groupid ? ",groupid" : "") . ") values " .
-		"('%s',%s,%s,'%s','%s',%s,'%s','%s',CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,%s" . ($groupid ? "," . intval($groupid) : "") . ")",
+		"('%s','%s',%s,'%s','%s',%s,'%s','%s',CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,%s" . ($groupid ? "," . intval($groupid) : "") . ")",
 		mysql_real_escape_string($username, $link),
-		intval($userid),
+		mysql_real_escape_string($userid, $link),
 		intval(next_token()),
 		mysql_real_escape_string($remoteHost, $link),
 		mysql_real_escape_string($referer, $link),
diff --git a/src/messenger/webim/operator/userhistory.php b/src/messenger/webim/operator/userhistory.php
index 27c2fe05..d85a86bf 100644
--- a/src/messenger/webim/operator/userhistory.php
+++ b/src/messenger/webim/operator/userhistory.php
@@ -44,7 +44,7 @@ function threads_by_userid($userid)
 	$query = sprintf("select unix_timestamp(dtmcreated) as created, unix_timestamp(dtmmodified) as modified, " .
 					 " threadid, remote, agentName, userName " .
 					 "from ${mysqlprefix}chatthread " .
-					 "where userid=%s order by created DESC", intval($userid));
+					 "where userid='%s' order by created DESC", mysql_real_escape_string($userid, $link));
 
 	$result = mysql_query($query, $link) or die(' Query failed: ' . mysql_error($link));