diff --git a/src/apps/notify.php b/src/apps/notify.php
index 3c455443..f0c5716f 100644
--- a/src/apps/notify.php
+++ b/src/apps/notify.php
@@ -11,7 +11,7 @@
 require_once(dirname(__FILE__)."/../system/common.inc.php");
 
 $dopost = isset($dopost)? $dopost : '';
-$buyid = isset($out_trade_no)? $out_trade_no : '';
+$buyid = isset($out_trade_no)? HtmlReplace($out_trade_no, 1) : '';
 
 if ($dopost === 'alipay') {
     $moRow = $dsql->GetOne("SELECT * FROM `#@__member_operation` WHERE buyid='$buyid'");
diff --git a/src/apps/return.php b/src/apps/return.php
index 1787f00f..de521df0 100644
--- a/src/apps/return.php
+++ b/src/apps/return.php
@@ -11,7 +11,7 @@
 require_once(dirname(__FILE__)."/../system/common.inc.php");
 
 $dopost = isset($dopost)? $dopost : '';
-$buyid = isset($out_trade_no)? $out_trade_no : '';
+$buyid = isset($out_trade_no)? HtmlReplace($out_trade_no, 1) : '';
 
 if ($dopost === 'alipay') {
     $moRow = $dsql->GetOne("SELECT * FROM `#@__member_operation` WHERE buyid='$buyid'");