diff --git a/api/clone_ticket.php b/api/clone_ticket.php
index ecb1969..4d900cd 100644
--- a/api/clone_ticket.php
+++ b/api/clone_ticket.php
@@ -54,12 +54,13 @@ try {
         exit;
     }
 
-    $sourceTicketId = (int)$data['ticket_id'];
-    if ($sourceTicketId <= 0) {
+    $sourceTicketIdRaw = trim((string)$data['ticket_id']);
+    if (!ctype_digit($sourceTicketIdRaw) || (int)$sourceTicketIdRaw <= 0) {
         http_response_code(400);
         echo json_encode(['success' => false, 'error' => 'Invalid ticket ID']);
         exit;
     }
+    $sourceTicketId = $sourceTicketIdRaw;
     $userId = $_SESSION['user']['user_id'];
     $isAdmin = $_SESSION['user']['is_admin'] ?? false;
 
@@ -102,14 +103,14 @@ try {
         $auditLog = new AuditLogModel($conn);
         $auditLog->log($userId, 'create', 'ticket', $result['ticket_id'], [
             'action' => 'clone',
-            'source_ticket_id' => $sourceTicketId,
+            'source_ticket_id' => $sourceTicket['ticket_id'],
             'title' => $clonedTicketData['title']
         ]);
 
         // Optionally create a "relates_to" dependency
         require_once dirname(__DIR__) . '/models/DependencyModel.php';
         $dependencyModel = new DependencyModel($conn);
-        $dependencyModel->addDependency($result['ticket_id'], $sourceTicketId, 'relates_to', $userId);
+        $dependencyModel->addDependency($result['ticket_id'], $sourceTicket['ticket_id'], 'relates_to', $userId);
 
         require_once dirname(__DIR__) . '/models/StatsModel.php';
         (new StatsModel($conn))->invalidateCache();