diff --git a/app/Http/Controllers/CompanyGatewayController.php b/app/Http/Controllers/CompanyGatewayController.php
index a1781a0dac44..9ceef3e4fb13 100644
--- a/app/Http/Controllers/CompanyGatewayController.php
+++ b/app/Http/Controllers/CompanyGatewayController.php
@@ -501,16 +501,14 @@ class CompanyGatewayController extends BaseController
     {
         $action = $request->input('action');
 
-        $ids = $request->input('ids');
-
         $company_gateways = CompanyGateway::withTrashed()
-                                          ->whereIn('id',$this->transformKeys($ids))
+                                          ->whereIn('id', $request->ids)
                                           ->company()
                                           ->cursor()
                                           ->each(function ($company_gateway, $key) use ($action) {
                                                     $this->company_repo->{$action}($company_gateway);
                                             });
 
-        return $this->listResponse(CompanyGateway::withTrashed()->company()->whereIn('id', $this->transformKeys($ids)));
+        return $this->listResponse(CompanyGateway::withTrashed()->company()->whereIn('id', $request->ids));
     }
 }
diff --git a/app/Http/Controllers/CreditController.php b/app/Http/Controllers/CreditController.php
index 7aa784594503..5a297a0174c7 100644
--- a/app/Http/Controllers/CreditController.php
+++ b/app/Http/Controllers/CreditController.php
@@ -503,7 +503,10 @@ class CreditController extends BaseController
         if(Ninja::isHosted() && (stripos($action, 'email') !== false) && !auth()->user()->company()->account->account_sms_verified)
             return response(['message' => 'Please verify your account to send emails.'], 400);
 
-        $credits = Credit::withTrashed()->whereIn('id', $this->transformKeys($ids))->company()->get();
+        $credits = Credit::withTrashed()
+                         ->whereIn('id', $request->ids)
+                         ->company()
+                         ->get();
 
         if (! $credits) {
             return response()->json(['message' => ctrans('texts.no_credits_found')]);
@@ -547,7 +550,7 @@ class CreditController extends BaseController
             }
         });
 
-        return $this->listResponse(Credit::withTrashed()->company()->whereIn('id', $this->transformKeys($ids)));
+        return $this->listResponse(Credit::withTrashed()->company()->whereIn('id', $request->ids));
     }
 
     public function action(ActionCreditRequest $request, Credit $credit, $action)
diff --git a/app/Http/Requests/CompanyGateway/BulkCompanyGatewayRequest.php b/app/Http/Requests/CompanyGateway/BulkCompanyGatewayRequest.php
index cdfed1325c0a..f22eeaa8ce82 100644
--- a/app/Http/Requests/CompanyGateway/BulkCompanyGatewayRequest.php
+++ b/app/Http/Requests/CompanyGateway/BulkCompanyGatewayRequest.php
@@ -12,14 +12,12 @@
 namespace App\Http\Requests\CompanyGateway;
 
 use App\Http\Requests\Request;
-use App\Http\ValidationRules\ValidCompanyGatewayFeesAndLimitsRule;
-use App\Models\Gateway;
-use App\Utils\Traits\CompanyGatewayFeesAndLimitsSaver;
+use App\Utils\Traits\MakesHash;
 use Illuminate\Validation\Rule;
 
 class BulkCompanyGatewayRequest extends Request
-
 {
+    use MakesHash;
 
     /**
      * Determine if the user is authorized to make this request.
@@ -35,11 +33,22 @@ class BulkCompanyGatewayRequest extends Request
     {
 
         return [
-            'ids' => 'required|bail|array',
+            'ids' => ['required','bail','array',Rule::exists('company_gateways','id')->where('company_id', auth()->user()->company()->id)],
             'action' => 'required|bail|in:archive,restore,delete'
         ];
 
     }
 
+    public function prepareForValidation()
+    {
+        $input = $this->all();
+
+        if(isset($input['ids']))
+            $input['ids'] = $this->transformKeys($input['ids']);
+
+        $this->replace($input);
+    }
+
+
 
 }
diff --git a/app/Http/Requests/Credit/BulkCreditRequest.php b/app/Http/Requests/Credit/BulkCreditRequest.php
index ee74d180d471..b1f07dbb256f 100644
--- a/app/Http/Requests/Credit/BulkCreditRequest.php
+++ b/app/Http/Requests/Credit/BulkCreditRequest.php
@@ -11,10 +11,13 @@
 
 namespace App\Http\Requests\Credit;
 
+use App\Utils\Traits\MakesHash;
 use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Validation\Rule;
 
 class BulkCreditRequest extends FormRequest
 {
+    use MakesHash;
     /**
      * Determine if the user is authorized to make this request.
      *
@@ -33,8 +36,19 @@ class BulkCreditRequest extends FormRequest
     public function rules()
     {
         return [
-                'ids' => 'required|bail|array',
-                'action' => 'required|bail|in:archive,restore,delete,email,bulk_download,bulk_print,mark_paid,clone_to_credit,history,mark_sent,download,send_email'
-            ];
+            'ids' => ['required','bail','array',Rule::exists('credits','id')->where('company_id', auth()->user()->company()->id)],
+            'action' => 'required|bail|in:archive,restore,delete,email,bulk_download,bulk_print,mark_paid,clone_to_credit,history,mark_sent,download,send_email'
+        ];
     }
+
+    public function prepareForValidation()
+    {
+        $input = $this->all();
+
+        if(isset($input['ids']))
+            $input['ids'] = $this->transformKeys($input['ids']);
+
+        $this->replace($input);
+    }
+
 }