diff --git a/htdocs/debugbar/class/TraceableDB.php b/htdocs/debugbar/class/TraceableDB.php
index 8b94959a43c..77c20325a9d 100644
--- a/htdocs/debugbar/class/TraceableDB.php
+++ b/htdocs/debugbar/class/TraceableDB.php
@@ -46,7 +46,7 @@ class TraceableDB extends DoliDB
 	public function __construct($db)
 	{
 		$this->db      = $db;
-		$this->type    = $db->type;
+		$this->type    = $this->db->type;
 		$this->queries = array();
 	}
 
diff --git a/htdocs/don/admin/donation.php b/htdocs/don/admin/donation.php
index bf78a051d83..f686309f63c 100644
--- a/htdocs/don/admin/donation.php
+++ b/htdocs/don/admin/donation.php
@@ -196,7 +196,7 @@ $type = 'donation';
 $def = array();
 $sql = "SELECT nom";
 $sql .= " FROM ".MAIN_DB_PREFIX."document_model";
-$sql .= " WHERE type = '".$type."'";
+$sql .= " WHERE type = '".$db->escape($type)."'";
 $resql = $db->query($sql);
 if ($resql)
 {
diff --git a/htdocs/ecm/class/ecmfiles.class.php b/htdocs/ecm/class/ecmfiles.class.php
index bb800b81fc2..c3cb0e5462b 100644
--- a/htdocs/ecm/class/ecmfiles.class.php
+++ b/htdocs/ecm/class/ecmfiles.class.php
@@ -242,7 +242,7 @@ class EcmFiles extends CommonObject
 		$sql .= 'src_object_type,';
 		$sql .= 'src_object_id';
 		$sql .= ') VALUES (';
-		$sql .= " '".$ref."', ";
+		$sql .= " '".$this->db->escape($ref)."', ";
 		$sql .= ' '.(!isset($this->label) ? 'NULL' : "'".$this->db->escape($this->label)."'").',';
 		$sql .= ' '.(!isset($this->share) ? 'NULL' : "'".$this->db->escape($this->share)."'").',';
 		$sql .= ' '.$this->entity.',';
diff --git a/htdocs/expedition/class/expedition.class.php b/htdocs/expedition/class/expedition.class.php
index 8db2eac723e..9b6a07a5435 100644
--- a/htdocs/expedition/class/expedition.class.php
+++ b/htdocs/expedition/class/expedition.class.php
@@ -702,7 +702,7 @@ class Expedition extends CommonObject
 
 		// Validate
 		$sql = "UPDATE ".MAIN_DB_PREFIX."expedition SET";
-		$sql .= " ref='".$numref."'";
+		$sql .= " ref='".$this->db->escape($numref)."'";
 		$sql .= ", fk_statut = 1";
 		$sql .= ", date_valid = '".$this->db->idate($now)."'";
 		$sql .= ", fk_user_valid = ".$user->id;
diff --git a/htdocs/expensereport/class/expensereport.class.php b/htdocs/expensereport/class/expensereport.class.php
index 8770a0ab1a2..610e749da16 100644
--- a/htdocs/expensereport/class/expensereport.class.php
+++ b/htdocs/expensereport/class/expensereport.class.php
@@ -461,7 +461,7 @@ class ExpenseReport extends CommonObject
 		$sql .= " , date_fin = '".$this->db->idate($this->date_fin)."'";
 		if ($userofexpensereport && is_object($userofexpensereport))
 		{
-			$sql .= " , fk_user_author = ".($userofexpensereport->id > 0 ? "'".$userofexpensereport->id."'" : "null"); // Note fk_user_author is not the 'author' but the guy the expense report is for.
+			$sql .= " , fk_user_author = ".($userofexpensereport->id > 0 ? $userofexpensereport->id : "null"); // Note fk_user_author is not the 'author' but the guy the expense report is for.
 		}
 		$sql .= " , fk_user_validator = ".($this->fk_user_validator > 0 ? $this->fk_user_validator : "null");
 		$sql .= " , fk_user_valid = ".($this->fk_user_valid > 0 ? $this->fk_user_valid : "null");
@@ -845,24 +845,24 @@ class ExpenseReport extends CommonObject
 			$sql .= " WHERE de.fk_projet = ".$projectid;
 
 			dol_syslog(get_class($this)."::fetch sql=".$sql, LOG_DEBUG);
-			$result = $db->query($sql);
+			$result = $this->db->query($sql);
 			if ($result)
 			{
-				$num = $db->num_rows($result);
+				$num = $this->db->num_rows($result);
 				$i = 0;
 				$total_HT = 0;
 				$total_TTC = 0;
 
 				while ($i < $num)
 				{
-					$objp = $db->fetch_object($result);
+					$objp = $this->db->fetch_object($result);
 
 					$sql2 = "SELECT d.rowid, d.fk_user_author, d.ref, d.fk_statut";
 					$sql2 .= " FROM ".MAIN_DB_PREFIX."expensereport as d";
-					$sql2 .= " WHERE d.rowid = '".$objp->fk_expensereport."'";
+					$sql2 .= " WHERE d.rowid = ".((int) $objp->fk_expensereport);
 
-					$result2 = $db->query($sql2);
-					$obj = $db->fetch_object($result2);
+					$result2 = $this->db->query($sql2);
+					$obj = $this->db->fetch_object($result2);
 
 					$objp->fk_user_author = $obj->fk_user_author;
 					$objp->ref = $obj->ref;
@@ -871,7 +871,7 @@ class ExpenseReport extends CommonObject
 
 					$total_HT = $total_HT + $objp->total_ht;
 					$total_TTC = $total_TTC + $objp->total_ttc;
-					$author = new User($db);
+					$author = new User($this->db);
 					$author->fetch($objp->fk_user_author);
 
 					print '<tr>';
@@ -920,7 +920,7 @@ class ExpenseReport extends CommonObject
 				print '<td>&nbsp;</td>';
 				print '</tr>';
 			} else {
-				$this->error = $db->lasterror();
+				$this->error = $this->db->lasterror();
 				return -1;
 			}
 		}
@@ -1130,7 +1130,7 @@ class ExpenseReport extends CommonObject
 
 		// Validate
 		$sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element;
-		$sql .= " SET ref = '".$num."',";
+		$sql .= " SET ref = '".$this->db->escape($num)."',";
 		$sql .= " fk_statut = ".self::STATUS_VALIDATED.",";
 		$sql .= " date_valid='".$this->db->idate($this->date_valid)."',";
 		$sql .= " fk_user_valid = ".$user->id;
@@ -2354,7 +2354,7 @@ class ExpenseReport extends CommonObject
 
 		$type = 'expense_report';
 
-		$sql = " SELECT COUNT(ab.rowid) as nb FROM ".MAIN_DB_PREFIX."accounting_bookkeeping as ab WHERE ab.doc_type='".$type."' AND ab.fk_doc = ".$this->id;
+		$sql = " SELECT COUNT(ab.rowid) as nb FROM ".MAIN_DB_PREFIX."accounting_bookkeeping as ab WHERE ab.doc_type='".$this->db->escape($type)."' AND ab.fk_doc = ".$this->id;
 		$resql = $this->db->query($sql);
 		if ($resql)
 		{
@@ -2740,7 +2740,7 @@ function select_expensereport_statut($selected = '', $htmlname = 'fk_statut', $u
 {
 	global $db, $langs;
 
-	$tmpep = new ExpenseReport($db);
+	$tmpep = new ExpenseReport($this->db);
 
 	print '<select class="flat" name="'.$htmlname.'">';
 	if ($useempty) print '<option value="-1">&nbsp;</option>';
@@ -2787,15 +2787,15 @@ function select_type_fees_id($selected = '', $htmlname = 'type', $showempty = 0,
 	$sql = "SELECT c.id, c.code, c.label as type FROM ".MAIN_DB_PREFIX."c_type_fees as c";
 	if ($active >= 0) $sql .= " WHERE c.active = ".$active;
 	$sql .= " ORDER BY c.label ASC";
-	$resql = $db->query($sql);
+	$resql = $this->db->query($sql);
 	if ($resql)
 	{
-		$num = $db->num_rows($resql);
+		$num = $this->db->num_rows($resql);
 		$i = 0;
 
 		while ($i < $num)
 		{
-			$obj = $db->fetch_object($resql);
+			$obj = $this->db->fetch_object($resql);
 			$out .= '<option value="'.$obj->id.'"';
 			if ($obj->code == $selected || $obj->id == $selected) $out .= ' selected';
 			$out .= '>';
diff --git a/htdocs/expensereport/class/expensereportstats.class.php b/htdocs/expensereport/class/expensereportstats.class.php
index f400d5e4277..174c2be4ccf 100644
--- a/htdocs/expensereport/class/expensereportstats.class.php
+++ b/htdocs/expensereport/class/expensereportstats.class.php
@@ -136,7 +136,7 @@ class ExpenseReportStats extends Stats
 	{
 		$sql = "SELECT date_format(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).",'%m') as dm, sum(".$this->field.")";
 		$sql .= " FROM ".$this->from;
-		$sql .= " WHERE date_format(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).",'%Y') = '".$year."'";
+		$sql .= " WHERE date_format(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).",'%Y') = '".$this->db->escape($year)."'";
 		$sql .= " AND ".$this->where;
 		$sql .= " GROUP BY dm";
 		$sql .= $this->db->order('dm', 'DESC');
@@ -156,7 +156,7 @@ class ExpenseReportStats extends Stats
 	{
 		$sql = "SELECT date_format(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).",'%m') as dm, avg(".$this->field.")";
 		$sql .= " FROM ".$this->from;
-		$sql .= " WHERE date_format(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).",'%Y') = '".$year."'";
+		$sql .= " WHERE date_format(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).",'%Y') = '".$this->db->escape($year)."'";
 		$sql .= " AND ".$this->where;
 		$sql .= " GROUP BY dm";
         $sql .= $this->db->order('dm', 'DESC');
diff --git a/htdocs/exports/class/export.class.php b/htdocs/exports/class/export.class.php
index e04b8f20dfb..4d4b3626f75 100644
--- a/htdocs/exports/class/export.class.php
+++ b/htdocs/exports/class/export.class.php
@@ -338,7 +338,7 @@ class Export
 				}
 				break;
 			default:
-			    dol_syslog("Error we try to forge an sql export request with a condition on a field with type '".$InfoFieldList[0]."' (defined into module descriptor) but this type is unknown/not supported. It looks like a bug into module descriptor.", LOG_ERR);
+			    dol_syslog("Error we try to forge an sql export request with a condition on a field with type ".$InfoFieldList[0]." (defined into module descriptor) but this type is unknown/not supported. It looks like a bug into module descriptor.", LOG_ERR);
 		}
 
 		return $szFilterQuery;
@@ -705,10 +705,10 @@ class Export
 		$sql .= 'filter';
 		$sql .= ') VALUES (';
 		$sql .= "'".$this->db->escape($this->model_name)."',";
-		$sql .= "'".$this->db->escape($this->datatoexport)."',";
-		$sql .= "'".$this->db->escape($this->hexa)."',";
-		$sql .= "'".$user->id."',";
-		$sql .= "'".$this->db->escape($this->hexafiltervalue)."'";
+		$sql .= " '".$this->db->escape($this->datatoexport)."',";
+		$sql .= " '".$this->db->escape($this->hexa)."',";
+		$sql .= ' '.($user->id > 0 ? $user->id : 'null').",";
+		$sql .= " '".$this->db->escape($this->hexafiltervalue)."'";
 		$sql .= ")";
 
 		dol_syslog(get_class($this)."::create", LOG_DEBUG);
diff --git a/htdocs/exports/export.php b/htdocs/exports/export.php
index 51e4b1cbb4c..0401fc7004f 100644
--- a/htdocs/exports/export.php
+++ b/htdocs/exports/export.php
@@ -1060,7 +1060,7 @@ if ($step == 4 && $datatoexport)
         // List of existing export profils
     	$sql = "SELECT rowid, label";
 		$sql .= " FROM ".MAIN_DB_PREFIX."export_model";
-		$sql .= " WHERE type = '".$datatoexport."'";
+		$sql .= " WHERE type = '".$db->escape($datatoexport)."'";
 		if (empty($conf->global->EXPORTS_SHARE_MODELS))$sql .= " AND fk_user=".$user->id;
 		$sql .= " ORDER BY rowid";
 		$resql = $db->query($sql);
diff --git a/htdocs/fichinter/class/fichinter.class.php b/htdocs/fichinter/class/fichinter.class.php
index bca82177381..f0cfeed3cca 100644
--- a/htdocs/fichinter/class/fichinter.class.php
+++ b/htdocs/fichinter/class/fichinter.class.php
@@ -1132,7 +1132,7 @@ class Fichinter extends CommonObject
 		if ($user->rights->ficheinter->creer)
 		{
 			$sql = "UPDATE ".MAIN_DB_PREFIX."fichinter ";
-			$sql .= " SET fk_contrat = '".$contractid."'";
+			$sql .= " SET fk_contrat = ".((int) $contractid);
 			$sql .= " WHERE rowid = ".$this->id;
 
 			if ($this->db->query($sql))
diff --git a/htdocs/fichinter/class/fichinterrec.class.php b/htdocs/fichinter/class/fichinterrec.class.php
index 51bc9e53ff2..bf3b8d43f9d 100644
--- a/htdocs/fichinter/class/fichinterrec.class.php
+++ b/htdocs/fichinter/class/fichinterrec.class.php
@@ -168,7 +168,7 @@ class FichinterRec extends Fichinter
 			$sql .= ", ".(!empty($this->description) ? ("'".$this->db->escape($this->description)."'") : "null");
 			$sql .= ", ".(!empty($fichintsrc->note_private) ? ("'".$this->db->escape($fichintsrc->note_private)."'") : "null");
 			$sql .= ", ".(!empty($fichintsrc->note_public) ? ("'".$this->db->escape($fichintsrc->note_public)."'") : "null");
-			$sql .= ", '".$user->id."'";
+			$sql .= ", ".$user->id;
 			// si c'est la même société on conserve les liens vers le projet et le contrat
 			if ($this->socid == $fichintsrc->socid) {
 				$sql .= ", ".(!empty($fichintsrc->fk_project) ? $fichintsrc->fk_project : "null");
diff --git a/htdocs/fichinter/stats/index.php b/htdocs/fichinter/stats/index.php
index 336a55eb32e..90d9741fbc3 100644
--- a/htdocs/fichinter/stats/index.php
+++ b/htdocs/fichinter/stats/index.php
@@ -70,7 +70,7 @@ print load_fiche_titre($title, '', 'intervention');
 dol_mkdir($dir);
 
 $stats = new FichinterStats($db, $socid, $mode, ($userid > 0 ? $userid : 0));
-if ($object_status != '' && $object_status > -1) $stats->where .= ' AND c.fk_statut IN ('.$this->db->sanitize($db->escape($object_status)).')';
+if ($object_status != '' && $object_status > -1) $stats->where .= ' AND c.fk_statut IN ('.$db->sanitize($db->escape($object_status)).')';
 
 // Build graphic number of object
 $data = $stats->getNbByMonthWithPrevYear($endyear, $startyear);
diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php
index 13c0e8fb1df..3d6d2c2f837 100644
--- a/htdocs/fourn/class/fournisseur.commande.class.php
+++ b/htdocs/fourn/class/fournisseur.commande.class.php
@@ -1297,7 +1297,7 @@ class CommandeFournisseur extends CommonOrder
 		$sql .= ", ".$user->id;
 		$sql .= ", ".self::STATUS_DRAFT;
 		$sql .= ", ".$this->db->escape($this->source);
-		$sql .= ", '".$conf->global->COMMANDE_SUPPLIER_ADDON_PDF."'";
+		$sql .= ", '".$this->db->escape($conf->global->COMMANDE_SUPPLIER_ADDON_PDF)."'";
 		$sql .= ", ".($this->mode_reglement_id > 0 ? $this->mode_reglement_id : 'null');
 		$sql .= ", ".($this->cond_reglement_id > 0 ? $this->cond_reglement_id : 'null');
 		$sql .= ", ".($this->fk_account > 0 ? $this->fk_account : 'NULL');
@@ -1843,7 +1843,7 @@ class CommandeFournisseur extends CommonOrder
 			$sql = "INSERT INTO ".MAIN_DB_PREFIX."commande_fournisseur_dispatch";
 			$sql .= " (fk_commande, fk_product, qty, fk_entrepot, fk_user, datec, fk_commandefourndet, status, comment, eatby, sellby, batch) VALUES";
 			$sql .= " ('".$this->id."','".$product."','".$qty."',".($entrepot > 0 ? "'".$entrepot."'" : "null").",'".$user->id."','".$this->db->idate($now)."','".$fk_commandefourndet."', ".$dispatchstatus.", '".$this->db->escape($comment)."', ";
-			$sql .= ($eatby ? "'".$this->db->idate($eatby)."'" : "null").", ".($sellby ? "'".$this->db->idate($sellby)."'" : "null").", ".($batch ? "'".$batch."'" : "null");
+			$sql .= ($eatby ? "'".$this->db->idate($eatby)."'" : "null").", ".($sellby ? "'".$this->db->idate($sellby)."'" : "null").", ".($batch ? "'".$this->db->escape($batch)."'" : "null");
 			$sql .= ")";
 
 			dol_syslog(get_class($this)."::dispatchProduct", LOG_DEBUG);
@@ -2414,10 +2414,10 @@ class CommandeFournisseur extends CommonOrder
 
 			$sql = "INSERT INTO ".MAIN_DB_PREFIX."commande_fournisseurdet";
 			$sql .= " (fk_commande, label, description, fk_product, price, qty, tva_tx, localtax1_tx, localtax2_tx, remise_percent, subprice, remise, ref)";
-			$sql .= " VALUES (".$idc.", '".$this->db->escape($label)."','".$this->db->escape($comclient->lines[$i]->desc)."'";
-			$sql .= ",".$comclient->lines[$i]->fk_product.",'".price2num($comclient->lines[$i]->price)."'";
-			$sql .= ", '".$comclient->lines[$i]->qty."', ".$comclient->lines[$i]->tva_tx.", ".$comclient->lines[$i]->localtax1_tx.", ".$comclient->lines[$i]->localtax2_tx.", ".$comclient->lines[$i]->remise_percent;
-			$sql .= ", '".price2num($comclient->lines[$i]->subprice)."','0','".$ref."');";
+			$sql .= " VALUES (".$idc.", '".$this->db->escape($label)."', ".$this->db->escape($comclient->lines[$i]->desc);
+			$sql .= ",".$comclient->lines[$i]->fk_product.", ".price2num($comclient->lines[$i]->price);
+			$sql .= ", ".$comclient->lines[$i]->qty.", ".$comclient->lines[$i]->tva_tx.", ".$comclient->lines[$i]->localtax1_tx.", ".$comclient->lines[$i]->localtax2_tx.", ".$comclient->lines[$i]->remise_percent;
+			$sql .= ", '".price2num($comclient->lines[$i]->subprice)."','0', '".$this->db->escape($ref)."');";
 			if ($this->db->query($sql))
 			{
 				$this->update_price();
@@ -2927,14 +2927,14 @@ class CommandeFournisseur extends CommonOrder
 		{
 			$sql = "SELECT rowid, code, libelle as label";
 			$sql .= " FROM ".MAIN_DB_PREFIX.'c_input_method';
-			$sql .= " WHERE active=1 AND rowid = ".$db->escape($this->methode_commande_id);
+			$sql .= " WHERE active=1 AND rowid = ".$this->db->escape($this->methode_commande_id);
 
-			$resql = $db->query($sql);
+			$resql = $this->db->query($sql);
 			if ($resql)
 			{
-				if ($db->num_rows($resql))
+				if ($this->db->num_rows($resql))
 				{
-					$obj = $db->fetch_object($resql);
+					$obj = $this->db->fetch_object($resql);
 
 					$string = $langs->trans($obj->code);
 					if ($string == $obj->code)
@@ -2943,7 +2943,7 @@ class CommandeFournisseur extends CommonOrder
 					}
 					return $string;
 				}
-			} else dol_print_error($db);
+			} else dol_print_error($this->db);
 		}
 
 		return '';
diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php
index 5a57319b5a5..156f2a9a1df 100644
--- a/htdocs/fourn/class/fournisseur.facture.class.php
+++ b/htdocs/fourn/class/fournisseur.facture.class.php
@@ -2392,7 +2392,6 @@ class FactureFournisseur extends CommonInvoice
 			return $numref;
 		} else {
 			$this->error = $obj->error;
-			//dol_print_error($db,get_class($this)."::getNextNumRef ".$obj->error);
 			return false;
 		}
 	}
@@ -2714,15 +2713,13 @@ class FactureFournisseur extends CommonInvoice
 	 */
 	public function isCreditNoteUsed()
 	{
-		global $db;
-
 		$isUsed = false;
 
 		$sql = "SELECT fk_invoice_supplier FROM ".MAIN_DB_PREFIX."societe_remise_except WHERE fk_invoice_supplier_source=".$this->id;
-		$resql = $db->query($sql);
+		$resql = $this->db->query($sql);
 		if (!empty($resql)) {
-			$obj = $db->fetch_object($resql);
-			if (!empty($obj->fk_invoice_supplier))$isUsed = true;
+			$obj = $this->db->fetch_object($resql);
+			if (!empty($obj->fk_invoice_supplier)) $isUsed = true;
 		}
 
 		return $isUsed;
diff --git a/htdocs/fourn/class/fournisseur.product.class.php b/htdocs/fourn/class/fournisseur.product.class.php
index b3c4514f5ff..8752d17a5d8 100644
--- a/htdocs/fourn/class/fournisseur.product.class.php
+++ b/htdocs/fourn/class/fournisseur.product.class.php
@@ -349,8 +349,8 @@ class ProductFournisseur extends Product
 			// TODO Add localtax1 and localtax2
 			//$sql.= " localtax1_tx=".($localtax1>=0?$localtax1:'NULL').",";
 			//$sql.= " localtax2_tx=".($localtax2>=0?$localtax2:'NULL').",";
-			//$sql.= " localtax1_type=".($localtaxtype1!=''?"'".$localtaxtype1."'":"'0'").",";
-			//$sql.= " localtax2_type=".($localtaxtype2!=''?"'".$localtaxtype2."'":"'0'").",";
+			//$sql.= " localtax1_type=".($localtaxtype1!=''?"'".$this->db->escape($localtaxtype1)."'":"'0'").",";
+			//$sql.= " localtax2_type=".($localtaxtype2!=''?"'".$this->db->escape($localtaxtype2)."'":"'0'").",";
 			$sql .= " default_vat_code=".($newdefaultvatcode ? "'".$this->db->escape($newdefaultvatcode)."'" : "null").",";
 			$sql .= " info_bits = ".$newnpr.",";
 			$sql .= " charges = ".$charges.","; // deprecated
diff --git a/htdocs/fourn/commande/list.php b/htdocs/fourn/commande/list.php
index f1a9486c232..c900431d910 100644
--- a/htdocs/fourn/commande/list.php
+++ b/htdocs/fourn/commande/list.php
@@ -294,9 +294,9 @@ if (empty($reshook))
 				$sql .= ", targettype";
 				$sql .= ") VALUES (";
 				$sql .= $id_order;
-				$sql .= ", '".$object->origin."'";
+				$sql .= ", '".$db->escape($object->origin)."'";
 				$sql .= ", ".$object->id;
-				$sql .= ", '".$object->element."'";
+				$sql .= ", '".$db->escape($object->element)."'";
 				$sql .= ")";
 
 				if (!$db->query($sql))
diff --git a/htdocs/fourn/facture/impayees.php b/htdocs/fourn/facture/impayees.php
index b37de34301d..804a78079d3 100644
--- a/htdocs/fourn/facture/impayees.php
+++ b/htdocs/fourn/facture/impayees.php
@@ -116,26 +116,26 @@ if ($user->rights->fournisseur->facture->lire)
 
 	if ($search_ref)
 	{
-		$sql .= " AND f.ref LIKE '%".$search_ref."%'";
+		$sql .= " AND f.ref LIKE '%".$db->escape($search_ref)."%'";
 	}
 	if ($search_ref_supplier)
 	{
-		$sql .= " AND f.ref_supplier LIKE '%".$search_ref_supplier."%'";
+		$sql .= " AND f.ref_supplier LIKE '%".$db->escape($search_ref_supplier)."%'";
 	}
 
 	if ($search_company)
 	{
-		$sql .= " AND s.nom LIKE '%".$search_company."%'";
+		$sql .= " AND s.nom LIKE '%".$db->escape($search_company)."%'";
 	}
 
 	if ($search_amount_no_tax)
 	{
-		$sql .= " AND f.total_ht = '".$search_amount_no_tax."'";
+		$sql .= " AND f.total_ht = '".$db->escape($search_amount_no_tax)."'";
 	}
 
 	if ($search_amount_all_tax)
 	{
-		$sql .= " AND f.total_ttc = '".$search_amount_all_tax."'";
+		$sql .= " AND f.total_ttc = '".$db->escape($search_amount_all_tax)."'";
 	}
 
 	if (dol_strlen(GETPOST('sf_re')) > 0)
diff --git a/htdocs/holiday/class/holiday.class.php b/htdocs/holiday/class/holiday.class.php
index 9d0e71a7b57..b702bbf5353 100644
--- a/htdocs/holiday/class/holiday.class.php
+++ b/htdocs/holiday/class/holiday.class.php
@@ -1302,8 +1302,8 @@ class Holiday extends CommonObject
     {
 
 		$sql = "UPDATE ".MAIN_DB_PREFIX."holiday_config SET";
-		$sql .= " value = '".$value."'";
-		$sql .= " WHERE name = '".$name."'";
+		$sql .= " value = '".$this->db->escape($value)."'";
+		$sql .= " WHERE name = '".$this->db->escape($name)."'";
 
 		dol_syslog(get_class($this).'::updateConfCP name='.$name.'', LOG_DEBUG);
 		$result = $this->db->query($sql);
@@ -1498,7 +1498,7 @@ class Holiday extends CommonObject
 
 		$sql = "SELECT value";
 		$sql .= " FROM ".MAIN_DB_PREFIX."holiday_config";
-		$sql .= " WHERE name = '".$name."'";
+		$sql .= " WHERE name = '".$this->db->escape($name)."'";
 
 		$result = $this->db->query($sql);
 
@@ -1522,7 +1522,7 @@ class Holiday extends CommonObject
 	 */
 	public function createCPusers($single = false, $userid = '')
 	{
-		// Si c'est l'ensemble des utilisateurs à ajouter
+		// do we have to add balance for all users ?
 		if (!$single)
 		{
 			dol_syslog(get_class($this).'::createCPusers');
@@ -1532,7 +1532,7 @@ class Holiday extends CommonObject
 			{
 				$sql = "INSERT INTO ".MAIN_DB_PREFIX."holiday_users";
 				$sql .= " (fk_user, nb_holiday)";
-				$sql .= " VALUES ('".$users['rowid']."','0')";
+				$sql .= " VALUES (".((int) $users['rowid'])."', '0')";
 
 				$resql = $this->db->query($sql);
 				if (!$resql) dol_print_error($this->db);
@@ -1540,7 +1540,7 @@ class Holiday extends CommonObject
 		} else {
 			$sql = "INSERT INTO ".MAIN_DB_PREFIX."holiday_users";
 			$sql .= " (fk_user, nb_holiday)";
-			$sql .= " VALUES ('".$userid."','0')";
+			$sql .= " VALUES (".((int) $userid)."', '0')";
 
 			$resql = $this->db->query($sql);
 			if (!$resql) dol_print_error($this->db);
@@ -1557,7 +1557,7 @@ class Holiday extends CommonObject
     {
 
 		$sql = "DELETE FROM ".MAIN_DB_PREFIX."holiday_users";
-		$sql .= " WHERE fk_user = '".$user_id."'";
+		$sql .= " WHERE fk_user = ".((int) $user_id);
 
 		$this->db->query($sql);
 	}
@@ -1925,11 +1925,11 @@ class Holiday extends CommonObject
 		$sql .= "fk_type";
 		$sql .= ") VALUES (";
 		$sql .= " '".$this->db->idate(dol_now())."',";
-		$sql .= " '".$fk_user_action."',";
-		$sql .= " '".$fk_user_update."',";
+		$sql .= " '".$this->db->escape($fk_user_action)."',";
+		$sql .= " '".$this->db->escape($fk_user_update)."',";
 		$sql .= " '".$this->db->escape($label)."',";
-		$sql .= " '".$prev_solde."',";
-		$sql .= " '".$new_solde."',";
+		$sql .= " '".$this->db->escape($prev_solde)."',";
+		$sql .= " '".$this->db->escape($new_solde)."',";
 		$sql .= " ".$fk_type;
 		$sql .= ")";
 
diff --git a/htdocs/holiday/list.php b/htdocs/holiday/list.php
index 1f2ad4ecf20..9ea0aa70180 100644
--- a/htdocs/holiday/list.php
+++ b/htdocs/holiday/list.php
@@ -311,7 +311,7 @@ if (!empty($search_valideur) && $search_valideur != -1) {
 }
 // Type
 if (!empty($search_type) && $search_type != -1) {
-	$sql .= ' AND cp.fk_type IN ('.$this->db->sanitize($db->escape($search_type)).')';
+	$sql .= ' AND cp.fk_type IN ('.$db->sanitize($db->escape($search_type)).')';
 }
 // Status
 if (!empty($search_status) && $search_status != -1) {
diff --git a/test/phpunit/CodingPhpTest.php b/test/phpunit/CodingPhpTest.php
index 950013e692d..1a03699c2bc 100644
--- a/test/phpunit/CodingPhpTest.php
+++ b/test/phpunit/CodingPhpTest.php
@@ -152,7 +152,7 @@ class CodingPhpTest extends PHPUnit\Framework\TestCase
         $db=$this->savdb;
 
         include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
-        $filesarray = dol_dir_list(DOL_DOCUMENT_ROOT, 'files', 1, '\.php', null, 'fullname');
+        $filesarray = dol_dir_list(DOL_DOCUMENT_ROOT.'/holiday', 'files', 1, '\.php', null, 'fullname');
         //$filesarray = dol_dir_list(DOL_DOCUMENT_ROOT, 'files', 1, '\.php', null, 'fullname');
 
         foreach ($filesarray as $key => $file)
@@ -170,7 +170,7 @@ class CodingPhpTest extends PHPUnit\Framework\TestCase
             	|| preg_match('/boxes\/box_/', $file['relativename'])
             	|| preg_match('/modules\/.*\/doc\/(doc|pdf)_/', $file['relativename'])
             	|| preg_match('/modules\/(import|mailings|printing)\//', $file['relativename'])
-            	|| in_array($file['name'], array('modules_boxes.php', 'rapport.pdf.php'))) {
+            	|| in_array($file['name'], array('modules_boxes.php', 'rapport.pdf.php', 'TraceableDB.php'))) {
             	if (! in_array($file['name'], array(
             		'api.class.php',
             		'commonobject.class.php',
@@ -182,7 +182,11 @@ class CodingPhpTest extends PHPUnit\Framework\TestCase
             		'translate.class.php',
             		'utils.class.php',
             		'modules_product.class.php',
-            		'modules_societe.class.php'
+            		'modules_societe.class.php',
+            		'TraceableDB.php',
+            		'expeditionbatch.class.php',
+            		'expensereport_ik.class.php',
+            		'expensereport_rule.class.php'
             	))) {
 	            	// Must must not found $db->
 	            	$ok=true;
@@ -200,7 +204,8 @@ class CodingPhpTest extends PHPUnit\Framework\TestCase
             	}
             } else {
             	if (! in_array($file['name'], array(
-            		'extrafieldsinexport.inc.php'
+            		'extrafieldsinexport.inc.php',
+            		'DolQueryCollector.php'
             	))) {
 	            	// Must must not found $this->db->
 	            	$ok=true;