diff --git a/htdocs/comm/propal.php b/htdocs/comm/propal.php
index 23abe405347..a332b3be96f 100644
--- a/htdocs/comm/propal.php
+++ b/htdocs/comm/propal.php
@@ -511,7 +511,7 @@ if ($_POST['action'] == 'send' && ! $_POST['addfile'] && ! $_POST['removedfile']
 					$result=$mailfile->sendfile();
 					if ($result)
 					{
-						$mesg='<div class="ok">'.$langs->trans('MailSuccessfulySent',$from,$sendto).'.</div>';
+						$mesg=$langs->trans('MailSuccessfulySent',$from,$sendto);
 
 						$error=0;
 
@@ -969,7 +969,11 @@ if ($id > 0 || ! empty($ref))
 	 * Show object in view mode
 	 */
 
-	if ($mesg) print $mesg."<br>";
+	if ($mesg) 
+	{
+		if (! preg_match('/div class=/',$mesg)) print '<div class="ok">'.$mesg.'</div><br>';
+		else print $mesg."<br>";
+	}
 
 	$object->fetch($id,$ref);
 
@@ -1612,7 +1616,7 @@ if ($id > 0 || ! empty($ref))
 		if (! empty($_REQUEST["mode"]) && $_REQUEST["mode"]=='init')
 		{
 			$formmail->clear_attached_files();
-			$formmail->add_attached_files($file,$object->ref.'.pdf','application/pdf');
+			$formmail->add_attached_files($file,dol_sanitizeFilename($object->ref).'.pdf','application/pdf');
 		}
 
 		$formmail->show_form();
diff --git a/htdocs/commande/fiche.php b/htdocs/commande/fiche.php
index 8b6c088735f..1763cc65748 100644
--- a/htdocs/commande/fiche.php
+++ b/htdocs/commande/fiche.php
@@ -1916,7 +1916,7 @@ else
 				if (! empty($_REQUEST["mode"]) && $_REQUEST["mode"]=='init')
 				{
 					$formmail->clear_attached_files();
-					$formmail->add_attached_files($file,$ref.'.pdf','application/pdf');
+					$formmail->add_attached_files($file,dol_sanitizeFilename($ref.'.pdf'),'application/pdf');
 				}
 
 				// Show form
diff --git a/htdocs/compta/facture.php b/htdocs/compta/facture.php
index e9ffe392d4d..abcfe00237b 100644
--- a/htdocs/compta/facture.php
+++ b/htdocs/compta/facture.php
@@ -2871,7 +2871,7 @@ else
 				if (! empty($_REQUEST["mode"]) && $_REQUEST["mode"]=='init')
 				{
 					$formmail->clear_attached_files();
-					$formmail->add_attached_files($file,$ref.'.pdf','application/pdf');
+					$formmail->add_attached_files($file,dol_sanitizeFilename($ref.'.pdf'),'application/pdf');
 				}
 
 				$formmail->show_form();
diff --git a/htdocs/fourn/commande/fiche.php b/htdocs/fourn/commande/fiche.php
index 99979b80b08..b8c898f650d 100644
--- a/htdocs/fourn/commande/fiche.php
+++ b/htdocs/fourn/commande/fiche.php
@@ -1474,7 +1474,7 @@ if ($id > 0 || ! empty($ref))
 			if (! empty($_REQUEST["mode"]) && $_REQUEST["mode"]=='init')
 			{
 				$formmail->clear_attached_files();
-				$formmail->add_attached_files($file,$ref.'.pdf','application/pdf');
+				$formmail->add_attached_files($file,dol_sanitizeFilename($ref.'.pdf'),'application/pdf');
 			}
 
 			// Show form
diff --git a/htdocs/fourn/facture/fiche.php b/htdocs/fourn/facture/fiche.php
index b7a27e82ca8..d9aa5698be0 100644
--- a/htdocs/fourn/facture/fiche.php
+++ b/htdocs/fourn/facture/fiche.php
@@ -1867,7 +1867,7 @@ else
             if (! empty($_REQUEST["mode"]) && $_REQUEST["mode"]=='init')
             {
                 $formmail->clear_attached_files();
-                $formmail->add_attached_files($file,$ref.'.pdf','application/pdf');
+                $formmail->add_attached_files($file,dol_sanitizeFilename($ref.'.pdf'),'application/pdf');
             }
 
             // Show form