diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index 28f1a63e6d2..5d378226cb7 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -150,7 +150,7 @@ function testSqlAndScriptInject($val, $type)
 		$inj += preg_match('/"/i', $val); // We refused " in GET parameters value.
 	}
 	if ($type == 2) {
-		$inj += preg_match('/[:;"\'<>\?]/', $val); // PHP_SELF is a file system (or url path without parameters). It can contains spaces.
+		$inj += preg_match('/[:;"\'<>\?\(\)]/', $val); // PHP_SELF is a file system (or url path without parameters). It can contains spaces.
 	}
 
 	return $inj;