From 38eb071a1f0f85e4a641625262758d9203896138 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis@dolibarr.fr>
Date: Tue, 10 Apr 2012 08:50:14 +0200
Subject: [PATCH] Fix: best practice

---
 htdocs/admin/tools/export.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/admin/tools/export.php b/htdocs/admin/tools/export.php
index e9e0e66063b..a19a55b1d47 100644
--- a/htdocs/admin/tools/export.php
+++ b/htdocs/admin/tools/export.php
@@ -111,7 +111,7 @@ if ($what == 'mysql')
 	if (! empty($dolibarr_main_db_port)) $param.=" -P ".$dolibarr_main_db_port;
 	if (! $_POST["use_transaction"]) $param.=" -l --single-transaction";
 	if ($_POST["disable_fk"])        $param.=" -K";
-	if ($_POST["sql_compat"] && $_POST["sql_compat"] != 'NONE') $param.=" --compatible=".preg_replace('/[^a-zA-Z0-9]/','',GETPOST("sql_compat","alpha"));
+	if ($_POST["sql_compat"] && $_POST["sql_compat"] != 'NONE') $param.=" --compatible=".escapeshellarg(GETPOST("sql_compat","alpha"));
 	if ($_POST["drop_database"])     $param.=" --add-drop-database";
 	if ($_POST["sql_structure"])
 	{