diff --git a/htdocs/exports/class/export.class.php b/htdocs/exports/class/export.class.php
index 483935c7fdf..7eb88e4fbb3 100644
--- a/htdocs/exports/class/export.class.php
+++ b/htdocs/exports/class/export.class.php
@@ -379,13 +379,13 @@ class Export
 	 */
 	public function conditionDate($Field, $Value, $Sens)
 	{
-		// TODO date_format is forbidden, not performant and not portable. Use instead BETWEEN
+		// TODO date_format is forbidden, not performant and not portable. Use instead $Value to forge the range date.
 		if (strlen($Value) == 4) {
-			$Condition = " date_format(".$Field.",'%Y') ".$Sens." '".$Value."'";
+			$Condition = " date_format(".$Field.",'%Y') ".$Sens." '".$this->db->escape($Value)."'";
 		} elseif (strlen($Value) == 6) {
-			$Condition = " date_format(".$Field.",'%Y%m') ".$Sens." '".$Value."'";
+			$Condition = " date_format(".$Field.",'%Y%m') ".$Sens." '".$this->db->escape($Value)."'";
 		} else {
-			$Condition = " date_format(".$Field.",'%Y%m%d') ".$Sens." ".$Value;
+			$Condition = " date_format(".$Field.",'%Y%m%d') ".$Sens." '".$this->db->escape($Value)."'";
 		}
 		return $Condition;
 	}
@@ -416,7 +416,7 @@ class Export
 			case 'Duree':
 			case 'Numeric':
 			case 'Number':
-				// Must be a string text to allow to use comparison strings like "<= 999"
+				// Must be a string text to allow to use comparison strings like "<= 99.9"
 				$szFilterField = '<input type="text" size="6" name="'.$NameField.'" value="'.$ValueField.'">';
 				break;
 			case 'Status':