diff --git a/htdocs/comm/clients.php b/htdocs/comm/clients.php
index a4e2a433fc7..4d79e0730af 100644
--- a/htdocs/comm/clients.php
+++ b/htdocs/comm/clients.php
@@ -99,9 +99,9 @@ if (!$user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc
 if ($socid) $sql.= " AND s.rowid = ".$socid;
 if ($search_sale) $sql.= " AND s.rowid = sc.fk_soc";		// Join for the needed table to filter by sale
 if ($search_categ) $sql.= " AND s.rowid = cs.fk_societe";	// Join for the needed table to filter by categ
-if ($search_nom)   $sql.= " AND s.nom like '%".addslashes(strtolower($search_nom))."%'";
-if ($search_ville) $sql.= " AND s.ville like '%".addslashes(strtolower($search_ville))."%'";
-if ($search_code)  $sql.= " AND s.code_client like '%".addslashes(strtolower($search_code))."%'";
+if ($search_nom)   $sql.= " AND s.nom like '%".$db->escape(strtolower($search_nom))."%'";
+if ($search_ville) $sql.= " AND s.ville like '%".$db->escape(strtolower($search_ville))."%'";
+if ($search_code)  $sql.= " AND s.code_client like '%".$db->escape(strtolower($search_code))."%'";
 // Insert sale filter
 if ($search_sale)
 {
@@ -114,7 +114,7 @@ if ($search_categ)
 }
 if ($socname)
 {
-	$sql.= " AND s.nom like '%".addslashes(strtolower($socname))."%'";
+	$sql.= " AND s.nom like '%".$db->escape(strtolower($socname))."%'";
 	$sortfield = "s.nom";
 	$sortorder = "ASC";
 }