diff --git a/htdocs/adherents/fiche.php b/htdocs/adherents/fiche.php
index cd6d68254ea..a662d4241d6 100644
--- a/htdocs/adherents/fiche.php
+++ b/htdocs/adherents/fiche.php
@@ -250,9 +250,9 @@ if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"] && $user->rights->adhe
 		{
 			if (preg_match("/^options_/",$key))
 			{
-				//escape values from POST, at least with addslashes, to avoid obvious SQL injections
+				//escape values from POST, at least with $db->escape, to avoid obvious SQL injections
 				//(array_options is directly input in the DB in adherent.class.php::update())
-				$adh->array_options[$key]=addslashes($_POST[$key]);
+				$adh->array_options[$key]=$db->escape($_POST[$key]);
 			}
 		}
 
@@ -380,9 +380,9 @@ if ($_POST["action"] == 'add' && $user->rights->adherent->creer)
     {
         if (preg_match("/^options_/",$key))
         {
-			//escape values from POST, at least with addslashes, to avoid obvious SQL injections
+			//escape values from POST, at least with $db->escape, to avoid obvious SQL injections
 			//(array_options is directly input in the DB in adherent.class.php::update())
-			$adh->array_options[$key]=addslashes($_POST[$key]);
+			$adh->array_options[$key]=$db->escape($_POST[$key]);
         }
     }