diff --git a/htdocs/core/class/html.formadmin.class.php b/htdocs/core/class/html.formadmin.class.php
index ccd3e038f74..6d570b70880 100644
--- a/htdocs/core/class/html.formadmin.class.php
+++ b/htdocs/core/class/html.formadmin.class.php
@@ -1,5 +1,5 @@
 <?php
-/* Copyright (C) 2004-2012 Laurent Destailleur  <eldy@users.sourceforge.net>
+/* Copyright (C) 2004-2014 Laurent Destailleur  <eldy@users.sourceforge.net>
  * Copyright (C) 2005-2011 Regis Houssin        <regis.houssin@capnetworks.com>
  * Copyright (C) 2007      Patrick Raguin 		<patrick.raguin@gmail.com>
  *
@@ -146,7 +146,7 @@ class FormAdmin
     	                        if (preg_match('/eldy_(backoffice|frontoffice)\.php$/i',$file)) continue;		// We exclude all menu manager files
     	                        if (preg_match('/auguria_(backoffice|frontoffice)\.php$/i',$file)) continue;	// We exclude all menu manager files
     	                        if (preg_match('/smartphone_(backoffice|frontoffice)\.php$/i',$file)) continue;	// We exclude all menu manager files
-    	                        
+
     	                        $filelib=preg_replace('/\.php$/i','',$file);
     	        				$prefix='';
     	        				// 0=Recommanded, 1=Experimental, 2=Developpement, 3=Other
@@ -324,7 +324,7 @@ class FormAdmin
 	 *
 	 *    	@param      string	$selected       Paper format pre-selected
 	 *    	@param      string	$htmlname       Name of HTML select field
-	 * 		@param		string	$filter			Key to filter
+	 * 		@param		string	$filter			Value to filter on code
 	 * 		@param		int		$showempty		Add empty value
 	 * 		@return		string					Return HTML output
 	 */
@@ -332,8 +332,12 @@ class FormAdmin
 	{
 		global $langs;
 
-		$sql="SELECT code, label, width, height, unit FROM ".MAIN_DB_PREFIX."c_paper_format where active=1";
-        if ($filter) $sql.=" WHERE code LIKE '%".$filter."%'";
+		$langs->load("dict");
+
+		$sql = "SELECT code, label, width, height, unit";
+		$sql.= " FROM ".MAIN_DB_PREFIX."c_paper_format";
+		$sql.= " WHERE active=1";
+        if ($filter) $sql.=" AND code LIKE '%".$this->db->escape($filter)."%'";
 
         $resql=$this->db->query($sql);
         if ($resql)
@@ -350,7 +354,11 @@ class FormAdmin
                 $i++;
             }
         }
-        else dol_print_error($this->db);
+        else
+		{
+			dol_print_error($this->db);
+			return '';
+		}
 		$out='';
 
 		$out.= '<select class="flat" id="'.$htmlname.'" name="'.$htmlname.'">';
diff --git a/test/phpunit/FormAdminTest.php b/test/phpunit/FormAdminTest.php
new file mode 100644
index 00000000000..363fd4acf2e
--- /dev/null
+++ b/test/phpunit/FormAdminTest.php
@@ -0,0 +1,139 @@
+<?php
+/* Copyright (C) 2010 Laurent Destailleur  <eldy@users.sourceforge.net>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ * or see http://www.gnu.org/
+ */
+
+/**
+ *      \file       test/phpunit/FormAdminTest.php
+ *		\ingroup    test
+ *      \brief      PHPUnit test
+ *		\remarks	To run this script as CLI:  phpunit filename.php
+ */
+
+global $conf,$user,$langs,$db;
+//define('TEST_DB_FORCE_TYPE','mysql');	// This is to force using mysql driver
+require_once 'PHPUnit/Autoload.php';
+require_once dirname(__FILE__).'/../../htdocs/master.inc.php';
+require_once dirname(__FILE__).'/../../htdocs/core/class/html.formadmin.class.php';
+
+if (empty($user->id))
+{
+	print "Load permissions for admin user nb 1\n";
+	$user->fetch(1);
+	$user->getrights();
+}
+$conf->global->MAIN_DISABLE_ALL_MAILS=1;
+
+
+/**
+ * Class for PHPUnit tests
+ *
+ * @backupGlobals disabled
+ * @backupStaticAttributes enabled
+ * @remarks	backupGlobals must be disabled to have db,conf,user and lang not erased.
+ */
+class FormAdminTest extends PHPUnit_Framework_TestCase
+{
+	protected $savconf;
+	protected $savuser;
+	protected $savlangs;
+	protected $savdb;
+
+	/**
+	 * Constructor
+	 * We save global variables into local variables
+	 *
+	 * @return FactureTest
+	 */
+	function __construct()
+	{
+		//$this->sharedFixture
+		global $conf,$user,$langs,$db;
+		$this->savconf=$conf;
+		$this->savuser=$user;
+		$this->savlangs=$langs;
+		$this->savdb=$db;
+
+		print __METHOD__." db->type=".$db->type." user->id=".$user->id;
+		//print " - db ".$db->db;
+		print "\n";
+	}
+
+	// Static methods
+  	public static function setUpBeforeClass()
+    {
+    	global $conf,$user,$langs,$db;
+		$db->begin();	// This is to have all actions inside a transaction even if test launched without suite.
+
+    	print __METHOD__."\n";
+    }
+    public static function tearDownAfterClass()
+    {
+    	global $conf,$user,$langs,$db;
+		$db->rollback();
+
+		print __METHOD__."\n";
+    }
+
+	/**
+	 * Init phpunit tests
+	 *
+	 * @return	void
+	 */
+    protected function setUp()
+    {
+    	global $conf,$user,$langs,$db;
+		$conf=$this->savconf;
+		$user=$this->savuser;
+		$langs=$this->savlangs;
+		$db=$this->savdb;
+
+		print __METHOD__."\n";
+    }
+
+	/**
+	 * End phpunit tests
+	 *
+	 * @return	void
+	 */
+	protected function tearDown()
+    {
+    	print __METHOD__."\n";
+    }
+
+    /**
+     * testFactureCreate
+     *
+     * @return int
+     */
+    public function testSelectPaperFormat()
+    {
+    	global $conf,$user,$langs,$db;
+		$conf=$this->savconf;
+		$user=$this->savuser;
+		$langs=$this->savlangs;
+		$db=$this->savdb;
+
+		$localobject=new FormAdmin($this->savdb);
+    	$result=$localobject->select_paper_format('','paperformat_id','A4');
+
+    	$this->assertEquals($result, '<select class="flat" id="paperformat_id" name="paperformat_id"><option value="EUA4">Format A4 - 210x297 mm</option></select>');
+    	print __METHOD__." result=".$result."\n";
+    	return $result;
+    }
+
+}
+?>
\ No newline at end of file