diff --git a/htdocs/fourn/commande/list.php b/htdocs/fourn/commande/list.php
index 6affbae304569a93b22d42010263953724231204..4f0974abd10e50b61f77956a7c16f444a7ce3bb0 100644
--- a/htdocs/fourn/commande/list.php
+++ b/htdocs/fourn/commande/list.php
@@ -123,7 +123,7 @@ if ($search_user)
 }
 if ($search_ttc)
 {
-	$sql .= " AND total_ttc = ".price2num($search_ttc);
+	$sql .= " AND total_ttc = '".$db->escape(price2num($search_ttc))."'";
 }
 if ($sall)
 {