diff --git a/htdocs/admin/facture.php b/htdocs/admin/facture.php
index 4898730629af29eaaa962a8bdd61163c446cb1ea..37da46c05702b0cb6ce31183d4145a2b10c6f016 100644
--- a/htdocs/admin/facture.php
+++ b/htdocs/admin/facture.php
@@ -141,12 +141,16 @@ if ($_GET["action"] == 'setdoc')
 
 	// On active le modele
 	$type='invoice';
+
 	$sql_del = "DELETE FROM ".MAIN_DB_PREFIX."document_model";
-	$sql_del.= " WHERE nom = '".$_GET["value"]."'";
+	$sql_del.= " WHERE nom = '".addslashes($_GET["value"])."'";
 	$sql_del.= " AND type = '".$type."'";
 	$sql_del.= " AND entity = ".$conf->entity;
+    dol_syslog("facture.php ".$sql_del);
 	$result1=$db->query($sql_del);
-	$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom,type,entity) VALUES ('".$_GET["value"]."','".$type."',".$conf->entity.")";
+
+	$sql = "INSERT INTO ".MAIN_DB_PREFIX."document_model (nom,type,entity) VALUES ('".addslashes($_GET["value"])."','".$type."',".$conf->entity.")";
+    dol_syslog("facture.php ".$sql);
 	$result2=$db->query($sql);
 	if ($result1 && $result2)
 	{
@@ -154,6 +158,7 @@ if ($_GET["action"] == 'setdoc')
 	}
 	else
 	{
+		dol_syslog("facture.php ".$db->lasterror(), LOG_ERR);
 		$db->rollback();
 	}
 }