diff --git a/test/phpunit/CodingPHPTest.php b/test/phpunit/CodingPHPTest.php
new file mode 100644
index 0000000000000000000000000000000000000000..b8d7bc908167b501059d2b8913673c5e6a345e7c
--- /dev/null
+++ b/test/phpunit/CodingPHPTest.php
@@ -0,0 +1,177 @@
+<?php
+/* Copyright (C) 2013 Laurent Destailleur <eldy@users.sourceforge.net>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ * or see http://www.gnu.org/
+ */
+
+/**
+ * \file test/phpunit/SqlTest.php
+ * \ingroup test
+ * \brief PHPUnit test
+ * \remarks To run this script as CLI: phpunit filename.php
+ */
+
+global $conf,$user,$langs,$db;
+//define('TEST_DB_FORCE_TYPE','mysql'); // This is to force using mysql driver
+//require_once 'PHPUnit/Autoload.php';
+require_once dirname(__FILE__).'/../../htdocs/master.inc.php';
+require_once dirname(__FILE__).'/../../htdocs/core/lib/security.lib.php';
+require_once dirname(__FILE__).'/../../htdocs/core/lib/security2.lib.php';
+
+if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER','1');
+if (! defined('NOREQUIREDB')) define('NOREQUIREDB','1');
+if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC','1');
+if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN','1');
+if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK','1');
+if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1');
+if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1'); // If there is no menu to show
+if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1'); // If we don't need to load the html.form.class.php
+if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1');
+if (! defined("NOLOGIN")) define("NOLOGIN",'1'); // If this page is public (can be called outside logged session)
+
+if (empty($user->id))
+{
+ print "Load permissions for admin user nb 1\n";
+ $user->fetch(1);
+ $user->getrights();
+}
+$conf->global->MAIN_DISABLE_ALL_MAILS=1;
+
+
+/**
+ * Class for PHPUnit tests
+ *
+ * @backupGlobals disabled
+ * @backupStaticAttributes enabled
+ * @remarks backupGlobals must be disabled to have db,conf,user and lang not erased.
+ */
+class CodingPhpTest extends PHPUnit_Framework_TestCase
+{
+ protected $savconf;
+ protected $savuser;
+ protected $savlangs;
+ protected $savdb;
+
+ /**
+ * Constructor
+ * We save global variables into local variables
+ *
+ * @return SecurityTest
+ */
+ function __construct()
+ {
+ //$this->sharedFixture
+ global $conf,$user,$langs,$db;
+ $this->savconf=$conf;
+ $this->savuser=$user;
+ $this->savlangs=$langs;
+ $this->savdb=$db;
+
+ print __METHOD__." db->type=".$db->type." user->id=".$user->id;
+ //print " - db ".$db->db;
+ print "\n";
+ }
+
+ // Static methods
+ public static function setUpBeforeClass()
+ {
+ global $conf,$user,$langs,$db;
+ $db->begin(); // This is to have all actions inside a transaction even if test launched without suite.
+
+ print __METHOD__."\n";
+ }
+
+ // tear down after class
+ public static function tearDownAfterClass()
+ {
+ global $conf,$user,$langs,$db;
+ $db->rollback();
+
+ print __METHOD__."\n";
+ }
+
+ /**
+ * Init phpunit tests
+ *
+ * @return void
+ */
+ protected function setUp()
+ {
+ global $conf,$user,$langs,$db;
+ $conf=$this->savconf;
+ $user=$this->savuser;
+ $langs=$this->savlangs;
+ $db=$this->savdb;
+
+ print __METHOD__."\n";
+ }
+
+ /**
+ * End phpunit tests
+ *
+ * @return void
+ */
+ protected function tearDown()
+ {
+ print __METHOD__."\n";
+ }
+
+ /**
+ * testSql
+ *
+ * @return string
+ */
+ public function testPHP()
+ {
+ global $conf,$user,$langs,$db;
+ $conf=$this->savconf;
+ $user=$this->savuser;
+ $langs=$this->savlangs;
+ $db=$this->savdb;
+
+ include DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
+ $filesarray = dol_dir_list(DOL_DOCUMENT_ROOT, 'files', 1, '\.php', null, 'fullname');
+
+ foreach($filesarray as $key => $file)
+ {
+ if (preg_match('/\/htdocs\/includes\//', $file['fullname'])) continue;
+ if (preg_match('/\/htdocs\/custom\//', $file['fullname'])) continue;
+ if (preg_match('/\/htdocs\/nltechno/', $file['fullname'])) continue;
+ if (preg_match('/\/htdocs\/dolimed/', $file['fullname'])) continue;
+
+ print 'Check php file '.$file['fullname']."\n";
+ $filecontent=file_get_contents($file['fullname']);
+
+ $ok=true;
+ $matches=array();
+ preg_match_all('/=\'".\$this->(..)/', $filecontent, $matches, PREG_SET_ORDER);
+ foreach($matches as $key => $val)
+ {
+ if ($val[1] != 'db')
+ {
+ $ok=false;
+ break;
+ }
+ //if ($reg[0] != 'db') $ok=false;
+ }
+ //print __METHOD__." Result for checking we don't have non escaped string in sql requests for file ".$file."\n";
+ $this->assertTrue($ok, 'Found non escaped string in building of a sql request '.$file['fullname'].'. Bad.');
+ //exit;
+ }
+
+ return;
+ }
+
+}