diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index 74dde4ef04d..d144596053e 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -53,13 +53,14 @@ if (function_exists('get_magic_quotes_gpc'))	// magic_quotes_* removed in PHP6
         // Forcing parameter setting magic_quotes_gpc and cleaning parameters
         // (Otherwise he would have for each position, condition
         // Reading stripslashes variable according to state get_magic_quotes_gpc).
-        // Off mode (recommended, you just do $db->escape when an insert / update.
+        // Off mode recommended (just do $db->escape for insert / update).
         function stripslashes_deep($value)
         {
             return (is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value));
         }
         $_GET     = array_map('stripslashes_deep', $_GET);
         $_POST    = array_map('stripslashes_deep', $_POST);
+        $_FILES   = array_map('stripslashes_deep', $_FILES);
         //$_COOKIE  = array_map('stripslashes_deep', $_COOKIE); // Useless because a cookie should never be outputed on screen nor used into sql
         @set_magic_quotes_runtime(0);
     }