diff --git a/ChangeLog b/ChangeLog
index 9f6a03d5d0e..c56f5a0b9e8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -17,8 +17,8 @@ For developers:
 - New: Add path file of trigger into admin trigger list page.
 - New: More phpunit tests.
 - New: Payments and supplier payment pages tabs can now be extended from modules.
-- New: Add option 'az' into GETPOST function to check parameters conatins 
-       only a to z characters.
+- New: Add option 'aZ' into GETPOST function to check parameters contains 
+       only a to z or A to Z characters.
 
 
 ***** ChangeLog for 3.5 compared to 3.4.* *****
diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index 96e3cd7dcd2..d7d81ac0e18 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -198,12 +198,12 @@ function GETPOST($paramname,$check='',$method=0)
 			if (preg_match('/"/',$out)) $out='';
 			else if (preg_match('/\.\.\//',$out)) $out='';
 		}
-		elseif ($check == 'az')
+		elseif ($check == 'aZ')
 		{
 			$out=trim($out);
 			// '"' is dangerous because param in url can close the href= or src= and add javascript functions.
 			// '../' is dangerous because it allows dir transversals
-			if (preg_match('/[^a-z]+/',$out)) $out='';
+			if (preg_match('/[^a-z]+/i',$out)) $out='';
 		}
 		elseif ($check == 'array')
 		{