diff --git a/application/cmdbabstract.class.inc.php b/application/cmdbabstract.class.inc.php
index 879c7ebbd..e9c17fc66 100644
--- a/application/cmdbabstract.class.inc.php
+++ b/application/cmdbabstract.class.inc.php
@@ -671,14 +671,14 @@ EOF
 			if (count($aTriggers) > 0)
 			{
 				$iId = $this->GetKey();
-				$sTriggersList = implode(',', $aTriggers);
+				$aParams = array('triggers' => $aTriggers, 'id' => $iId);
 				$aNotifSearches = array();
 				$iNotifsCount = 0;
 				$aNotificationClasses = MetaModel::EnumChildClasses('EventNotification', ENUM_CHILD_CLASSES_EXCLUDETOP);
 				foreach($aNotificationClasses as $sNotifClass)
 				{
-					$aNotifSearches[$sNotifClass] = DBObjectSearch::FromOQL("SELECT $sNotifClass AS Ev JOIN Trigger AS T ON Ev.trigger_id = T.id WHERE T.id IN ($sTriggersList) AND Ev.object_id = $iId");
-					$oNotifSet = new DBObjectSet($aNotifSearches[$sNotifClass]);
+					$aNotifSearches[$sNotifClass] = DBObjectSearch::FromOQL("SELECT $sNotifClass AS Ev JOIN Trigger AS T ON Ev.trigger_id = T.id WHERE T.id IN (:triggers) AND Ev.object_id = :id");
+					$oNotifSet = new DBObjectSet($aNotifSearches[$sNotifClass], array(), $aParams);
 					$iNotifsCount += $oNotifSet->Count();
 				}
 				// Display notifications regarding the object: on block per subclass to have the intersting columns
diff --git a/application/portalwebpage.class.inc.php b/application/portalwebpage.class.inc.php
index 1f9e57808..93109b76c 100644
--- a/application/portalwebpage.class.inc.php
+++ b/application/portalwebpage.class.inc.php
@@ -572,7 +572,6 @@ EOF
 			// $sAttSpec is an attribute code
 			//
 			$this->add('<span style="white-space: nowrap;padding:5px;display:inline-block;">');
-			$sFilterValue = '';
 			$sFilterValue = utils::ReadParam($sPrefix.$sFieldName, '', false, 'raw_data');
 			$sFilterOpCode = null; // Use the default 'loose' OpCode
 			$oAttDef = MetaModel::GetAttributeDef($sClass, $sAttSpec);
@@ -590,7 +589,7 @@ EOF
 					}
 					catch(OQLException $e)
 					{
-						throw new Exception("Incorrect filter '$sFilterDefName' for attribute '$sAttcode': ".$e->getMessage());
+						throw new Exception("Incorrect filter '$sFilterDefName' for attribute '$sAttSpec': ".$e->getMessage());
 					}
 				}
 				else
@@ -850,8 +849,8 @@ EOF
 			// Trigger ?
 			//
 			$aClasses = MetaModel::EnumParentClasses($sClass, ENUM_PARENT_CLASSES_ALL);
-			$sClassList = implode(", ", CMDBSource::Quote($aClasses));
-			$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT TriggerOnPortalUpdate AS t WHERE t.target_class IN ($sClassList)"));
+			$aParams = array('class_list' => CMDBSource::Quote($aClasses));
+			$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT TriggerOnPortalUpdate AS t WHERE t.target_class IN (:class_list)"), array(), $aParams);
 			while ($oTrigger = $oSet->Fetch())
 			{
 				$oTrigger->DoActivate($oObj->ToArgs('this'));
@@ -863,7 +862,7 @@ EOF
 		if ($bLockEnabled)
 		{
 			// Release the concurrent lock, if any
-			$sOwnershipToken = utils::ReadPostedParam('ownership_token', null, false, 'raw_data');
+			$sOwnershipToken = utils::ReadPostedParam('ownership_token', null, 'raw_data');
 			if ($sOwnershipToken !== null)
 			{
 				// We're done, let's release the lock
diff --git a/core/dbobject.class.php b/core/dbobject.class.php
index 6f34b0cfc..74be94805 100644
--- a/core/dbobject.class.php
+++ b/core/dbobject.class.php
@@ -2093,8 +2093,8 @@ abstract class DBObject implements iDisplay
 
 		// Activate any existing trigger 
 		$sClass = get_class($this);
-		$sClassList = implode("', '", MetaModel::EnumParentClasses($sClass, ENUM_PARENT_CLASSES_ALL));
-		$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT TriggerOnObjectCreate AS t WHERE t.target_class IN ('$sClassList')"));
+		$aParams = array('class_list' => MetaModel::EnumParentClasses($sClass, ENUM_PARENT_CLASSES_ALL));
+		$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT TriggerOnObjectCreate AS t WHERE t.target_class IN (:class_list)"), array(), $aParams);
 		while ($oTrigger = $oSet->Fetch())
 		{
 			/** @var \Trigger $oTrigger */
@@ -2311,8 +2311,8 @@ abstract class DBObject implements iDisplay
 
 			// Activate any existing trigger
 			$sClass = get_class($this);
-			$sClassList = implode("', '", MetaModel::EnumParentClasses($sClass, ENUM_PARENT_CLASSES_ALL));
-			$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT TriggerOnObjectUpdate AS t WHERE t.target_class IN ('$sClassList')"));
+			$aParams = array('class_list' => MetaModel::EnumParentClasses($sClass, ENUM_PARENT_CLASSES_ALL));
+			$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT TriggerOnObjectUpdate AS t WHERE t.target_class IN (:class_list)"), array(), $aParams);
 			while ($oTrigger = $oSet->Fetch())
 			{
 				/** @var \Trigger $oTrigger */
@@ -2486,8 +2486,8 @@ abstract class DBObject implements iDisplay
 
 			// Activate any existing trigger
 			$sClass = get_class($this);
-			$sClassList = implode("', '", MetaModel::EnumParentClasses($sClass, ENUM_PARENT_CLASSES_ALL));
-			$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT TriggerOnObjectDelete AS t WHERE t.target_class IN ('$sClassList')"));
+			$aParams = array('class_list' => MetaModel::EnumParentClasses($sClass, ENUM_PARENT_CLASSES_ALL));
+			$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT TriggerOnObjectDelete AS t WHERE t.target_class IN (:class_list)"), array(), $aParams);
 			while ($oTrigger = $oSet->Fetch())
 			{
 				/** @var \Trigger $oTrigger */
@@ -2764,15 +2764,18 @@ abstract class DBObject implements iDisplay
 			}
 
 			// Change state triggers...
-			$sClassList = implode("', '", MetaModel::EnumParentClasses($sClass, ENUM_PARENT_CLASSES_ALL));
-			$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT TriggerOnStateLeave AS t WHERE t.target_class IN ('$sClassList') AND t.state='$sPreviousState'"));
+			$aParams = array(
+				'class_list' => MetaModel::EnumParentClasses($sClass, ENUM_PARENT_CLASSES_ALL),
+				'previous_state' => $sPreviousState,
+				'new_state' => $sNewState);
+			$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT TriggerOnStateLeave AS t WHERE t.target_class IN (:class_list) AND t.state=:previous_state"), array(), $aParams);
 			while ($oTrigger = $oSet->Fetch())
 			{
 				/** @var \Trigger $oTrigger */
 				$oTrigger->DoActivate($this->ToArgs('this'));
 			}
 
-			$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT TriggerOnStateEnter AS t WHERE t.target_class IN ('$sClassList') AND t.state='$sNewState'"));
+			$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT TriggerOnStateEnter AS t WHERE t.target_class IN (:class_list) AND t.state=:new_state"), array(), $aParams);
 			while ($oTrigger = $oSet->Fetch())
 			{
 				/** @var \Trigger $oTrigger */
diff --git a/datamodels/2.x/itop-portal-base/portal/src/controllers/objectcontroller.class.inc.php b/datamodels/2.x/itop-portal-base/portal/src/controllers/objectcontroller.class.inc.php
index 9764fb36b..ac1c94e4f 100644
--- a/datamodels/2.x/itop-portal-base/portal/src/controllers/objectcontroller.class.inc.php
+++ b/datamodels/2.x/itop-portal-base/portal/src/controllers/objectcontroller.class.inc.php
@@ -1428,12 +1428,13 @@ class ObjectController extends AbstractController
 
 		// Building the search
 		$bIgnoreSilos = $oApp['scope_validator']->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sObjectClass);
-		$oSearch = DBObjectSearch::FromOQL("SELECT " . $sObjectClass . " WHERE id IN ('" . implode("','", $aObjectIds) . "')");
+		$aParams = array('objects_id' => $aObjectIds);
+		$oSearch = DBObjectSearch::FromOQL("SELECT $sObjectClass WHERE id IN (:objects_id)");
 		if ($bIgnoreSilos === true)
 		{
 			$oSearch->AllowAllData();
 		}
-		$oSet = new DBObjectSet($oSearch);
+		$oSet = new DBObjectSet($oSearch, array(), $aParams);
 		$oSet->OptimizeColumnLoad($aObjectAttCodes);
 
 		// Retrieving objects