diff --git a/models/ProjectModel.php b/models/ProjectModel.php
index bd42e6c..084f1ec 100644
--- a/models/ProjectModel.php
+++ b/models/ProjectModel.php
@@ -23,58 +23,84 @@
                         string $strEndDate='', int $intCategory=0, bool $boolOlderThan6Months=false): array {
 
 			
-			$strRq	= "SELECT project.*, 
-						user_pseudo AS 'project_creatorname',
+			$strRq = "SELECT project.*, 
+						CONCAT(user_firstname, ' ', user_name) AS 'project_creatorname',
 						user_image
 						FROM project
-							INNER JOIN users ON user_id = project_user_id";
-			
-			$strRq .= " WHERE project_deleted_at IS NULL";
-			
-			$strAnd	= " AND ";
+						INNER JOIN users ON user_id = project_user_id
+						WHERE 1=1";
 
 			if ($strKeywords != '') {
-				
-				$strSafeKeywords = $this->_db->quote("%" . $strKeywords . "%");
-
-				$strRq .= $strAnd. " (project_title LIKE ".$strSafeKeywords."
-								OR project_content LIKE ".$strSafeKeywords.") ";
-								
+				$strRq .= " AND (project_title LIKE :keywords OR project_content LIKE :keywords)";
 			}
 
 			if ($intAuthor > 0){
-				$strRq .= $strAnd." user_id = ".$intAuthor;
+				$strRq .= " AND project_user_id = :author";
+			}
 
-			}
 			if ($intCategory > 0){
-				$strRq .= $strAnd." project_category = ".$intCategory;
+				$strRq .= " AND project_category = :category";
 			}
+
 			if ($boolOlderThan6Months === true) {
-				$strRq .= $strAnd . " project_creation_date <= DATE_SUB(NOW(), INTERVAL 6 MONTH) ";
+				$strRq .= " AND project_creation_date <= DATE_SUB(NOW(), INTERVAL 6 MONTH)";
 			}
+
 			if ($intPeriod == 0){
 				if ($strDate != ''){
-					$strRq .= $strAnd." project_creation_date = '".$strDate."'";
+					$strRq .= " AND project_creation_date = :date_exacte";
 				}
-			}else{
+			} else {
 				if ($strStartDate != '' && $strEndDate != ''){
-					$strRq .= $strAnd." project_creation_date BETWEEN '".$strStartDate."' AND '".$strEndDate."'";
-				}else{
+					$strRq .= " AND project_creation_date BETWEEN :date_debut AND :date_fin";
+				} else {
 					if ($strStartDate != ''){
-						$strRq .= $strAnd." project_creation_date >= '".$strStartDate."'";
-					}else if ($strEndDate != ''){
-						$strRq .= $strAnd." project_creation_date <= '".$strEndDate."'";
+						$strRq .= " AND project_creation_date >= :date_debut";
+					} else if ($strEndDate != ''){
+						$strRq .= " AND project_creation_date <= :date_fin";
 					}
 				}
 			}
-			
+
 			$strRq .= " ORDER BY project_creation_date DESC";
 
 			if ($intLimit > 0){
-				$strRq  .= " LIMIT ".$intLimit;
+				$strRq .= " LIMIT :limit"; 
 			}
 
-			return $this->_db->query($strRq)->fetchAll();
+			$rqPrep = $this->_db->prepare($strRq);
+
+			if ($strKeywords != '') {
+				$rqPrep->bindValue(':keywords', '%' . $strKeywords . '%', PDO::PARAM_STR);
+			}
+			if ($intAuthor > 0){
+				$rqPrep->bindValue(':author', $intAuthor, PDO::PARAM_INT);
+			}
+			if ($intCategory > 0){
+				$rqPrep->bindValue(':category', $intCategory, PDO::PARAM_INT);
+			}
+			if ($intPeriod == 0){
+				if ($strDate != ''){
+					$rqPrep->bindValue(':date_exacte', $strDate, PDO::PARAM_STR);
+				}
+			} else {
+				if ($strStartDate != '' && $strEndDate != ''){
+					$rqPrep->bindValue(':date_debut', $strStartDate, PDO::PARAM_STR);
+					$rqPrep->bindValue(':date_fin', $strEndDate, PDO::PARAM_STR);
+				} else {
+					if ($strStartDate != ''){
+						$rqPrep->bindValue(':date_debut', $strStartDate, PDO::PARAM_STR);
+					} else if ($strEndDate != ''){
+						$rqPrep->bindValue(':date_fin', $strEndDate, PDO::PARAM_STR);
+					}
+				}
+			}
+			if ($intLimit > 0){
+				$rqPrep->bindValue(':limit', $intLimit, PDO::PARAM_INT);
+			}
+
+			$rqPrep->execute();
+			return $rqPrep->fetchAll();
 		}