diff --git a/build.gradle b/build.gradle
index f94f21e4..c5ed1f8d 100644
--- a/build.gradle
+++ b/build.gradle
@@ -21,7 +21,7 @@ apply plugin: 'com.bmuschko.cargo-base'
 compileJava.options.encoding = 'UTF-8'
 
 group 'uk.ac.hutton.germinate'
-version '4.1.4'
+version '4.1.5'
 
 sourceCompatibility = 1.8
 
diff --git a/src/main/java/jhi/germinate/server/resource/FilteredResource.java b/src/main/java/jhi/germinate/server/resource/FilteredResource.java
index cc947994..0005299a 100644
--- a/src/main/java/jhi/germinate/server/resource/FilteredResource.java
+++ b/src/main/java/jhi/germinate/server/resource/FilteredResource.java
@@ -82,7 +82,7 @@ default <T extends Record> void filter(SelectJoinStep<T> step, Filter[] filters,
 
 	default Condition filterIndividual(Filter filter, boolean jsonOperationAllowed)
 	{
-		Field<Object> field = DSL.field("{0}", filter.getSafeColumn());
+		Field<Object> field = DSL.field(filter.getSafeColumn());
 		List<String> values = new ArrayList<>();
 
 		if (!CollectionUtils.isEmpty(filter.getValues()))
diff --git a/src/main/java/jhi/germinate/server/resource/PaginatedServerResource.java b/src/main/java/jhi/germinate/server/resource/PaginatedServerResource.java
index 4d7b58ef..b66098a0 100644
--- a/src/main/java/jhi/germinate/server/resource/PaginatedServerResource.java
+++ b/src/main/java/jhi/germinate/server/resource/PaginatedServerResource.java
@@ -17,6 +17,7 @@
 
 import jhi.germinate.resource.*;
 import jhi.germinate.server.Database;
+import jhi.germinate.server.util.StringUtils;
 
 /**
  * @author Sebastian Raubach
@@ -101,14 +102,25 @@ protected <T extends Record> SelectForUpdateStep<T> setPaginationAndOrderBy(Sele
 		if (ascending != null && orderBy != null)
 		{
 			if (ascending)
-				step.orderBy(DSL.field("{0}", orderBy).asc());
+				step.orderBy(DSL.field(getSafeColumn(orderBy)).asc());
 			else
-				step.orderBy(DSL.field("{0}", orderBy).desc());
+				step.orderBy(DSL.field(getSafeColumn(orderBy)).desc());
 		}
 
 		return step.limit(pageSize)
 				   .offset(pageSize * currentPage);
+	}
 
+	protected static String getSafeColumn(String column)
+	{
+		if (StringUtils.isEmpty(column))
+		{
+			return null;
+		}
+		else
+		{
+			return column.replaceAll("[^a-zA-Z0-9._-]", "").replaceAll("(.)(\\p{Upper})", "$1_$2").toLowerCase();
+		}
 	}
 
 	protected String getRequestAttributeAsString(String parameter)