--- -	2007-01-12 16:42:03.000000000 +0100
+++ /dev/fd/63	2007-01-12 16:42:03.000000000 +0100
@@ -114,11 +114,13 @@
   // Determine which queues are appropriate for this nodetype.
   global $user;
 
-  $roles = array_keys($user->roles) + array(DRUPAL_AUTHENTICATED_RID);
-  $role_args = array_fill(0, count($roles), '%d');
+  $roles_where = $roles_join = '';
+  $roles = array();
 
   if ($user->uid != 1) {
     $roles_join = "INNER JOIN {nodequeue_roles} nr ON nr.qid = nq.qid ";
+    $roles = array_keys($user->roles) + array(DRUPAL_AUTHENTICATED_RID);
+    $role_args = array_fill(0, count($roles), '%d');
     $roles_where = "AND nr.rid IN (". implode(',', $role_args) .") ";
   }
 
@@ -128,7 +130,7 @@
     "INNER JOIN {nodequeue_types} nt ON nt.qid = nq.qid " .
     "LEFT JOIN {nodequeue_nodes} nqn ON nqn.qid = nq.qid " . $roles_join .
     "WHERE nt.type = '%s' " . $roles_where .
-    "GROUP BY nq.qid  ORDER BY nq.title", 'nq', 'qid'), $node->type);
+    "GROUP BY nq.qid  ORDER BY nq.title", 'nq', 'qid'), array($node->type) + $roles);
 
   $form = array();
   while ($queue = db_fetch_object($result)) {
@@ -435,18 +437,21 @@
 function nodequeue_node_access($type) {
   global $user;
   // superuser always has access.
+
+  $roles = array();
+  $roles_where = '';
+
   if ($user->uid != 1) {
     $roles_join = "INNER JOIN {nodequeue_roles} nr ON nr.qid = nq.qid ";
     $roles = array_keys($user->roles) + array(DRUPAL_AUTHENTICATED_RID);
     $role_args = array_fill(0, count($roles), '%d');
-
-    $roles_where .= "AND nr.rid IN (". implode(',', $role_args) .")";
+    $roles_where = "AND nr.rid IN (". implode(',', $role_args) .")";
   }
 
   $sql = 'SELECT nq.qid FROM {nodequeue_queue} nq ' .
     'INNER JOIN {nodequeue_types} nt ON nt.qid = nq.qid ' . $roles_join .
     "WHERE nt.type = '%s' " . $roles_where;
-  $result = db_query($sql, $type);
+  $result = db_query($sql, array($type) + $roles);
 
   return db_num_rows($result);
 }
