Index: includes/actions.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/actions.inc,v retrieving revision 1.7 diff -u -p -r1.7 actions.inc --- includes/actions.inc 8 Dec 2007 14:06:20 -0000 1.7 +++ includes/actions.inc 19 Dec 2007 06:58:17 -0000 @@ -238,7 +238,7 @@ function actions_function_lookup($hash) } // Must be an instance; must check database. - $aid = db_result(db_query("SELECT aid FROM {actions} WHERE MD5(aid) = '%s' AND parameters != ''", $hash)); + $aid = db_result(db_query("SELECT aid FROM {actions} WHERE MD5(aid) = '%s' AND parameters != '%s'", $hash, '')); return $aid; } @@ -255,7 +255,7 @@ function actions_synchronize($actions_in $actions_in_code = actions_list(); } $actions_in_db = array(); - $result = db_query("SELECT * FROM {actions} WHERE parameters = ''"); + $result = db_query("SELECT * FROM {actions} WHERE parameters = '%s'", ''); while ($action = db_fetch_object($result)) { $actions_in_db[$action->callback] = array('aid' => $action->aid, 'description' => $action->description); } Index: includes/cache.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/cache.inc,v retrieving revision 1.16 diff -u -p -r1.16 cache.inc --- includes/cache.inc 26 Nov 2007 16:19:37 -0000 1.16 +++ includes/cache.inc 19 Dec 2007 06:58:17 -0000 @@ -171,7 +171,7 @@ function cache_clear_all($cid = NULL, $t db_query("DELETE FROM {". $table ."}"); } else { - db_query("DELETE FROM {". $table ."} WHERE cid LIKE '%s%%'", $cid); + db_query("DELETE FROM {". $table ."} WHERE cid LIKE '%s'", $cid ."%"); } } else { Index: includes/locale.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/locale.inc,v retrieving revision 1.168 diff -u -p -r1.168 locale.inc --- includes/locale.inc 18 Dec 2007 16:27:44 -0000 1.168 +++ includes/locale.inc 19 Dec 2007 06:58:18 -0000 @@ -1914,21 +1914,21 @@ function _locale_translate_seek() { // Compute LIKE section switch ($query['translation']) { case 'translated': - $where = "WHERE (t.translation LIKE '%%%s%%')"; + $where = "WHERE (t.translation LIKE '%s')"; $orderby = "ORDER BY t.translation"; - $arguments[] = $query['string']; + $arguments[] = "%". $query['string'] ."%"; break; case 'untranslated': - $where = "WHERE (s.source LIKE '%%%s%%' AND t.translation IS NULL)"; + $where = "WHERE (s.source LIKE '%s' AND t.translation IS NULL)"; $orderby = "ORDER BY s.source"; - $arguments[] = $query['string']; + $arguments[] = "%". $query['string'] ."%"; break; case 'all' : default: - $where = "WHERE (s.source LIKE '%%%s%%' OR t.translation LIKE '%%%s%%')"; + $where = "WHERE (s.source LIKE '%s' OR t.translation LIKE '%s')"; $orderby = ''; - $arguments[] = $query['string']; - $arguments[] = $query['string']; + $arguments[] = "%". $query['string'] ."%"; + $arguments[] = "%". $query['string'] ."%"; break; } $grouplimit = ''; @@ -1940,8 +1940,8 @@ function _locale_translate_seek() { switch ($query['language']) { // Force search in source strings case "en": - $sql = $join ." WHERE s.source LIKE '%%%s%%' $grouplimit ORDER BY s.source"; - $arguments = array($query['string']); // $where is not used, discard its arguments + $sql = $join ." WHERE s.source LIKE '%s' $grouplimit ORDER BY s.source"; + $arguments = array("%". $query['string'] ."%"); // $where is not used, discard its arguments if (!empty($grouplimit)) { $arguments[] = $query['group']; } @@ -2062,7 +2062,7 @@ function _locale_rebuild_js($langcode = // Construct the array for JavaScript translations. // We sort on plural so that we have all plural forms before singular forms. - $result = db_query("SELECT s.lid, s.source, t.plid, t.plural, t.translation FROM {locales_source} s LEFT JOIN {locales_target} t ON s.lid = t.lid AND t.language = '%s' WHERE s.location LIKE '%%.js%%' AND s.textgroup = 'default' ORDER BY t.plural DESC", $language->language); + $result = db_query("SELECT s.lid, s.source, t.plid, t.plural, t.translation FROM {locales_source} s LEFT JOIN {locales_target} t ON s.lid = t.lid AND t.language = '%s' WHERE s.location LIKE '%s' AND s.textgroup = 'default' ORDER BY t.plural DESC", $language->language, '%.js%'); $translations = $plurals = array(); while ($data = db_fetch_object($result)) { Index: includes/path.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/path.inc,v retrieving revision 1.19 diff -u -p -r1.19 path.inc --- includes/path.inc 4 Nov 2007 16:42:45 -0000 1.19 +++ includes/path.inc 19 Dec 2007 06:58:18 -0000 @@ -65,7 +65,7 @@ function drupal_lookup_path($action, $pa return $map[$path_language][$path]; } // Get the most fitting result falling back with alias without language - $alias = db_result(db_query("SELECT dst FROM {url_alias} WHERE src = '%s' AND language IN('%s', '') ORDER BY language DESC", $path, $path_language)); + $alias = db_result(db_query("SELECT dst FROM {url_alias} WHERE src = '%s' AND language IN('%s', '%s') ORDER BY language DESC", $path, $path_language, '')); $map[$path_language][$path] = $alias; return $alias; } @@ -76,7 +76,7 @@ function drupal_lookup_path($action, $pa $src = ''; if (!isset($map[$path_language]) || !($src = array_search($path, $map[$path_language]))) { // Get the most fitting result falling back with alias without language - if ($src = db_result(db_query("SELECT src FROM {url_alias} WHERE dst = '%s' AND language IN('%s', '') ORDER BY language DESC", $path, $path_language))) { + if ($src = db_result(db_query("SELECT src FROM {url_alias} WHERE dst = '%s' AND language IN('%s', '%s') ORDER BY language DESC", $path, $path_language, ''))) { $map[$path_language][$src] = $path; } else { Index: modules/comment/comment.module =================================================================== RCS file: /cvs/drupal/drupal/modules/comment/comment.module,v retrieving revision 1.608 diff -u -p -r1.608 comment.module --- modules/comment/comment.module 16 Dec 2007 21:01:44 -0000 1.608 +++ modules/comment/comment.module 19 Dec 2007 06:58:18 -0000 @@ -732,7 +732,7 @@ function comment_save($edit) { $parent->thread = (string) rtrim((string) $parent->thread, '/'); // Get the max value in _this_ thread. - $max = db_result(db_query("SELECT MAX(thread) FROM {comments} WHERE thread LIKE '%s.%%' AND nid = %d", $parent->thread, $edit['nid'])); + $max = db_result(db_query("SELECT MAX(thread) FROM {comments} WHERE thread LIKE '%s' AND nid = %d", $parent->thread .".%", $edit['nid'])); if ($max == '') { // First child of this parent. Index: modules/filter/filter.module =================================================================== RCS file: /cvs/drupal/drupal/modules/filter/filter.module,v retrieving revision 1.196 diff -u -p -r1.196 filter.module --- modules/filter/filter.module 18 Dec 2007 12:59:21 -0000 1.196 +++ modules/filter/filter.module 19 Dec 2007 06:58:18 -0000 @@ -298,8 +298,8 @@ function filter_formats($index = NULL) { if (!$all) { $where = array(); foreach ($user->roles as $rid => $role) { - $where[] = "roles LIKE '%%,%d,%%'"; - $args[] = $rid; + $where[] = "roles LIKE '%s'"; + $args[] = '%,'. (int) $rid .',%'; } $query .= ' WHERE '. implode(' OR ', $where) .' OR format = %d'; $args[] = variable_get('filter_default_format', 1); Index: modules/node/node.admin.inc =================================================================== RCS file: /cvs/drupal/drupal/modules/node/node.admin.inc,v retrieving revision 1.14 diff -u -p -r1.14 node.admin.inc --- modules/node/node.admin.inc 8 Dec 2007 14:06:21 -0000 1.14 +++ modules/node/node.admin.inc 19 Dec 2007 06:58:18 -0000 @@ -365,7 +365,7 @@ function node_admin_nodes() { $result = pager_query(db_rewrite_sql('SELECT n.*, u.name FROM {node} n '. $filter['join'] .' INNER JOIN {users} u ON n.uid = u.uid '. $filter['where'] .' ORDER BY n.changed DESC'), 50, 0, NULL, $filter['args']); // Enable language column if locale is enabled or if we have any node with language - $count = db_result(db_query("SELECT COUNT(*) FROM {node} n WHERE language != ''")); + $count = db_result(db_query("SELECT COUNT(*) FROM {node} n WHERE language != '%s'", '')); $multilanguage = (module_exists('locale') || $count); $form['options'] = array('#type' => 'fieldset', Index: modules/node/node.module =================================================================== RCS file: /cvs/drupal/drupal/modules/node/node.module,v retrieving revision 1.927 diff -u -p -r1.927 node.module --- modules/node/node.module 17 Dec 2007 12:41:20 -0000 1.927 +++ modules/node/node.module 19 Dec 2007 06:58:18 -0000 @@ -1106,7 +1106,7 @@ function node_search($op = 'search', $ke case 'status': $total = db_result(db_query('SELECT COUNT(*) FROM {node} WHERE status = 1')); - $remaining = db_result(db_query("SELECT COUNT(*) FROM {node} n LEFT JOIN {search_dataset} d ON d.type = 'node' AND d.sid = n.nid WHERE d.sid IS NULL OR d.reindex <> 0")); + $remaining = db_result(db_query("SELECT COUNT(*) FROM {node} n LEFT JOIN {search_dataset} d ON d.type = 'node' AND d.sid = n.nid WHERE d.sid IS NULL OR d.reindex != 0")); return array('remaining' => $remaining, 'total' => $total); case 'admin': @@ -1672,7 +1672,7 @@ function node_update_index() { variable_set('node_cron_comments_scale', 1.0 / max(1, db_result(db_query('SELECT MAX(comment_count) FROM {node_comment_statistics}')))); variable_set('node_cron_views_scale', 1.0 / max(1, db_result(db_query('SELECT MAX(totalcount) FROM {node_counter}')))); - $result = db_query_range("SELECT n.nid FROM {node} n LEFT JOIN {search_dataset} d ON d.type = 'node' AND d.sid = n.nid WHERE d.sid IS NULL OR d.reindex <> 0 ORDER BY d.reindex ASC, n.nid ASC", 0, $limit); + $result = db_query_range("SELECT n.nid FROM {node} n LEFT JOIN {search_dataset} d ON d.type = 'node' AND d.sid = n.nid WHERE d.sid IS NULL OR d.reindex != 0 ORDER BY d.reindex ASC, n.nid ASC", 0, $limit); while ($node = db_fetch_object($result)) { _node_index_node($node); Index: modules/path/path.admin.inc =================================================================== RCS file: /cvs/drupal/drupal/modules/path/path.admin.inc,v retrieving revision 1.5 diff -u -p -r1.5 path.admin.inc --- modules/path/path.admin.inc 10 Nov 2007 12:08:22 -0000 1.5 +++ modules/path/path.admin.inc 19 Dec 2007 06:58:18 -0000 @@ -15,13 +15,13 @@ function path_admin_overview($keys = NUL // Add the filter form above the overview table. $output = drupal_get_form('path_admin_filter_form', $keys); // Enable language column if locale is enabled or if we have any alias with language - $count = db_result(db_query("SELECT COUNT(*) FROM {url_alias} WHERE language != ''")); + $count = db_result(db_query("SELECT COUNT(*) FROM {url_alias} WHERE language != '%s'", '')); $multilanguage = (module_exists('locale') || $count); if ($keys) { // Replace wildcards with MySQL/PostgreSQL wildcards. - $keys = preg_replace('!\*+!', '%', $keys); - $sql = "SELECT * FROM {url_alias} WHERE dst LIKE '%%%s%%'"; + $keys = "%". preg_replace('!\*+!', '%', $keys) ."%"; + $sql = "SELECT * FROM {url_alias} WHERE dst LIKE '%s'"; } else { $sql = 'SELECT * FROM {url_alias}'; Index: modules/profile/profile.admin.inc =================================================================== RCS file: /cvs/drupal/drupal/modules/profile/profile.admin.inc,v retrieving revision 1.6 diff -u -p -r1.6 profile.admin.inc --- modules/profile/profile.admin.inc 9 Dec 2007 13:03:01 -0000 1.6 +++ modules/profile/profile.admin.inc 19 Dec 2007 06:58:18 -0000 @@ -395,7 +395,7 @@ function profile_field_delete_submit($fo */ function profile_admin_settings_autocomplete($string) { $matches = array(); - $result = db_query_range("SELECT category FROM {profile_fields} WHERE LOWER(category) LIKE LOWER('%s%%')", $string, 0, 10); + $result = db_query_range("SELECT category FROM {profile_fields} WHERE LOWER(category) LIKE LOWER('%s')", $string ."%", 0, 10); while ($data = db_fetch_object($result)) { $matches[$data->category] = check_plain($data->category); } Index: modules/profile/profile.module =================================================================== RCS file: /cvs/drupal/drupal/modules/profile/profile.module,v retrieving revision 1.231 diff -u -p -r1.231 profile.module --- modules/profile/profile.module 14 Dec 2007 18:08:48 -0000 1.231 +++ modules/profile/profile.module 19 Dec 2007 06:58:18 -0000 @@ -464,7 +464,7 @@ function profile_category_access($catego return TRUE; } else { - return db_result(db_query("SELECT COUNT(*) FROM {profile_fields} WHERE category = '%s' AND visibility <> %d", $category, PROFILE_HIDDEN)); + return db_result(db_query("SELECT COUNT(*) FROM {profile_fields} WHERE category = '%s' AND visibility != %d", $category, PROFILE_HIDDEN)); } } Index: modules/profile/profile.pages.inc =================================================================== RCS file: /cvs/drupal/drupal/modules/profile/profile.pages.inc,v retrieving revision 1.2 diff -u -p -r1.2 profile.pages.inc --- modules/profile/profile.pages.inc 8 Dec 2007 14:06:22 -0000 1.2 +++ modules/profile/profile.pages.inc 19 Dec 2007 06:58:18 -0000 @@ -46,8 +46,8 @@ function profile_browse() { $arguments[] = $value; break; case 'list': - $query = "v.value LIKE '%%%s%%'"; - $arguments[] = $value; + $query = "v.value LIKE '%s'"; + $arguments[] = "%". $value ."%"; break; default: drupal_not_found(); @@ -110,7 +110,7 @@ function profile_browse() { function profile_autocomplete($field, $string) { $matches = array(); if (db_result(db_query("SELECT COUNT(*) FROM {profile_fields} WHERE fid = %d AND autocomplete = 1", $field))) { - $result = db_query_range("SELECT value FROM {profile_values} WHERE fid = %d AND LOWER(value) LIKE LOWER('%s%%') GROUP BY value ORDER BY value ASC", $field, $string, 0, 10); + $result = db_query_range("SELECT value FROM {profile_values} WHERE fid = %d AND LOWER(value) LIKE LOWER('%s') GROUP BY value ORDER BY value ASC", $field, $string ."%", 0, 10); while ($data = db_fetch_object($result)) { $matches[$data->value] = check_plain($data->value); } Index: modules/search/search.module =================================================================== RCS file: /cvs/drupal/drupal/modules/search/search.module,v retrieving revision 1.245 diff -u -p -r1.245 search.module --- modules/search/search.module 14 Dec 2007 18:08:48 -0000 1.245 +++ modules/search/search.module 19 Dec 2007 06:58:18 -0000 @@ -843,7 +843,7 @@ function _search_parse_query(&$word, &$s } } // Return matching snippet and number of added words - return array("d.data ". ($not ? 'NOT ' : '') ."LIKE '%% %s %%'", $count); + return array("d.data ". ($not ? 'NOT ' : '') ."LIKE '%s'", "% ". $count ." %"); } /** Index: modules/statistics/statistics.admin.inc =================================================================== RCS file: /cvs/drupal/drupal/modules/statistics/statistics.admin.inc,v retrieving revision 1.2 diff -u -p -r1.2 statistics.admin.inc --- modules/statistics/statistics.admin.inc 20 Oct 2007 21:57:50 -0000 1.2 +++ modules/statistics/statistics.admin.inc 19 Dec 2007 06:58:18 -0000 @@ -106,8 +106,8 @@ function statistics_top_visitors() { * Menu callback; presents the "referrer" page. */ function statistics_top_referrers() { - $query = "SELECT url, COUNT(url) AS hits, MAX(timestamp) AS last FROM {accesslog} WHERE url NOT LIKE '%%%s%%' AND url <> '' GROUP BY url"; - $query_cnt = "SELECT COUNT(DISTINCT(url)) FROM {accesslog} WHERE url <> '' AND url NOT LIKE '%%%s%%'"; + $query = "SELECT url, COUNT(url) AS hits, MAX(timestamp) AS last FROM {accesslog} WHERE url NOT LIKE '%s' AND url != '%s' GROUP BY url"; + $query_cnt = "SELECT COUNT(DISTINCT(url)) FROM {accesslog} WHERE url NOT LIKE '%s' AND url != '%s'"; drupal_set_title(t('Top referrers in the past %interval', array('%interval' => format_interval(variable_get('statistics_flush_accesslog_timer', 259200))))); $header = array( @@ -117,7 +117,7 @@ function statistics_top_referrers() { ); $query .= tablesort_sql($header); - $result = pager_query($query, 30, 0, $query_cnt, $_SERVER['HTTP_HOST']); + $result = pager_query($query, 30, 0, $query_cnt, "%". $_SERVER['HTTP_HOST'] ."%", ''); $rows = array(); while ($referrer = db_fetch_object($result)) { Index: modules/statistics/statistics.module =================================================================== RCS file: /cvs/drupal/drupal/modules/statistics/statistics.module,v retrieving revision 1.269 diff -u -p -r1.269 statistics.module --- modules/statistics/statistics.module 14 Dec 2007 18:08:48 -0000 1.269 +++ modules/statistics/statistics.module 19 Dec 2007 06:58:18 -0000 @@ -206,7 +206,7 @@ function statistics_cron() { * or FALSE if the query could not be executed correctly. */ function statistics_title_list($dbfield, $dbrows) { - return db_query_range(db_rewrite_sql("SELECT n.nid, n.title, u.uid, u.name FROM {node} n INNER JOIN {node_counter} s ON n.nid = s.nid INNER JOIN {users} u ON n.uid = u.uid WHERE %s <> '0' AND n.status = 1 ORDER BY %s DESC"), 's.'. $dbfield, 's.'. $dbfield, 0, $dbrows); + return db_query_range(db_rewrite_sql("SELECT n.nid, n.title, u.uid, u.name FROM {node} n INNER JOIN {node_counter} s ON n.nid = s.nid INNER JOIN {users} u ON n.uid = u.uid WHERE %s != '0' AND n.status = 1 ORDER BY %s DESC"), 's.'. $dbfield, 's.'. $dbfield, 0, $dbrows); } Index: modules/statistics/statistics.pages.inc =================================================================== RCS file: /cvs/drupal/drupal/modules/statistics/statistics.pages.inc,v retrieving revision 1.2 diff -u -p -r1.2 statistics.pages.inc --- modules/statistics/statistics.pages.inc 20 Oct 2007 21:57:50 -0000 1.2 +++ modules/statistics/statistics.pages.inc 19 Dec 2007 06:58:18 -0000 @@ -15,7 +15,7 @@ function statistics_node_tracker() { array('data' => t('User'), 'field' => 'u.name'), array('data' => t('Operations'))); - $result = pager_query('SELECT a.aid, a.timestamp, a.url, a.uid, u.name FROM {accesslog} a LEFT JOIN {users} u ON a.uid = u.uid WHERE a.path LIKE \'node/%d%%\''. tablesort_sql($header), 30, 0, NULL, $node->nid); + $result = pager_query("SELECT a.aid, a.timestamp, a.url, a.uid, u.name FROM {accesslog} a LEFT JOIN {users} u ON a.uid = u.uid WHERE a.path LIKE '%s'". tablesort_sql($header), 30, 0, NULL, "node/". (int) $node->nid ."%"); $rows = array(); while ($log = db_fetch_object($result)) { $rows[] = array( Index: modules/system/system.module =================================================================== RCS file: /cvs/drupal/drupal/modules/system/system.module,v retrieving revision 1.562 diff -u -p -r1.562 system.module --- modules/system/system.module 16 Dec 2007 21:01:45 -0000 1.562 +++ modules/system/system.module 19 Dec 2007 06:58:19 -0000 @@ -1274,7 +1274,7 @@ function system_actions_manage() { } $row = array(); - $instances_present = db_fetch_object(db_query("SELECT aid FROM {actions} WHERE parameters != ''")); + $instances_present = db_fetch_object(db_query("SELECT aid FROM {actions} WHERE parameters != '%s'", '')); $header = array( array('data' => t('Action type'), 'field' => 'type'), array('data' => t('Description'), 'field' => 'description'), Index: modules/taxonomy/taxonomy.pages.inc =================================================================== RCS file: /cvs/drupal/drupal/modules/taxonomy/taxonomy.pages.inc,v retrieving revision 1.6 diff -u -p -r1.6 taxonomy.pages.inc --- modules/taxonomy/taxonomy.pages.inc 6 Dec 2007 09:58:34 -0000 1.6 +++ modules/taxonomy/taxonomy.pages.inc 19 Dec 2007 06:58:19 -0000 @@ -112,7 +112,7 @@ function taxonomy_autocomplete($vid, $st $last_string = trim(array_pop($array)); $matches = array(); if ($last_string != '') { - $result = db_query_range(db_rewrite_sql("SELECT t.tid, t.name FROM {term_data} t WHERE t.vid = %d AND LOWER(t.name) LIKE LOWER('%%%s%%')", 't', 'tid'), $vid, $last_string, 0, 10); + $result = db_query_range(db_rewrite_sql("SELECT t.tid, t.name FROM {term_data} t WHERE t.vid = %d AND LOWER(t.name) LIKE LOWER('%s')", 't', 'tid'), $vid, "%". $last_string ."%", 0, 10); $prefix = count($array) ? implode(', ', $array) .', ' : ''; Index: modules/user/user.module =================================================================== RCS file: /cvs/drupal/drupal/modules/user/user.module,v retrieving revision 1.876 diff -u -p -r1.876 user.module --- modules/user/user.module 18 Dec 2007 19:20:01 -0000 1.876 +++ modules/user/user.module 19 Dec 2007 06:58:19 -0000 @@ -546,13 +546,13 @@ function user_search($op = 'search', $ke $keys = preg_replace('!\*+!', '%', $keys); if (user_access('administer users')) { // Administrators can also search in the otherwise private email field. - $result = pager_query("SELECT name, uid, mail FROM {users} WHERE LOWER(name) LIKE LOWER('%%%s%%') OR LOWER(mail) LIKE LOWER('%%%s%%')", 15, 0, NULL, $keys, $keys); + $result = pager_query("SELECT name, uid, mail FROM {users} WHERE LOWER(name) LIKE LOWER('%s') OR LOWER(mail) LIKE LOWER('%s')", 15, 0, NULL, "%". $keys ."%", "%". $keys ."%"); while ($account = db_fetch_object($result)) { $find[] = array('title' => $account->name .' ('. $account->mail .')', 'link' => url('user/'. $account->uid, array('absolute' => TRUE))); } } else { - $result = pager_query("SELECT name, uid FROM {users} WHERE LOWER(name) LIKE LOWER('%%%s%%')", 15, 0, NULL, $keys); + $result = pager_query("SELECT name, uid FROM {users} WHERE LOWER(name) LIKE LOWER('%s')", 15, 0, NULL, "%". $keys ."%"); while ($account = db_fetch_object($result)) { $find[] = array('title' => $account->name, 'link' => url('user/'. $account->uid, array('absolute' => TRUE))); } @@ -1591,7 +1591,7 @@ function user_roles($membersonly = 0, $p $roles = array(); if ($permission) { - $result = db_query("SELECT r.* FROM {role} r INNER JOIN {permission} p ON r.rid = p.rid WHERE p.perm LIKE '%%%s%%' ORDER BY r.name", $permission); + $result = db_query("SELECT r.* FROM {role} r INNER JOIN {permission} p ON r.rid = p.rid WHERE p.perm LIKE '%s' ORDER BY r.name", "%". $permission ."%"); } else { $result = db_query('SELECT * FROM {role} ORDER BY name'); @@ -1844,7 +1844,7 @@ function user_filters() { $filters['permission'] = array( 'title' => t('permission'), 'join' => 'LEFT JOIN {permission} p ON ur.rid = p.rid', - 'where' => " ((p.perm IS NOT NULL AND p.perm LIKE '%%%s%%') OR u.uid = 1) ", + 'where' => " ((p.perm IS NOT NULL AND p.perm LIKE '%s') OR u.uid = 1) ", 'options' => $options, ); @@ -1876,6 +1876,7 @@ function user_build_filter_query() { if (user_access($value, $account)) { continue; } + $value = "%" . $value . "%"; } $where[] = $filters[$key]['where']; $args[] = $value; Index: modules/user/user.pages.inc =================================================================== RCS file: /cvs/drupal/drupal/modules/user/user.pages.inc,v retrieving revision 1.7 diff -u -p -r1.7 user.pages.inc --- modules/user/user.pages.inc 17 Dec 2007 17:06:16 -0000 1.7 +++ modules/user/user.pages.inc 19 Dec 2007 06:58:19 -0000 @@ -12,7 +12,7 @@ function user_autocomplete($string = '') { $matches = array(); if ($string) { - $result = db_query_range("SELECT name FROM {users} WHERE LOWER(name) LIKE LOWER('%s%%')", $string, 0, 10); + $result = db_query_range("SELECT name FROM {users} WHERE LOWER(name) LIKE LOWER('%s')", $string ."%", 0, 10); while ($user = db_fetch_object($result)) { $matches[$user->name] = check_plain($user->name); }