Index: modules/user/user.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.module,v
retrieving revision 1.687
diff -u -p -r1.687 user.module
--- modules/user/user.module	11 Oct 2006 12:08:29 -0000	1.687
+++ modules/user/user.module	13 Oct 2006 03:49:49 -0000
@@ -431,7 +431,12 @@ function user_search($op = 'search', $ke
         $find = array();
         // Replace wildcards with MySQL/PostgreSQL wildcards.
         $keys = preg_replace('!\*+!', '%', $keys);
-        $result = pager_query("SELECT * FROM {users} WHERE LOWER(name) LIKE LOWER('%%%s%%')", 15, 0, NULL, $keys);
+        if (user_access('administer users')) {
+          $result = pager_query('SELECT * FROM {users} WHERE LOWER(name) LIKE LOWER(\'%%%s%%\')', 15, 0, NULL, $keys);
+        }
+        else {
+          $result = pager_query('SELECT * FROM {users} WHERE status != 0 AND access !=0 AND LOWER(name) LIKE LOWER(\'%%%s%%\')', 15, 0, NULL, $keys);
+        }
         while ($account = db_fetch_object($result)) {
           $find[] = array('title' => $account->name, 'link' => url('user/'. $account->uid));
         }
@@ -1162,6 +1167,10 @@ function user_register() {
      '#type' => 'checkbox',
      '#title' => t('Notify user of new account')
     );
+    $form['access'] = array(
+     '#type' => 'value',
+     '#value' => -1,
+    );  
     // Redirect back to page which initiated the create request; usually admin/user/user/create
     $form['destination'] = array('#type' => 'hidden', '#value' => $_GET['q']);
   }
@@ -2006,7 +2015,7 @@ function user_admin_account() {
     asort($users_roles);
     $form['roles'][$account->uid][0] = array('#value' => theme('item_list', $users_roles));
     $form['member_for'][$account->uid] = array('#value' => format_interval(time() - $account->created));
-    $form['last_access'][$account->uid] =  array('#value' => $account->access ? t('@time ago', array('@time' => format_interval(time() - $account->access))) : t('never'));
+    $form['last_access'][$account->uid] =  array('#value' => $account->access > 0 ? t('@time ago', array('@time' => format_interval(time() - $account->access))) : t('never'));
     $form['operations'][$account->uid] = array('#value' => l(t('edit'), "user/$account->uid/edit", array(), $destination));
   }
   $form['accounts'] = array(