From 87d44c845df555dfcbe36ba3d72d9dd681e702db Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis@dolibarr.fr>
Date: Wed, 24 Oct 2012 11:18:15 +0200
Subject: [PATCH] Fix: restrict the search in the beginning

---
 htdocs/comm/list.php          | 2 +-
 htdocs/comm/prospect/list.php | 2 +-
 htdocs/fourn/liste.php        | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/htdocs/comm/list.php b/htdocs/comm/list.php
index 2572c6391ab..346e7a26b66 100755
--- a/htdocs/comm/list.php
+++ b/htdocs/comm/list.php
@@ -118,7 +118,7 @@ if ($catid == -2)        $sql.= " AND cs.fk_categorie IS NULL";
 if ($search_categ > 0)   $sql.= " AND cs.fk_categorie = ".$search_categ;
 if ($search_categ == -2) $sql.= " AND cs.fk_categorie IS NULL";
 if ($search_nom)   $sql.= " AND s.nom LIKE '%".$db->escape($search_nom)."%'";
-if ($search_zipcode) $sql.= " AND s.cp LIKE '%".$db->escape($search_zipcode)."%'";
+if ($search_zipcode) $sql.= " AND s.cp LIKE '".$db->escape($search_zipcode)."%'";
 if ($search_ville) $sql.= " AND s.ville LIKE '%".$db->escape($search_ville)."%'";
 if ($search_code)  $sql.= " AND s.code_client LIKE '%".$db->escape($search_code)."%'";
 if ($search_compta) $sql.= " AND s.code_compta LIKE '%".$db->escape($search_compta)."%'";
diff --git a/htdocs/comm/prospect/list.php b/htdocs/comm/prospect/list.php
index 45efe02addd..845d43657a6 100755
--- a/htdocs/comm/prospect/list.php
+++ b/htdocs/comm/prospect/list.php
@@ -195,7 +195,7 @@ if ($catid == -2)        $sql.= " AND cs.fk_categorie IS NULL";
 if ($search_categ > 0)   $sql.= " AND cs.fk_categorie = ".$search_categ;
 if ($search_categ == -2) $sql.= " AND cs.fk_categorie IS NULL";
 if ($search_nom)   $sql .= " AND s.nom LIKE '%".$db->escape(strtolower($search_nom))."%'";
-if ($search_zipcode) $sql .= " AND s.cp LIKE '%".$db->escape(strtolower($search_zipcode))."%'";
+if ($search_zipcode) $sql .= " AND s.cp LIKE '".$db->escape(strtolower($search_zipcode))."%'";
 if ($search_ville) $sql .= " AND s.ville LIKE '%".$db->escape(strtolower($search_ville))."%'";
 if ($search_departement) $sql .= " AND d.nom LIKE '%".$db->escape(strtolower($search_departement))."%'";
 if ($search_datec) $sql .= " AND s.datec LIKE '%".$db->escape($search_datec)."%'";
diff --git a/htdocs/fourn/liste.php b/htdocs/fourn/liste.php
index 6ed18f2392c..2812bba9c7e 100644
--- a/htdocs/fourn/liste.php
+++ b/htdocs/fourn/liste.php
@@ -97,7 +97,7 @@ if ($socname)
 	$sortorder = "ASC";
 }
 if ($search_nom)   $sql .= " AND s.nom LIKE '%".$db->escape($search_nom)."%'";
-if ($search_zipcode) $sql .= " AND s.cp LIKE '%".$db->escape($search_zipcode)."%'";
+if ($search_zipcode) $sql .= " AND s.cp LIKE '".$db->escape($search_zipcode)."%'";
 if ($search_ville) $sql .= " AND s.ville LIKE '%".$db->escape($search_ville)."%'";
 if ($search_code_fournisseur)   $sql .= " AND s.code_fournisseur LIKE '%".$db->escape($search_code_fournisseur)."%'";
 if ($search_compta_fournisseur) $sql .= " AND s.code_compta_fournisseur LIKE '%".$db->escape($search_compta_fournisseur)."%'";