Index: t3lib/class.t3lib_db.php
===================================================================
--- t3lib/class.t3lib_db.php	(revision 8202)
+++ t3lib/class.t3lib_db.php	(working copy)
@@ -658,7 +658,7 @@
 		$queryParts = array();
 
 		foreach($searchWords as $sw) {
-			$like = ' LIKE \'%' . $this->quoteStr($sw, $table) . '%\'';
+			$like = ' LIKE \'%' . $this->escapeStrForLike($this->quoteStr($sw, $table), $table) . '%\'';
 			$queryParts[] = $table . '.' . implode($like . ' OR ' . $table . '.', $fields) . $like;
 		}
 		$query = '(' . implode(') AND (', $queryParts) . ')';
Index: typo3/class.db_list.inc
===================================================================
--- typo3/class.db_list.inc	(revision 8202)
+++ typo3/class.db_list.inc	(working copy)
@@ -551,10 +551,10 @@
 	 * @return	string		Returns part of WHERE-clause for searching, if applicable.
 	 */
 	function makeSearchString($table)	{
-		global $TCA;
+		$queryPart = '';
 
 			// Make query, only if table is valid and a search string is actually defined:
-		if ($TCA[$table] && $this->searchString)	{
+		if ($GLOBALS['TCA'][$table] && $this->searchString)	{
 
 				// Loading full table description - we need to traverse fields:
 			t3lib_div::loadTCA($table);
@@ -564,21 +564,23 @@
 			$sfields[]='uid';	// Adding "uid" by default.
 
 				// Traverse the configured columns and add all columns that can be searched:
-			foreach($TCA[$table]['columns'] as $fieldName => $info)	{
+			foreach ($GLOBALS['TCA'][$table]['columns'] as $fieldName => $info)	{
 				if ($info['config']['type']=='text' || ($info['config']['type']=='input' && !preg_match('/date|time|int/',$info['config']['eval'])))	{
 					$sfields[]=$fieldName;
 				}
 			}
 
-				// If search-fields were defined (and there always are) we create the query:
-			if (count($sfields))	{
-				$like = ' LIKE \'%'.$GLOBALS['TYPO3_DB']->quoteStr($this->searchString, $table).'%\'';		// Free-text searching...
-				$queryPart = ' AND ('.implode($like.' OR ',$sfields).$like.')';
-
-					// Return query:
-				return $queryPart;
+				// If search-fields were defined, we create the query:
+			if (count($sfields)) {
+				$query = $GLOBALS['TYPO3_DB']->searchQuery(array($this->searchString), $sfields, $table);
+				if (strlen($query) > 0) {
+					$queryPart = ' AND (' . $query . ')';
+				}
 			}
 		}
+
+			// Return query:
+		return $queryPart;
 	}
 
 	/**