diff --git a/airtime_mvc/application/controllers/UserController.php b/airtime_mvc/application/controllers/UserController.php
index c75e2b49e6..c2cc9f0a60 100644
--- a/airtime_mvc/application/controllers/UserController.php
+++ b/airtime_mvc/application/controllers/UserController.php
@@ -95,7 +95,6 @@ public function addUserAction()
     public function getHostsAction()
     {
         $search            = $this->_getParam('term');
-        $res               = Application_Model_User::getHosts($search);
         $this->view->hosts = Application_Model_User::getHosts($search);
     }
 
diff --git a/airtime_mvc/application/models/User.php b/airtime_mvc/application/models/User.php
index 8a1008577c..8b97fef220 100644
--- a/airtime_mvc/application/models/User.php
+++ b/airtime_mvc/application/models/User.php
@@ -263,7 +263,6 @@ public static function getUsers(array $type, $search=null)
         $con     = Propel::getConnection();
 
         $sql_gen = "SELECT login AS value, login AS label, id as index FROM cc_subjs ";
-        $sql     = $sql_gen;
 
         $types = array();
         $params = array();
@@ -277,13 +276,8 @@ public static function getUsers(array $type, $search=null)
 
         $sql      = $sql_gen ." WHERE (". $sql_type.") ";
 
-        if (!is_null($search)) {
-            //need to use addslashes for 'LIKE' values
-            $search = addslashes($search);
-            $like = "login ILIKE '%{$search}%'";
-
-            $sql  = $sql . " AND ".$like;
-        }
+        $sql .= " AND login ILIKE :search";
+        $params[":search"] = "%$search%";
 
         $sql = $sql ." ORDER BY login";