diff --git a/core/trunk/core/class/SecurityControler.php b/core/trunk/core/class/SecurityControler.php
index 571a4984eb5c08bbdc8e64bb35ed19a16bfe8c17..6c48528587b00335a312f75a6ddf921035116c5b 100644
--- a/core/trunk/core/class/SecurityControler.php
+++ b/core/trunk/core/class/SecurityControler.php
@@ -406,13 +406,23 @@ class SecurityControler
     */
     public function process_where_clause($whereClause, $userId)
     {
-        $where = $whereClause;
         if (preg_match('/@user/', $whereClause)) {
-            $where = str_replace(
+            $whereClause = str_replace(
                 "@user", "'" . trim($userId) . "'", $whereClause
             );
         }
-        return $where;
+        $db = new dbquery();
+        $db->connect();
+        $query = "select mail from " . USERS_TABLE . " where user_id = '"
+               . $userId . "'";
+        $db->query($query);
+        $userObj = $db->fetch_object();
+        if (preg_match('/@email/', $whereClause)) {
+            $whereClause = str_replace(
+                "@email", "'" . trim($userObj->mail) . "'", $whereClause
+            );
+        }
+        return $whereClause;
     }
 
     /**