diff --git a/core/trunk/core/class/class_db.php b/core/trunk/core/class/class_db.php
index 88531eb9a7cdb954bbbd4e6549a01bbe8e0e064c..59a5c36a9832840a599ac49da32197b4af9887d1 100644
--- a/core/trunk/core/class/class_db.php
+++ b/core/trunk/core/class/class_db.php
@@ -317,8 +317,12 @@ class dbquery extends functions
     *           if not catched, the error is displayed (false by default)
     * @param  $noFilter bool true if you don't want to filter on ; and --
     */
-    public function query($sqlQuery, $catchError = false, $noFilter = false)
-    {
+    public function query(
+        $sqlQuery, 
+        $catchError = false, 
+        $noFilter = false,
+        &$params = array()
+    ) {
         if (!$this->_sqlLink) {
             $this->connect();
         }
@@ -363,7 +367,7 @@ class dbquery extends functions
                 
             case 'ORACLE' : 
                 $this->query = @oci_parse($this->_sqlLink, $sqlQuery);
-                
+                                
                 if ($this->query == false) {
                     if ($catchError) return false;
                     $this->_sqlError = 6;
@@ -371,11 +375,21 @@ class dbquery extends functions
                     exit();
                 } 
                 else {
+                    if(count($params) > 0) {
+                        //echo "<br/>Params to bind:"; var_dump($params);
+                        foreach($params as $paramname => &$paramvar) {   
+                            $binded = oci_bind_by_name($this->query, $paramname, $paramvar, -1, SQLT_CHR);
+                        }
+                    }
+
                     if (! @oci_execute($this->query)) {
                         if ($catchError) return false;
                         $this->_sqlError = 3;
                         $this->error();
                     }
+                    if(count($params) > 0) {
+                        //echo "<br/>Params after execution: "; var_dump($params);
+                    }
                 }
                 break;
                 
diff --git a/core/trunk/core/class/class_functions.php b/core/trunk/core/class/class_functions.php
index 052c706497849baf73537e2d4789c870a9fe7abe..2a61cbf63cb55259ad38aab637f4eaf84d6906b0 100644
--- a/core/trunk/core/class/class_functions.php
+++ b/core/trunk/core/class/class_functions.php
@@ -495,7 +495,6 @@ class functions
             {
                 var link1 = document.createElement("a");
                 link1.href='<?php  echo $_SESSION['location_bar']['level1']['path'];?>';
-                // link1.href='<?php  echo preg_replace("/(&(?!amp;))/", "&amp;",$_SESSION['location_bar']['level1']['path']);?>';
                 var label1 = document.createTextNode("<?php  echo $_SESSION['location_bar']['level1']['label'];?>");
                 link1.appendChild(label1);
                 bar.appendChild(link1);
@@ -511,7 +510,6 @@ class functions
                     if(bar != null)
                     {
                         var link1 = document.createElement("a");
-                        //link1.href='<?php  echo preg_replace("/(&(?!amp;))/", "&amp;",$_SESSION['location_bar']['level1']['path']);?>';
                         link1.href='<?php  echo $_SESSION['location_bar']['level1']['path'];?>';
                         var label1 = document.createTextNode("<?php  echo $_SESSION['location_bar']['level1']['label'];?>");
                         link1.appendChild(label1);