diff --git a/download.inc.php b/download.inc.php
index bb9e0497..8ac7d4ed 100644
--- a/download.inc.php
+++ b/download.inc.php
@@ -1,3 +1,3 @@
 <?php
 header("Content-Type: application/octet-stream");
-echo $mysql->result($mysql->query("SELECT " . idf_escape($_GET["field"]) . " FROM " . idf_escape($_GET["download"]) . " WHERE " . implode(" AND ", where()) . " LIMIT 1"));
+echo $mysql->result($mysql->query("SELECT " . idf_escape($_GET["field"]) . " FROM " . idf_escape($_GET["download"]) . " WHERE " . implode(" AND ", where($_GET)) . " LIMIT 1"));
diff --git a/edit.inc.php b/edit.inc.php
index 12bdb0db..66136ef7 100644
--- a/edit.inc.php
+++ b/edit.inc.php
@@ -1,5 +1,5 @@
 <?php
-$where = where();
+$where = where($_GET);
 $fields = fields($_GET["edit"]);
 foreach ($fields as $name => $field) {
 	if (isset($_GET["default"]) ? $field["auto_increment"] || preg_match('~text|blob~', $field["type"]) : !isset($field["privileges"][$where ? "update" : "insert"])) {
diff --git a/functions.inc.php b/functions.inc.php
index 3305e9e2..78ea807d 100644
--- a/functions.inc.php
+++ b/functions.inc.php
@@ -137,11 +137,8 @@ function unique_idf($row, $indexes) {
 	return $return;
 }
 
-function where($where = null) {
+function where($where) {
 	global $mysql;
-	if (!isset($where)) {
-		$where = $_GET;
-	}
 	$return = array();
 	foreach ((array) $where["where"] as $key => $val) {
 		$return[] = idf_escape(bracket_escape($key, "back")) . " = BINARY '" . $mysql->escape_string($val) . "'"; //! enum and set