diff --git a/ecrire/exec/accueil.php b/ecrire/exec/accueil.php
index 9e44eea427d769814ec3d05981473dc521eef941..bc453a44718a4785ab30dbdd48d5a16e2c60f4ca 100644
--- a/ecrire/exec/accueil.php
+++ b/ecrire/exec/accueil.php
@@ -386,7 +386,8 @@ function etat_base_accueil()
 function accueil_liste_participants()
 {
 	global $spip_lang_left;
-	$q = spip_query("SELECT COUNT(*) AS cnt, statut FROM spip_auteurs GROUP BY statut HAVING cnt <>0 AND statut IN ('" . join("','", $GLOBALS['liste_des_statuts']) . "')");
+
+	$q = spip_query("SELECT COUNT(*) AS cnt, statut FROM spip_auteurs GROUP BY statut HAVING cnt <>0 AND statut IN (".  _q($GLOBALS['liste_des_statuts']) . ")");
 
 	$cpt = array();
 	while($row=spip_fetch_array($q)) $cpt[$row['statut']] = $row['cnt']; 
diff --git a/ecrire/inc/documenter.php b/ecrire/inc/documenter.php
index bec62341e396f6afb4123e598d5ba4b23a01f0e1..ca949ea292b05d1a4b637dfe88849806f66cec9e 100644
--- a/ecrire/inc/documenter.php
+++ b/ecrire/inc/documenter.php
@@ -115,5 +115,5 @@ function inc_documenter_dist(
 	. "</table>"
 	. $pied;
 
-	return ajax_action_greffe("documenter", "$s$doc", $res, '');
+	return ajax_action_greffe("documenter", "$s$doc", $res);
 }
diff --git a/ecrire/inc/instituer_auteur.php b/ecrire/inc/instituer_auteur.php
index 73bb9f33a16723472f13c587b37ec28d7336de0a..8d74c9e7751753c4ac6ff39bb225cf639879b9fc 100644
--- a/ecrire/inc/instituer_auteur.php
+++ b/ecrire/inc/instituer_auteur.php
@@ -72,7 +72,8 @@ function choix_statut_auteur($statut, $id_auteur, $ancre) {
 	// Chercher tous les statuts non standards.
 	// Le count(*) ne sert pas, mais en son absence
 	// SQL (enfin, une version de SQL) renvoie un ensemble vide !
-	$q = spip_query($r ="SELECT statut, count(*) FROM spip_auteurs WHERE statut NOT IN ('" . join("','", $GLOBALS['liste_des_statuts']) . "') GROUP BY statut");
+	$q = spip_query("SELECT statut, count(*) FROM spip_auteurs WHERE statut NOT IN (" . _q($GLOBALS['liste_des_statuts']) . ") GROUP BY statut");
+
 	$hstatut = htmlentities($statut);
 	while ($r = spip_fetch_array($q, SPIP_NUM)) {
 		$nom = htmlentities($r[0]);
diff --git a/ecrire/inc/legender.php b/ecrire/inc/legender.php
index 40609df71fdc69e02a749b25ea43a2d194a94be5..87710af96f188ce14d04a14e421d34d6f28136e5 100644
--- a/ecrire/inc/legender.php
+++ b/ecrire/inc/legender.php
@@ -147,7 +147,7 @@ function inc_legender_dist($id_document, $document, $script, $type, $id, $ancre,
 		$corps .= icone_horizontale($texte, $action, $supp, "supprimer.gif", false);
 
 	$corps = block_parfois_visible("legender-aff-$id_document", sinon($entete,_T('info_sans_titre')), $corps, "text-align:center;", $flag);
-	return ajax_action_greffe("legender", $id_document, $corps,'');
+	return ajax_action_greffe("legender", $id_document, $corps);
 }
 
 
diff --git a/ecrire/inc/tourner.php b/ecrire/inc/tourner.php
index d6c97926d2edb61ae5401017e9381ca385aed94b..4f03427ef556ccb596fb3464c357d7d4bdf945a1 100644
--- a/ecrire/inc/tourner.php
+++ b/ecrire/inc/tourner.php
@@ -76,7 +76,7 @@ function inc_tourner_dist($id_document, $document, $script, $flag, $type)
 	.  $id_document
 	. "&gt;</div>";
 
-	return ajax_action_greffe("tourner", $id_document, $res, '');
+	return ajax_action_greffe("tourner", $id_document, $res);
 }
 
 // http://doc.spip.org/@boutons_rotateurs
diff --git a/ecrire/inc/utils.php b/ecrire/inc/utils.php
index da80efd6216e004aed3f68684d8b3aeeeec730b2..131458d974839a0f7fcfa0ca1691465845f4c615 100644
--- a/ecrire/inc/utils.php
+++ b/ecrire/inc/utils.php
@@ -227,7 +227,9 @@ function spip_query($query, $serveur='') {
 // a demenager dans base/abstract_sql a terme
 // http://doc.spip.org/@_q
 function _q($a) {
-	return (is_int($a)) ? strval($a) : ("'" . addslashes($a) . "'");
+	return (is_int($a)) ? strval($a) : 
+		(!is_array($a) ? ("'" . addslashes($a) . "'")
+		 : join(",", array_map('_q', $a)));
 }
 
 // Renvoie le _GET ou le _POST emis par l'utilisateur
diff --git a/ecrire/public/criteres.php b/ecrire/public/criteres.php
index 0b1c0a3c6ceb2a259f4c1dac57e25d52c936230c..7abaa5c2e6f2c682926cca9ee9427712cbc7ce6d 100644
--- a/ecrire/public/criteres.php
+++ b/ecrire/public/criteres.php
@@ -665,7 +665,7 @@ function critere_IN_dist ($idb, &$boucles, $crit)
 			$op = '<>';
 	} else $op = '=';
 
-	$arg = "FIELD($arg,\" . join(',',array_map('_q', $var)) . \")";
+	$arg = "FIELD($arg,\" . _q($var) . \")";
 	if ($boucles[$idb]->group) $arg = "SUM($arg)";
 	$boucles[$idb]->select[]=  "$arg AS cpt$cpt";
 	$op = array("'$op'", "'cpt$cpt'", 0);