diff --git a/core/user.class.php b/core/user.class.php
index e2b30a1d..662300cd 100644
--- a/core/user.class.php
+++ b/core/user.class.php
@@ -140,19 +140,6 @@ class User {
 		}
 	}
 
-	/**
-	 * @param int $offset
-	 * @param int $limit
-	 * @return array
-	 */
-	public static function by_list(/*int*/ $offset, /*int*/ $limit=50) {
-		assert('is_numeric($offset)', var_export($offset, true));
-		assert('is_numeric($limit)', var_export($limit, true));
-		global $database;
-		$rows = $database->get_all("SELECT * FROM users WHERE id >= :start AND id < :end", array("start"=>$offset, "end"=>$offset+$limit));
-		return array_map("_new_user", $rows);
-	}
-
 
 	/* useful user object functions start here */
 
diff --git a/core/util.inc.php b/core/util.inc.php
index 81582cdf..6b0e081c 100644
--- a/core/util.inc.php
+++ b/core/util.inc.php
@@ -555,7 +555,15 @@ function make_http(/*string*/ $link) {
  */
 function make_form($target, $method="POST", $multipart=False, $form_id="", $onsubmit="") {
 	global $user;
-	$auth = $user->get_auth_html();
+	if($method == "GET") {
+		$link = html_escape($target);
+		$target = make_link($target);
+		$extra_inputs = "<input type='hidden' name='q' value='$link'>";
+	}
+	else {
+		$extra_inputs = $user->get_auth_html();
+	}
+
 	$extra = empty($form_id) ? '' : 'id="'. $form_id .'"';
 	if($multipart) {
 		$extra .= " enctype='multipart/form-data'";
@@ -563,7 +571,7 @@ function make_form($target, $method="POST", $multipart=False, $form_id="", $onsu
 	if($onsubmit) {
 		$extra .= ' onsubmit="'.$onsubmit.'"';
 	}
-	return '<form action="'.$target.'" method="'.$method.'" '.$extra.'>'.$auth;
+	return '<form action="'.$target.'" method="'.$method.'" '.$extra.'>'.$extra_inputs;
 }
 
 /**
diff --git a/ext/user/main.php b/ext/user/main.php
index c2bc2f8e..263af280 100644
--- a/ext/user/main.php
+++ b/ext/user/main.php
@@ -95,7 +95,7 @@ class UserPage extends Extension {
 	}
 
 	public function onPageRequest(PageRequestEvent $event) {
-		global $config, $page, $user;
+		global $config, $database, $page, $user;
 
 		$this->show_user_info();
 
@@ -115,15 +115,30 @@ class UserPage extends Extension {
 				$this->page_create();
 			}
 			else if($event->get_arg(0) == "list") {
-// select users.id,name,joindate,admin,
-// (select count(*) from images where images.owner_id=users.id) as images,
-// (select count(*) from comments where comments.owner_id=users.id) as comments from users;
+				$offset = 0;
+				$limit = 50;
 
-// select users.id,name,joindate,admin,image_count,comment_count
-// from users
-// join (select owner_id,count(*) as image_count from images group by owner_id) as _images on _images.owner_id=users.id
-// join (select owner_id,count(*) as comment_count from comments group by owner_id) as _comments on _comments.owner_id=users.id;
-				$this->theme->display_user_list($page, User::by_list(0), $user);
+				$q = "SELECT * FROM users WHERE id >= :start AND id < :end";
+				$a = array("start"=>$offset, "end"=>$offset+$limit);
+
+				if(@$_GET['username']) {
+					$q .= " AND name LIKE :name";
+					$a["name"] = '%' . $_GET['username'] . '%';
+				}
+
+				if(@$_GET['email']) {
+					$q .= " AND name LIKE :email";
+					$a["email"] = '%' . $_GET['email'] . '%';
+				}
+
+				if(@$_GET['class']) {
+					$q .= " AND class LIKE :class";
+					$a["class"] = $_GET['class'];
+				}
+
+				$rows = $database->get_all($q, $a);
+				$users = array_map("_new_user", $rows);
+				$this->theme->display_user_list($page, $users, $user);
 			}
 			else if($event->get_arg(0) == "logout") {
 				$this->page_logout();
diff --git a/ext/user/theme.php b/ext/user/theme.php
index ef3b7809..6f16a86c 100644
--- a/ext/user/theme.php
+++ b/ext/user/theme.php
@@ -9,18 +9,56 @@ class UserPageTheme extends Themelet {
 			"There should be a login box to the left"));
 	}
 
+	/**
+	 * @param Page $page
+	 * @param User[] $users
+	 * @param User $user
+	 */
 	public function display_user_list(Page $page, $users, User $user) {
 		$page->set_title("User List");
 		$page->set_heading("User List");
 		$page->add_block(new NavBlock());
-		$html = "<table>";
-		$html .= "<tr><td>Name</td></tr>";
+
+		$html = "<table class='zebra'>";
+
+		$html .= "<tr>";
+		$html .= "<td>Name</td>";
+		if($user->can('delete_user'))
+			$html .= "<td>Email</td>";
+		$html .= "<td>Class</td>";
+		$html .= "<td>Action</td>";
+		$html .= "</tr>";
+
+		$h_username = html_escape(@$_GET['username']);
+		$h_email = html_escape(@$_GET['email']);
+		$h_class = html_escape(@$_GET['class']);
+
+		$html .= "<tr>" . make_form("user_admin/list", "GET");
+		$html .= "<td><input type='text' name='username' value='$h_username'/></td>";
+		if($user->can('delete_user'))
+			$html .= "<td><input type='email' name='email' value='$h_email'/></td>";
+		$html .= "<td><input type='text' name='class' value='$h_class'/></td>";
+		$html .= "<td><input type='submit' value='Search'/></td>";
+		$html .= "</form></tr>";
+
 		foreach($users as $duser) {
+			$h_name = html_escape($duser->name);
+			$h_email = html_escape($duser->email);
+			$h_class = html_escape($duser->class->name);
+			$u_link = make_link("user/" . url_escape($duser->name));
+			$u_posts = make_link("post/list/user_id=" . url_escape($duser->id) . "/1");
+
 			$html .= "<tr>";
-			$html .= "<td><a href='".make_link("user/".url_escape($duser->name))."'>".html_escape($duser->name)."</a></td>";
+			$html .= "<td><a href='$u_link'>$h_name</a></td>";
+			if($user->can('delete_user'))
+				$html .= "<td>$h_email</td>";
+			$html .= "<td>$h_class</td>";
+			$html .= "<td><a href='$u_posts'>Show Posts</a></td>";
 			$html .= "</tr>";
 		}
+
 		$html .= "</table>";
+
 		$page->add_block(new Block("Users", $html));
 	}