diff --git a/core/user.class.php b/core/user.class.php
index 5e412cf4..c24db94e 100644
--- a/core/user.class.php
+++ b/core/user.class.php
@@ -40,7 +40,7 @@ class User {
 	public static function by_session($name, $session) {
 		global $config, $database;
 		$row = $database->get_row(
-				"SELECT * FROM users WHERE name = ? AND md5(concat(pass, ?)) = ?",
+				"SELECT * FROM users WHERE name = ? AND md5(pass || ?) = ?",
 				array($name, get_session_ip($config), $session)
 		);
 		return is_null($row) ? null : new User($row);