diff --git a/app/messages/messages.php b/app/messages/messages.php
index 25a96c3ab9..78285d7b5d 100644
--- a/app/messages/messages.php
+++ b/app/messages/messages.php
@@ -88,12 +88,12 @@
 
 //prepare to page the results
 	$sql = "select count(message_uuid) as num_rows from v_messages ";
-	$sql .= "where user_uuid = '".$_SESSION['user_uuid']."' ";
 	if ($_GET['show'] == "all" && permission_exists('message_all')) {
 		if (isset($sql_search)) {
-			$sql .= "and ".$sql_search;
+			$sql .= "where ".$sql_search;
 		}
 	} else {
+		$sql .= "where user_uuid = '".$_SESSION['user_uuid']."' ";
 		$sql .= "and (domain_uuid = '".$domain_uuid."' or domain_uuid is null) ";
 		if (isset($sql_search)) {
 			$sql .= "and ".$sql_search;
@@ -124,12 +124,12 @@
 
 //get the list
 	$sql = "select * from v_messages ";
-	$sql .= "where user_uuid = '".$_SESSION['user_uuid']."' ";
 	if ($_GET['show'] == "all" && permission_exists('message_all')) {
 		if (isset($sql_search)) {
-			$sql .= "and ".$sql_search;
+			$sql .= "where ".$sql_search;
 		}
 	} else {
+		$sql .= "where user_uuid = '".$_SESSION['user_uuid']."' ";
 		$sql .= "and (domain_uuid = '".$domain_uuid."' or domain_uuid is null) ";
 		if (isset($sql_search)) {
 				$sql .= "and ".$sql_search;