When I set
Only the list gets filtered by the where.
I can still edit any number with an id other than the one specified by typing:
/edit/<any number here>
So if you use the where clause to try to limit the users from editing what they shouldn't, you're gonna have a hard time.
Please fix this asap.
Hackers gonna hack.