diff --git a/includes/cache.inc b/includes/cache.inc
index cbefdd2a38aa123f95c865e48101a2ceabd51ca6..b45d26b279aaa594aefb79fa822d7cfb98eebfbf 100644
--- a/includes/cache.inc
+++ b/includes/cache.inc
@@ -462,7 +462,7 @@ function clear($cid = NULL, $wildcard = FALSE) {
         }
         else {
           db_delete($this->bin)
-            ->condition('cid', $cid . '%', 'LIKE')
+            ->condition('cid', db_like($cid) . '%', 'LIKE')
             ->execute();
         }
       }
diff --git a/includes/locale.inc b/includes/locale.inc
index e9197f46e3af797e3bfb58f11e194b4968b1ce9a..a40a7d1250714eb1f44f5d77692e6e4cee4631a7 100644
--- a/includes/locale.inc
+++ b/includes/locale.inc
@@ -1480,12 +1480,12 @@ function _locale_translate_seek() {
   // Compute LIKE section.
   switch ($query['translation']) {
     case 'translated':
-      $sql_query->condition('t.translation', '%' . $query['string'] . '%', 'LIKE');
+      $sql_query->condition('t.translation', '%' . db_like($query['string']) . '%', 'LIKE');
       $sql_query->orderBy('t.translation', 'DESC');
       break;
     case 'untranslated':
       $sql_query->condition(db_and()
-        ->condition('s.source', '%' . $query['string'] . '%', 'LIKE')
+        ->condition('s.source', '%' . db_like($query['string']) . '%', 'LIKE')
         ->isNull('t.translation')
       );
       $sql_query->orderBy('s.source');
@@ -1493,10 +1493,10 @@ function _locale_translate_seek() {
     case 'all' :
     default:
       $condition = db_or()
-        ->condition('s.source', '%' . $query['string'] . '%', 'LIKE');
+        ->condition('s.source', '%' . db_like($query['string']) . '%', 'LIKE');
       if ($query['language'] != 'en') {
         // Only search in translations if the language is not forced to English.
-        $condition->condition('t.translation', '%' . $query['string'] . '%', 'LIKE');
+        $condition->condition('t.translation', '%' . db_like($query['string']) . '%', 'LIKE');
       }
       $sql_query->condition($condition);
       break;
diff --git a/modules/field/modules/field_sql_storage/field_sql_storage.module b/modules/field/modules/field_sql_storage/field_sql_storage.module
index bc0d379d88a2a247a55f4d0cb389c569b055d142..65ceb5228448b350e7fc33f33346227b60553580 100644
--- a/modules/field/modules/field_sql_storage/field_sql_storage.module
+++ b/modules/field/modules/field_sql_storage/field_sql_storage.module
@@ -494,17 +494,17 @@ function field_sql_storage_field_storage_query($field_id, $conditions, $options)
     switch ($operator) {
       case 'STARTS_WITH':
         $operator = 'LIKE';
-        $value .= '%';
+        $value = db_like($value) . '%';
         break;
 
       case 'ENDS_WITH':
         $operator = 'LIKE';
-        $value = "$value%";
+        $value = '%' . db_like($value);
         break;
 
       case 'CONTAINS':
         $operator = 'LIKE';
-        $value = "%$value%";
+        $value = '%' . db_like($value) . '%';
         break;
     }
     // Translate field columns into prefixed db columns.
diff --git a/modules/profile/profile.pages.inc b/modules/profile/profile.pages.inc
index bfc23e221c54cada62be8200596c3940e4575e8e..3462232859ed324b0b5389af99745ab58d9f0324 100644
--- a/modules/profile/profile.pages.inc
+++ b/modules/profile/profile.pages.inc
@@ -53,7 +53,7 @@ function profile_browse() {
         $query->condition('v.value', $value);
         break;
       case 'list':
-        $query->condition('v.value', '%' . $value . '%', 'LIKE');
+        $query->condition('v.value', '%' . db_like($value) . '%', 'LIKE');
         break;
       default:
         drupal_not_found();
diff --git a/modules/search/search.extender.inc b/modules/search/search.extender.inc
index 99a96057e3ec982164cf6847feddf132e0c54d27..05daa78503b417160ee94ddfccd4fcc1d1b5ad7a 100644
--- a/modules/search/search.extender.inc
+++ b/modules/search/search.extender.inc
@@ -442,4 +442,4 @@ public function execute()
 
     return $this->query->execute();
   }
-}
\ No newline at end of file
+}
diff --git a/modules/taxonomy/taxonomy.module b/modules/taxonomy/taxonomy.module
index d7ee54ba623d42048aebb35c1c991d79f50985ee..a6ea124d0a68e98bf298cc05122581f996b262d3 100644
--- a/modules/taxonomy/taxonomy.module
+++ b/modules/taxonomy/taxonomy.module
@@ -813,6 +813,7 @@ protected function buildQuery() {
       foreach ($conditions as $key => $condition) {
         if ($condition['field'] == 'base.name') {
           $conditions[$key]['operator'] = 'LIKE';
+          $conditions[$key]['value'] = db_like($conditions[$key]['value']);
         }
       }
     }
diff --git a/modules/taxonomy/taxonomy.pages.inc b/modules/taxonomy/taxonomy.pages.inc
index 712e8bc75932bae1f6817e7b07c20bf8f4e000b0..4b65472ef9efac58b1d03f35816bf67b0b3b968e 100644
--- a/modules/taxonomy/taxonomy.pages.inc
+++ b/modules/taxonomy/taxonomy.pages.inc
@@ -102,13 +102,11 @@ function taxonomy_autocomplete($field_name, $tags_typed = '') {
     if (!empty($tags_typed)) {
       $query->condition('t.name', $tags_typed, 'NOT IN');
     }
+    // Select rows that match by term name.
     $tags_return = $query
       ->fields('t', array('tid', 'name'))
       ->condition('t.vid', $vids)
-      // Select rows that match by term name.
-      ->condition(db_or()
-      ->where("t.name LIKE :last_string", array(':last_string' => '%' . $tag_last . '%'))
-      )
+      ->condition('t.name', '%' . db_like($tag_last) . '%', 'LIKE')
       ->range(0, 10)
       ->execute()
       ->fetchAllKeyed();