User.find(:all, :conditions => [“role = ? and first LIKE A%”, params[:user][:role]] )
Just a warning, what you’ve got now has an SQL injection attack. Think about what happens if someone posts the following:
params[user[role]]=“name; DROP TABLE users; --”
What I’ve posted properly sanitizes the input so this can’t happen.