As I recall, if you use "iwlist wlan0 scan" as user, you see just your current AP, but if run as root, you see all of them. I wrote the following a couple of weeks back:

#!/usr/bin/perl
$id = shift ;
while (1) {
open (IN,'iwlist wlan0 scan 2>/dev/null|') or die ;
while (<IN>) {
# chomp;
unless (/SSI/) { next; }
if ($id) { unless (/$id/i) { next ; }}
s/^[\s]*//;
print $_;
while (<IN>) {
unless (/Qual/) { next; }
s/^[\s]*//;
print $_;
last;
}
}
}

There's also aircrack-ng available