so i have a textbox on my site where my customers can enter a unique id to pull there account information and this works great what isn’t so great is if no value is entered into the textbox the results return every customer in the database. how can i prevent this from happening?
[php]
<?php if (isset($_POST['uid'])) { define('DB_NAME', 'accounts'); define('DB_USER', 'root'); define('DB_PASSWORD', ''); define('DB_HOST', 'localhost'); $conn = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); if (!$conn) { die('Could not connect: ' . mysqli_connect_error()); } $uid = mysqli_real_escape_string($conn, $_POST['uid']); $sql = "SELECT * FROM `user` WHERE `UID` LIKE '%$uid%'"; $result=mysqli_query($conn, $sql); if (!$result) { echo 'There are no results for your search'; } else { echo "UID | Name | Address | Telephone | Last Clean | Next Clean | Balance | |
---|---|---|---|---|---|---|---|
" . $row['UID'] . " | "; echo "" . $row['Name'] . " | "; echo "" . $row['Address'] . " | "; echo "" . $row['Telephone'] . " | "; echo "" . $row['Email'] . " | "; echo "" . $row['Lclean'] . " | "; echo "" . $row['Nclean'] . " | "; echo "" . $row['Balance'] . " | "; echo "
Enter your UID here:
<?php } // end not submitted ?>
[/php]
thanks in advance.