I have a PHP script that collects data from the form and inserts the data into a mysql query
the query will execute and display the information
my question is:
I can type the url of my php script and it will execute and display the whole database without having anything inserted into it
in other words when i directly execute my php script which is at
it will execute the whole database
the sql looks like this when i go to that page without having sent data
SELECT * FROM PLACES WHERE NAME LIKE '%%'
is there a php function that can validate that there is actually data being sent?
please and thank you