I have a User Interface where users can type in first name and last name of a person.
As long as i enter nothing in the Search Boxes, no users will be found. But as soon as i enter a white space, every user in the Database is returned. I trim the Input strings and check for whitespaces:

if (isset($_GET['lastname'])) {
    $lastname_value = trim($_GET['lastname']);
    //This Line is only used for setting the Text again in the Search Box       
    $tpl->setVariable('ss-search-lastname-value', $lastname_value);
}
if(isset($_GET['firstname'])) {
    $firstname_value = trim($_GET['firstname']);
    $tpl->setVariable('ss-search-firstname-value',$firstname_value);
}

After that i compose the search Query:

$sql = "SELECT e.`user_id`, e.`firstname`, e.`lastname`, e.`email`
            FROM `employees` as e
            WHERE 1";
if($lastname_value!="") {
    $sql .=" AND e.`lastname` ='$lastname_value'";
}
if($firstname_value!="") {
    $sql .=" AND e.`firstname` ='$firstname_value'";
}

A normal search returns the expected user with the right first name and last name, if I enter nothing and start the Search, no results are returned. However a single whitespace in the Search Box and I get all users. How can I fix that?