<HTML>
<HEAD>
<TITLE>Php Test Query</TITLE>
</HEAD>
<BODY>

<FORM ACTION="queryTest_fixed.php" method="POST">
Last Name: <INPUT type="text" size="100" name="lname">
<INPUT type="submit" value="Search">
</FORM>


<TABLE BORDER="1">
<?php
//die("Fail!");
//Check if the value has been set
if(isset($_POST['lname'])){


$db_hostname='ada';
$db_database='cs450_cp';
$db_username='cs450_web';
$db_password='';

$db_server = new mysqli($db_hostname, $db_username, 
                $db_password);
//check for an error code
if($db_server->connect_errno){
   //the connection failed
   die("Unable to connect to database: " . 
        $db_server->error);
}
//echo "Success";
$db_server->select_db($db_database) or 
  die("Unable to select database.");

$lname = $_POST['lname'];
//$query = "SELECT FNAME, LNAME FROM EMPLOYEE WHERE LNAME LIKE '%$lname%'";
//$result = $db_server->query($query);

$stmt = $db_server->prepare("SELECT FNAME, LNAME FROM EMPLOYEE WHERE LNAME LIKE ?") or
  die("Unable to prepare query.");

$condition = "%$lname%";
$stmt->bind_param("s", $condition) or die("Unable to bind parameter $lname.");

$stmt->execute() or die("Unable to execute query");

$stmt->bind_result($first, $last);
echo "<TR><TH>First</TH><TH>Last</TH></TR>";

while($stmt->fetch()){
   echo "<TR><TD>$first</TD><TD>$last</TD></TR>";
}


} //end if(isset(....
?>
</TABLE>
</BODY>
</HTML>