PHP Find returning all records - even those not allowed in privilege set
I have a simple FM11 database of inventory that I have used FM PHP site builder to create a very simple site. In FM, I have set the Privilege Set's (File>Security>Privilege Set) Custom Records Privileges "View" "Limited" to the calculation "On Web = 1" (without quotes) - where "On Web" is the checkbox field that has the boolean of 1 or 0.
So, if the record has "On Web" checked, the record shows up on the website. All this is working fine, as long as the person enters a variable in the find, but if they just click "Find Records", all the records in the database show up. Here's the kicker - all the records that are are "0" for "On Web" are there, too, it is just that their contents are blank - so, FM is being literally correct, they are not allowed to "view" the record, but it still includes it in the result - albeit, in a blank row.
How can I get FM to not include these records? The site is at:
I hope I am being clear here - only took me 30 minutes to write the two paragraphs above...
I am not a php coder (sorry) - this just may be a bug? Or does something in my method look suspicious?
Thanks for any help