try using two '=' signs instead of one in your search criteria
Do you mean the search criteria within FileMaker's Security settings, or the search criteria for the php page?
Filemaker doesn't seem to like that, and my issue is when people enter nothing in the search (which should return all records) they get all records and the blank "invisible" ones being returned by filemaker. So, I don't have a place to enter a double = ... right?
The search criteria from within the php page.
When you you use the PHP api directly (without the site builder) the difference between '=' and '==' is night and day.
I'm not sure but I don't believe the privilege sets are going to filter the records for you. They should just show a blank page or indicate that you don't have access to that layout. ... So technically the person won't be able to view the record even when it is found. You'd need to add a filter to omit the records you don't want to be viewed or use a 'go to related records' script step where you have the 'viewable' records being filtered via relationship ....
I could be wrong on that but I don't think your privilege sets are going to automatically filter the records. ... they just won't display data. ... Kind of like when you make one certain field un-readable. ... the field doesn't disappear off of the layout the data just isn't viewable.
If you're using the PHP API you could simply add a line to the query you were making to the database that would filter out these records.
$query->addFindCriterion('On Web', 1);
As long as the On Web field is somewhere on the layout that you are accessing this would work.
Another way of solving it, without having to use PHP code, would be to create a self relationship in your relationship graph. Create a calculation field in your table that always evaluates to 1, and then set up a relationship with a new table occurance of the same table to have the On Web field = your calculation field that always evaluates to 1.
If you base the layout that you are accessing from the web on this table occurance, the records should be filtered.