DBO Select where equals and like

Question

I have tried writing the code below 100 different ways and cannot figure out the proper syntax. It seems no matter how I write this, the $loggeduser is not passed to the WHERE username. What am I doing wrong? What is the proper syntax?

$query = $db->prepare('SELECT * FROM sites WHERE username = ? AND name LIKE ? OR login LIKE ? AND category="te"');
$query->bindValue(1, $loggeduser);
$query->bindValue(2, '%'.$_POST[search].'%');
$query->bindValue(3, '%'.$_POST[search].'%');
$query->execute();}

Answer 1

According to this comment

When binding parameters, apparently you can't use a placeholder twice (eg "select * from mails where sender=:me or recipient=:me"), you'll have to give them different names otherwise your query will return empty handed (but not fail, unfortunately).

This may be your issue, as you're attempting to bind the same value to two separate placeholders. Give the following a try:

$query = $db->prepare('SELECT * FROM sites WHERE username = :username AND name LIKE :name OR login LIKE :login AND category="te"');
$query->bindValue(:username, $loggeduser);
$query->bindValue(:name, '%'.$_POST['search'].'%');
$query->bindValue(:login, '%'.$_POST['search'].'%');
$query->execute();