where() / orWhere()

Add conditions to your query. Multiple calls are combined automatically.

Signature

where(string $column, mixed $value = null, string $operator = '='): self
orWhere(string $column, mixed $value = null, string $operator = '='): self

Basic usage

where() adds an AND condition, orWhere() adds an OR condition. Both work exactly the same way – just with a different logical connector. 

// Step by step
$db->where('status', 'active');
$db->where('role', 'admin');
$users = $db->get('users');

// Fluent
$users = $db->where('status', 'active')
            ->where('role', 'admin')
            ->get('users');

// → SELECT * FROM users WHERE status = 'active' AND role = 'admin'

With operators

Pass an operator as the third parameter. Any standard SQL comparison operator is supported:

// Step by step
$db->where('price', 10, '>');
$db->where('stock', 0, '!=');
$products = $db->get('products');

// Fluent
$products = $db->where('price', 10, '>')
               ->where('stock', 0, '!=')
               ->get('products');

// → SELECT * FROM products WHERE price > 10 AND stock != 0

Allowed operators:

=   !=   <>   <   <=   >   >=   LIKE   NOT LIKE   IN   NOT IN   BETWEEN   NOT BETWEEN   IS   IS NOT   SOUNDS LIKE

Using orWhere()

Mix where() and orWhere() freely to build the logic you need. Keep in mind that SQL evaluates AND before OR – use whereGroup() if you need parentheses. 

// Step by step
$db->where('role', 'admin');
$db->orWhere('role', 'editor');
$users = $db->get('users');

// Fluent
$users = $db->where('role', 'admin')
            ->orWhere('role', 'editor')
            ->get('users');

// → SELECT * FROM users WHERE role = 'admin' OR role = 'editor'

Combining AND and OR

When mixing where() and orWhere(), remember that SQL processes AND before OR. This can lead to unexpected results without explicit grouping: 

// Step by step
$db->where('active', 1);
$db->where('role', 'admin');
$db->orWhere('role', 'editor');
$users = $db->get('users');

// → SELECT * FROM users
//   WHERE active = 1 AND role = 'admin' OR role = 'editor'
//   ⚠️ This returns all admins with active=1 AND all editors regardless of active

Use whereGroup() to add parentheses and control evaluation order:

// Step by step
$db->where('active', 1);
$db->whereGroup(function($q) {
    $q->where('role', 'admin');
    $q->orWhere('role', 'editor');
}, 'AND');
$users = $db->get('users');

// Fluent
$users = $db->where('active', 1)
            ->whereGroup(function($q) {
                $q->where('role', 'admin')
                  ->orWhere('role', 'editor');
            }, 'AND')
            ->get('users');

// → SELECT * FROM users
//   WHERE active = 1 AND (role = 'admin' OR role = 'editor')
//   ✅ Now correctly returns only active admins and active editors

NULL checks

Pass null with IS or IS NOT to check for NULL values. For a more readable syntax, use whereIsNull() / whereIsNotNull() instead. 

// Step by step
$db->where('deleted_at', null, 'IS');
$rows = $db->get('users');

// Fluent
$rows = $db->where('deleted_at', null, 'IS')->get('users');

// → SELECT * FROM users WHERE deleted_at IS NULL

Security

All values passed to where() are bound via prepared statements – they are never interpolated directly into SQL. Additionally, PDOdb runs a heuristic check on incoming values and blocks obvious injection patterns like 1; DROP TABLE or 1 OR 1=1.

For even stricter type safety, use the typed variants: whereInt(), whereString(), whereFloat(), whereBool() etc. These validate the value type before the query is built.

Aggregate functions like SUM(), COUNT() etc. are not allowed in where() – use having() for those.

See also