php search

<?php
session_start();
if(!isset($_SESSION['sess_user_id']) || (trim($_SESSION['sess_user_id']) == '')) {
    header("location: login.php");
    exit();
}
if(!($_SESSION['sess_status'] > 0)) {
    header("location: sorry.php");
}


$whereClause = array();
$countyList = array();
$bindArray = array();

$fields = array( 'bhv','mrc','general','evv','allCounties','fillmore','johnson','richardson', 'otoe','seward','butler','gage','lancaster','pawnee','saline','thayer','cass','jefferson','nemaha','polk','saunders','york','aro','clergy','intskills','bus','child','law','cpr','data','security','emergency','computer','mechanical','administration','firstaid','translation','construction','basicclean','foodprep','animalcare','heavy','license1','license2','license3','license4','license5','dist1','dist2','dist3','dist4','dist5');
$counties = array('county1','county2','county3','county4','countr5','county6');
foreach($fields as $field)
{
    if($san = filter_input(INPUT_POST, $field, FILTER_SANITIZE_STRING)){
        $whereClause[] = "`$field` = :$field";
        $bindArray[":$field"] =  $san;
    }
}
foreach($counties as $county)
{
    if($san = filter_input(INPUT_POST, $county, FILTER_SANITIZE_STRING)){
         $countyList[] = ":$county";
         $bindArray[":$county"] = $san;
    }
}
$sql = "SELECT * FROM VolunDB";
if(!empty($countyList)) $sqlC = '`county` IN(' . implode(',', $countyList) . ')';
if(!empty($whereClause)) $sqlW = implode(' AND ', $whereClause);
$stmtString = $sql;
if(isset($sqlC) && isset($sqlW)){
    $stmtString .= ' WHERE ' . $sqlC . ' AND ' . $sqlW;
}elseif(isset($sqlC)){
    $stmtString .= ' WHERE ' . $sqlC;
}elseif(isset($sqlW)){
    $stmtString .= ' WHERE ' . $sqlW;
}


$dbh = new PDO('mysql:host=localhost;dbname=petrzilk_test;charset=utf8', 'petrzilk_dbAdmin', '');
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$dbh->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$stmt = $dbh->prepare($stmtString);
$stmt->execute($bindArray);
$data = $stmt->fetchAll(PDO::FETCH_ASSOC);
//foreach($data as $person)
//{
//    echo $person['lname'] . ', ' . $person['fname'] . '<br />';
//}
?>
<!DOCTYPE HTML>
<html>
    <head>
        <title>Search Results</title>
        <script type="text/javascript" src="js/functions.js"> </script>
        <link rel="stylesheet" href="css/bootstrap-theme.css" type="text/css" />
        <link rel="stylesheet" href="css/bootstrap.css" type="text/css" />
        <link rel="stylesheet" href="css/styles.css" type="text/css">
        <script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"></script>
    </head>
    <div class="sidebar">
            <ul class="nav nav-pills nav-stacked">
                <li><br/></li>
                <li><img class='logo' src='images/Large RVS.png' alt='Broken' style='width:230px; padding-left: 5%;'/></li>
                <li><br/></li>
                <li><span class="welcome" style="color:white;font-weight:Bold;font-size:20px;margin-left:5px;padding-left:5px;"> Welcome  <?php echo $_SESSION['sess_name'] ?></span></li>
                <li><a href="login.php">Log out</a></li>
                <li><a href="index.php">Home</a><li>
                <li><a href="volunForm.php">Add Volunteer</a></li>
                <li><a href="search.php">Search/Report</a></li>
                <li class="active"><a href="allVolun.php">View Volunteers</a></li>
                <li><a href="updateVolunteer.php">Update Volunteer</a></li>
                 <?php
                if ($_SESSION['sess_status'] == 2) {
                    echo "<li><a href='admin.php'>Admin CP</a></li>";
                    }
                ?>
            </ul>
        </div>
        <div class="content">
            <?php
            foreach($data as $person)
                {
                    echo $person['lname'] . ', ' . $person['fname'] . '<br />';
                }
            ?>
        </div>

    </body>
</html>