I hope this can help a little , I Also added array check and you need to check the security and injection :)
<?php
$pid = $_POST['project_id'] ;
$psize = $_POST['projectSize'] ;
$pdepts = $_POST['depts'] ;
$lstage = $_POST['stage'] ;
$ltype = $_POST['type'] ;
$impacted = $_POST['impacted'] ;
//Your columns in the DB
$columns = array('project_id'=>'project_id','project_size'=>'project_size','depts'=>'depts','stage'=>'stage');
$sqlString = null;
echo "Total Number Of Captured Post Variables is:";
echo count($_POST);
echo '<br />';
$number = 0;
$queryStr = "";
$preStr = array();
foreach ($_POST as $key => $val ) {
if (!empty($_POST[$key])){
if(!is_array($_POST[$key]))
$currentStr = $columns[$key]." = ".$val;
else
$currentStr = $columns[$key]." IN (".implode(',',$_POST[$key]).")";
$preStr[] = $currentStr;
}
}
$queryStr = "SELECT * FROM tableName WHERE ".implode(' AND ',$preStr);
echo $queryStr;
if($number ==1) {
}else{
}
?>