Frankly, I find your class quite useless at the moment. You can have all the same with raw PDO:
$arr = $this->db->prepare($sql)->execute([":product_id" => $id])->fetchAll();
Speaking of binding complex data types - the only sane solution is to devise additional placeholder types. And to support such placeholders would be a real purpose of this class.
Question 1
You have to create a string with placeholders dynamically, as explained in this answer
Question 2
Yes
Question 3
You have to create your query dynamically, as well as array with data to bind
Shown with PDO as your class is quite unreliable for this:
$sql = 'SELECT COUNT(*) FROM `orders` WHERE 1=1';
$data = [];
if ($filter["order"] != 0) {
$sql .= ' AND `gatewayid` = :getewayid';
$data[":getewayid"] = $filter["order"];
}
$count = $this->db->prepare($sql)->execute($data)->fetchColumn();