Online PHP editor | output for MDgs3

<?php function query($query) { if(strpos($query, 'WHERE') !== false) { $new = $this->prepare_where($query); $query = $new['query']; $values = $new['values']; } else { $new = NULL; $values = array(); } var_dump($query, $new); } function prepare_where($query) { $strpos_where = strpos($query, 'WHERE') + 6; $strpos_limit = (int) strpos($query, 'LIMIT'); $strpos_group = (int) strpos($query, 'GROUP BY'); $strpos_order = (int) strpos($query, 'ORDER BY'); $new_query = substr($query, 0, $strpos_where); if($strpos_limit > 0 AND $strpos_limit < $strpos_group AND $strpos_limit < $strpos_order) { $where = substr($query, $strpos_where, $strpos_limit); $new_subquery = substr($query, $strpos_limit); } elseif($strpos_group > 0 AND $strpos_group < $strpos_limit AND $strpos_group < $strpos_order) { $where = substr($query, $strpos_where, $strpos_group); $new_subquery = substr($query, $strpos_group); } elseif($strpos_order > 0 AND $strpos_order < $strpos_limit AND $strpos_order < $strpos_group) { $where = substr($query, $strpos_where, $strpos_order); $new_subquery = substr($query, $strpos_order); } else { $where = substr($query, $strpos_where); $new_subquery = ""; } $where_values = array(); $where_break = explode(' AND ', $where); $where_break_c = count($where_break); for($i = 0; $i < $where_break_c; $i++) { if(!isset($where_break[$i])) { continue; } if(isset($where_break[$i + 1]) AND preg_match('/([\`a-z0-9\_\-]+)[\s]{0,1}(\=|LIKE|\<|\>|\<\=|\>\=|!\=)[\s]{0,1}(.*)/i', $where_break[$i + 1]) != 1) { $where_break[$i] = $where_break[$i]." AND ".$where_break[$i + 1]; unset($where_break[$i + 1]); } $where_break_or = explode(' OR ', $where_break[$i]); $where_break_or_c = count($where_break_or); for($j = 0; $j < $where_break_or_c; $j++) { if(!isset($where_break_or[$i])) { continue; } if(isset($where_break_or[$j + 1]) AND preg_match('/([\`a-z0-9\_\-]+)[\s]{0,1}(\=|LIKE|\<|\>|\<\=|\>\=|!\=)[\s]{0,1}(.*)/i', $where_break_or[$j + 1]) != 1) { $where_break_or[$j] = $where_break_or[$j]." OR ".$where_break_or[$j + 1]; unset($where_break_or[$j + 1]); } preg_match('/([\`a-z0-9\_\-]+)[\s]{0,1}(\=|LIKE|\<|\>|\<\=|\>\=|!\=)[\s]{0,1}(.*)/i', $where_break_or[$j], $matches); if(substr($matches[3], 0, 1) == "'" OR substr($matches[3], 0, 1) == '"') { $where_values[] = substr($matches[3], 1, -1); } else { $where_values[] = $matches[3]; } $where_break_or[$j] = str_replace($matches[3], '?', $where_break_or[$j]); } $where_break[$i] = implode(' OR ', $where_break_or); preg_match('/([\`a-z0-9\_\-]+)[\s]{0,1}(\=|LIKE|\<|\>|\<\=|\>\=|!\=)[\s]{0,1}(.*)/i', $clausel2, $matches); if(substr($matches[3], 0, 1) == "'" OR substr($matches[3], 0, 1) == '"') { $matches[3] = substr($matches[3], 1, -1); } $where_values[] = $matches[3]; $where_break[$i] = str_replace($matches[3], '?', $where_break[$i]); } $where_break = implode(' AND ', $where_break); $new_query .= $where_break.$new_subquery; return array('query' => $new_query, 'values' => $where_values); } query("SELECT TABLE FROM FZC WHERE TABLE='chandz' AND TABLE=1 OR DIE='52'"); query("SELECT TABLE FROM FZC WHERE TABLE='chandz AND ' AND TABLE=1 OR DIE='52 OR '");