I have a question about commenting out the sql query.
The sql query has that form
$query = "SELECT first_name, last_name FROM users WHERE user_id = '$id';";
1' or 1=1; #
1' or 1=1 #
As you can read in the mysql manual:
In MySQL, the -- (double-dash) comment style requires the second dash to be followed by at least one whitespace or control character (such as a space, tab, newline, and so on)
When adding only
-- to your input... there is no whitespace or control character following. Your synthesized query would look like that:
SELECT first_name, last_name FROM users WHERE user_id = '1' or 1=1--';
As you can see, the double dash is followed immediately by a
; which leads to a syntax error as it is not considered a comment.
Try putting in
-- (with a trailing whitespace) at the end
;: It is not necessary in a query issued to the server. This is only to separate different statements but with a single statement not required at all.
The mysql command line client does not send that character to the server but treats it as an "execution instruction".