At this level, I learned
1. The error of the program is not the school charges, the single quotation mark error and the minus sign error to understand
Single quotation mark error.
I tried the payload with the first pass.
To see the source code:
Then the SQL that we construct becomes
$sql = "SELECT * from Users WHERE id=1 ' or 1=1--+ LIMIT 0,1";
So that id=1 ' is not executed, and the statement becomes:
$sql = "or 1=1--+ limit 0,1";
Test it with MySQL, for example. That's true!
Then single quotation mark does not change the minus sign, is the minus sign Bai.
It's natural to be able to do it again.
The complete SQL statement is as follows:
$sql = "SELECT * from users WHERE id=-1 or 1=1--+ LIMIT 0,1";
The final MySQL statement executed is:
SELECT * from users where 1=1--+ limit 0, 1; the clause is a valid SQL statement that can be executed successfully.
What you need to understand here is the concept of single-quote errors and negative sign errors .
Single quote error refers to syntax error
The negative sign is the error that is prompted because it does not exist
So know the reason so continue to operate ha.
Sqli-labs Customs Record-2