sql injection

Manual injection of ideas:

Determine whether there is injection (character type or numeric type, etc.)

When the input parameters are integer, such as ID, age, page number, etc., if there is an injection vulnerability, it can be considered as a digital injection

Difference: the number type does not need to be closed with single quotation marks, while the string type generally needs to be closed with single quotation marks.
Guess the number of fields in the SQL query (order by num/union select)
Fixed display (determine whether there is a sequence of fields displayed)
Burst library
Burst table
Burst field name
Download

dvwa low level SQL injection

Source code:

<?php

if( isset( $_REQUEST[ 'Submit' ] ) ) {
	// Get input
	$id = $_REQUEST[ 'id' ];

	// Check database
	$query  = "SELECT first_name, last_name FROM users WHERE user_id = '$id';";
	$result = mysqli_query($GLOBALS["___mysqli_ston"],  $query ) or die( '<pre>' . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) . '</pre>' );

	// Get results
	while( $row = mysqli_fetch_assoc( $result ) ) {
		// Get values
		$first = $row["first_name"];
		$last  = $row["last_name"];

		// Feedback for end user
		$html .= "<pre>ID: {$id}<br />First name: {$first}<br />Surname: {$last}</pre>";
	}

	mysqli_close($GLOBALS["___mysqli_ston"]);
}

?>