SQL Injection Method

Question

The Injection Procedures are :

SELECT UserId, Name, Password FROM Users WHERE UserId = 105 or 1=1;

But, My Question Is how the injection query

Answer 1

Since the condition 1=1 is always true, adding it at the end of a WHERE statement renders it irrelevant, and always true, as if the WHERE statement does not exist at all. Thus, the query is always executed, regardless of any other conditions added to the WHERE statement.

In the example you provided, If you allow your users to write down their own userID, they can write 105 or 1=1 in the input fields or in a website's URL address, and since or 1=1 makes UserId=105 useless, and the query will always select the data, hence the SQL injection.