To understand how this works in "real life," imagine you are at a library:
The librarian goes to the back (the database), finds the gardening books, and brings them to you. To understand how this works in "real life,"
: The attacker uses NULL to match the number of columns in the original query without causing a data type error. The string in the middle is a "fingerprint"—if the word "ZZTyernefl" appears on the website, the attacker knows the injection worked and exactly which column displays data on the screen. finds the gardening books