jinxed comments on their tutorials

I'll agree with zasul- it's a good tutorial on the basics, but *don't* put this into production use. I'd suggest trying out some other good tutorials on SQL injection:

http://www.good-tutorials.com/search/tutorials/sql+injection

...because you'd be screwed otherwise. For example, try logging into the sample app presented here with the following details:

username: test' OR 1='1
password: whatever you'd like

Easy access to any account on the server.

The ideea is good and the result is pretty decent but it cant be use. However very usefull and easy to follow.