cannot perform sql injection on a unsecure form

Question

Trying to perform an sql injection on my database.

I haven't escaped the string I'm inserting into the query so I don't understand what is preventing me from getting all user ids when inserting: username or 1=1 into the username input box. Works like a charm when I hardcode 1=1 into the raw query.

I haven't got anything else on the server that would be causing this, all I have is an index.php with the below code.

$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
    die("Connection failed: " . mysqli_connect_error());
}

$sql = 'SELECT ID FROM users WHERE username = "'.$_POST["username"].'"';
$result = mysqli_query($conn, $sql);
print_r($result);

if (mysqli_num_rows($result) > 0) {
    // output data of each row
    while($row = mysqli_fetch_assoc($result)) {
        echo "id: " . $row["ID"];
        print_r($row);
    }
} else {
    echo "0 results";
}

?>
<form method='POST' action='#'>
        username <input type'text' name='username'></input>
        <br>
        password <input type'text' name='password'></input>
        <input type='submit'>
    </form>
    <?php

Answer 1

You need to end the quote of the SQL in the posted username. And finish the final quote so its not a syntax error. Easy way is to make it into the 1=1 version in strings. ""="".

So:

" or ""="