I've been working on this one for a while now, read all of the articles written about it. I guess I should cover what I already know. This sql injection is done by returning a key-value through the url in the secure area. I guess I'm just a noob to the sytax but I've been trying to teach myself via online articles and they're mostly about writing the webpages, not returning key-values from the DB through the url. Anyhow here is the most recent thing I've tried.