I'm kinda unclear about what 'poking' means on the SQL Injection 1 chall. Could someone please explain it? I assume it must be important otherwise it wouldn't be there.
Thanks in advance.
All that really matters is that the poking thing basically just performs a write (e.g. INSERT, UPDATE, DELETE) on a table while you attempt to authenticate.
I'll give you a hint that this is a SQLite database, so maybe you can try googling a bit to see how something like updating is done in SQLite in PHP and how you could exploit that.
Ah! I just figured it out. Thanks!
A hint for others, the poke thing gets executed right before the login is done.