Help with basic SQL injection quesion please?

I have just started SQL injections and have been using order by 1,2,3,4,5… to find the number of columns. On the website I am practicing on, I found there to be 7 columns using this method. The problem is, when i use: "union select all 1,2,group_concat(column_name),4,5,6,7 from information_schema.columns –" it gives me a list of a lot more than 7 columns. Why is this happening? Which one is correct, or are they getting the number of columns from different tables or even different databases. Any help would be appreciated. Thanks

If you want to check the columns of a specific table, you need to specify the where clause. So for example

union select 1,2,group_concat(column_name),4,5,6,7 from information_schema.columns WHERE table_name=char(1,2,3,4,5)–

If you just group concat the columns from information_schema.columns, you are listing all of the columns in the database. If you install wamp or lamp, and have a look at the information_schema DB in phpmyadmin, you can gain a better understanding of how it's constructed.