Does Basic 7 have a loophole?

Hello World! lol. My question is with the Basic web hack 7 challenge. I'll try not to include spoilers but, I edited the cookie as required! I then learned some SQL injection skills and put them to use. In the SQL login I entered a combination of signs symbols number something like /` or 1 = 1 -/ which I'm sure ur all familiar with, and it gave me the points. I was expecting to have to edit the source code remove some <return false> entries and one or two other things to finally be given auth. I'm glad I finally completed it but feel like I maybe didnt use the desired methods! Thanks for any/all replies!!!!! I'm trying to learn it all