If an attacker uses the command SELECT * FROM user WHERE name = ‘x’ AND userid IS NULL; –‘; which type of SQL injection attack is the attacker performing?