diff --git a/challenges/single/NumericSQLInjection/feature.php b/challenges/single/NumericSQLInjection/feature.php
new file mode 100644
index 0000000..75d5c4a
--- /dev/null
+++ b/challenges/single/NumericSQLInjection/feature.php
@@ -0,0 +1,16 @@
+/**
+ * Function to fetch station data
+ *
+ * @param int $id Station Id
+ *
+ * @return array    Result of database query
+ */
+private function getWeatherInfo($id = null)
+{
+
+    if ($id == null) {
+        return \jf::SQL("SELECT * FROM ".self::TABLE_NAME);
+    } else {
+        return \jf::SQL("SELECT * FROM ".self::TABLE_NAME. " WHERE station = ".$id); //Notice the concatenation
+    }
+}