Inject the second query by manipulating the output of first query

This is the query where you Inject : SELECT id,sec_code FROM users WHERE id='1'and false union select 1,2-- '

This is the query which gives you Output : SELECT username,password FROM users WHERE sec_code='2'

Invalid Input parameter