To start with, SQL will probably confuse you. A good start is to make sure you understand HTML, specifically forms, and PHP. Start building your own PHP backed HTML forms. For example, try making your own comment system. Eventually you will use MySQL as a storage engine for storing comments. Then, you will be able to try and exploit your comments, etc, with XSS, or SQL injections.
Tl;dr: learn PHP next and start building websites.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.