hi

I created a webpage which is basically a projectmanagement site which uses a MySQL database in the background for storing informatiion. I would want to test this webpage, but I have basically no idea what I could do?

I have a basic information about SQL injection, but that's it. What else could I do?

the webpage is written in PHP/HTML using a MySQL Database.

Thanks

I'd adhere to xXxKrisxXx's advice only if you own the server or have written permission to audit it. If it is hosted on some kind of hoster where you have only the rights to host your stuff, you might get into serious trouble otherwise.

That said, I would recommend Burp Suite which is really great and offers dozens of useful functions.

As you stated that you have no idea on how to do something like this, you may take a look at the OWASP project which offers many great resources and read-ups on how to do those things you are asking about. One part of it would be their Testing Guide, where you will find many useful tips.
Additionally you may then search for some of the most common web-based attacks, such as sql injections etc.

Depending on the project, you should also consider to hire a professional pentesting company, as those should have in-depth experience with this kind and will most probably get quite a lot more out than you could in the same time (as it seems you have no experience with this kind at this point).

I see. Pointing on the legal aspect might seem a little 'boring', but it is a necessity in my opinion.
  
Getting a mysql error can help in the hacking process, as, depending on the error, you might be able to retrieve sensitive data which can be used to proceed. Also it might be already the very beginning of an attack.

As you said you would like to learn more about it, OWASP should be able to give you plenty of stuff to go on. Another project of theirs, which should help you in your process of learning, is WebGoat.

There is definitely more out there than SQLi.  You have XSS, CSRF, etc.  I use a few different web scanners, including w3af, nikto, paros, and now grendelscan.   The automated tools offer some great benefits and identify quite a few vulnerabilities.   However, they also miss some, and identify some false positives.   

Awesec mentioned OWASP already.   They have a fantastic web app pen testing guide.  It does a great job explaining what the vulnerabilities are, how to test for them, and what tools you can use.

http://www.owasp.org/images/5/56/OWASP_Testing_Guide_v3.pdf