Day 26 – Database Basics (MySQL) | Beginner Gui
🗄 Day 26: Database Basics (MySQL)
Aaj hum seekhenge Database kya hota hai aur MySQL kaise kaam karta hai.
Bug Hunting me database samajhna bahut important hai kyunki maximum websites user ka data database me store karti hain — aur yahi par SQL Injection jaise bugs milte hain.
📚 Database Kya Hota Hai?
Database ek jagah hoti hai jahan data organized form me store kiya jata hai.
Example:
Usernames
Passwords
Emails
Orders
Messages
Ye sab data database me store hota hai.
Simple words me:
Database = Data store karne ki digital almari 📂
🐬 MySQL Kya Hai?
MySQL ek popular Relational Database Management System (RDBMS) hai.
Iska use bahut sari websites karti hain, especially jo PHP par bani hoti hain.
MySQL ka use hota hai:
✔ Data store karne ke liye
✔ Data retrieve karne ke liye
✔ Data update/delete karne ke liye
Popular platforms jo MySQL use karte hain:
WordPress
Wikipedia
Facebook (early versions)
🏗 Database Structure Samjho
Database ke andar:
1️⃣ Tables
Table excel sheet jaisa hota hai.
2️⃣ Rows
Horizontal data (ek user ki puri information)
3️⃣ Columns
Vertical data (jaise username column, password column)
Example Table: Users
| id | username | password | |
|---|---|---|---|
| 1 | alok | 12345 | a@gmail.com |
🔑 Primary Key Kya Hoti Hai?
Primary key ek unique ID hoti hai jo har row ko identify karti hai.
Example:
id = 1
id = 2
Duplicate nahi ho sakti.
Bug hunting me ID manipulation se vulnerabilities mil sakti hain (IDOR bugs).
💻 SQL Kya Hai?
SQL = Structured Query Language
Iska use database se baat karne ke liye hota hai.
🧾 Basic SQL Commands
1️⃣ Create Database
CREATE DATABASE testdb;
2️⃣ Create Table
CREATE TABLE users (
id INT,
username VARCHAR(50),
password VARCHAR(50)
);
3️⃣ Insert Data
INSERT INTO users VALUES (1,'alok','12345');
4️⃣ Show Data
SELECT * FROM users;
5️⃣ Delete Data
DELETE FROM users WHERE id=1;
🔥 Bug Hunting Me MySQL Kyu Important?
Kyuki maximum login systems aise kaam karte hain:
User username/password enter karta hai
PHP query banata hai
MySQL database check karta hai
Agar match milta hai → Login successful
Agar developer input validate nahi kare, to SQL Injection ho sakta hai.
Example vulnerable query:
SELECT * FROM users WHERE username='$user' AND password='$pass';
Agar input sanitize nahi kiya gaya to attacker query manipulate kar sakta hai.
🛡 Secure Coding Concept
Developers ko use karna chahiye:
✔ Prepared Statements
✔ Input Validation
✔ Parameterized Queries
Bug hunter ke liye:
Samjho kaise system kaam karta hai, tabhi vulnerability pakad paoge.
🧠 Real World Example
Jab aap kisi website me login karte ho, background me:
Browser → Server → PHP → MySQL → Response
Ye pura flow samajhna hi bug hunting ki foundation hai.
📝 Practice Task
XAMPP install karo
phpMyAdmin open karo
Ek database create karo
Ek users table banao
2–3 records insert karo
SELECT query run karo
🔁 Revision Points
✔ Database data store karta hai
✔ MySQL ek RDBMS hai
✔ Table = rows + columns
✔ Primary key unique hoti hai
✔ SQL commands: CREATE, INSERT, SELECT, DELETE
✔ SQL Injection database se related hota hai