Query was empty with MySQL select Query

Question

So I'm new to php and mysql and over the past few days have created a log in system using php and mysql. I am trying to make a function where a user can change their password with the following query:

$query2 =  mysql_query("SELECT password FROM adminusr WHERE id =$idToChange");
$result = mysql_query($query2) or die($idToChange.mysql_error());

Answer 1

With SELECT statements you only select rows. To change them you need UPDATE. Consider using PDO because mysql_* functions are deprecated. Also try to hash your passwords and don't store them in plain text.

You need something like this:

$query2 =  mysql_query("UPDATE adminusr SET password = '$new_password' WHERE id = '$idToChange'");

Using PDO

//Make the connection using PDO

try {
    $conn = new PDO("mysql:host=$hostname;dbname=mysql", $username, $password);
    echo "PDO connection object created";
}
catch(PDOException $e) {
    echo $e->getMessage();
}
//Make your query
$sql = 'UPDATE adminusr SET password = :new_password WHERE id = :id';
$stmt = $conn->prepare($sql);
$stmt->execute(array(':new_password'=>$new_password, ':id'=>$idToChange));

EDIT answering to comment

Then you need to have also username and password fields at your form. So, you need four fields: username , oldPassword , newPassword , confirmNewPassword . Before the update statement you need to select the user having credentials username , oldPassword . If you find only one then you have to check if newPassword and confirmNewPassword match. If match then proceed to update. Otherwise print some error message.