I can see that you did indeed just recently learn PHP.
PHP is a server side script, and is therefore processed before HTML, which means that the PHP code in the action clause of your form is executed before the form is actually created, which would be why it appears as if your form is submitted before the page is loaded. What you could do, is create a hidden field in your form, which would be submitted to the page once you submit the form, and then enclose your PHP code in an if statement checking whether that POST variable has been submitted. Furthermore, I strongly recommend you separate your PHP from your HTML. So, your code could become something like:
$username = "******";
$password = "******";
$database = "******";
$dbh=mysql_connect ("localhost", "$username", "$password") or die ('I cannot connect to the database because: ' . mysql_error());
$query = "INSERT INTO restreview VALUES ('$id', '$rating','$review')";
<form action="<!-- the name and extension of this page -->" method="post">
<option value="3" selected="selected">3</option>
Review: <input type="text" name="review"><br>
<input type="hidden" name="validation" value="1"/>
Also, you might want to set a cookie to the user so that he/she cannot submit two reviews or something and fix the ratings.
In order to display the average from the table of ratings in your database with the same id (I'm assuming id is the id of the article the review is about), the easiest method would be to calculate the average using SQL. So, you might want to delete the mysql_close() statement from above and add something like this, assuming that "ratings" is the field in your table containing the ratings and "id" is the field in your table containing the id of the content:
Btw, I haven't checked what I wrote above, so there could be some really silly mistakes.
$query_avg = "SELECT AVG(ratings) FROM restreview WHERE id=".$id;
$average = $mysql_query($query);
echo 'This is the average rating: '.$average;