Posts by broj1

Maybe you should check the included .private/config.php file. Maybe there is bracket missing in it? Maybe you could post it (remove passwords first if any).

As I saw the pritaeas's reply I realized what the question really was so ignore my reply.

First, you are missing double quotes for html attributes. I put them in the code below and they are escaped when also using double quotes as a string delimiter. Since you provided only two fields as a result from your query I prepared a code for a table with two columns. If you want a table with five columns the logic is the same.

<?php

// ...

// beginning of the table
echo '<table>';

while ($row = mysql_fetch_array($retd)) 
{ 
    $code = $row["code"];
    $name = $row["name"];
    
    // beginning of one row
    echo '<tr>';
    
    // first cell showing a field from the $row
    echo '<td width="150" align="center">';
    echo "<a href=\"../item?scode=$code\"><img src=\"pictures/$code.gif\" border=\"0\" alt=\"Item $name\"></a>";
    echo "</td>";
    
    // second cell showing a field from the $row
    echo "<td width=\"150\" align=\"center\">";
    echo "<a href=\"../item?scode=$code\"><span class=\"fs13\">$name</span></a>";
    echo "</td>";
    
    // end of one row
    echo '</tr>';
}

// end of the table
echo '</table>';
?>

Beats me. Brackets seem to be fine. I can not understand why sysntax error.

What is the error message?

The closing curly bracket } on line 28 should actually be just after line 24 (at the end of the function dbQuery). These things are quite easy to spot if you use indentation and editor with syntax highlighting.

<?php
session_start();

function __autoload($name) {
    require $name . '.php';
}
function dbInit(){
    if(isset($GLOBALS['db']))return $GLOBALS['db'];
        global $DBVARS;
    $db=new PDO('mysql:host='.$DBVARS['hostname']
            .';dbname='.$DBVARS['db_name'],
        $DBVARS['username'],
        $DBVARS['password']
    );
    $db->query('SET NAMES utf8');
    $db->num_queries=0;
    $GLOBALS['db']=$db;
    return $db;
}
function dbQuery($query){
    $db=dbInit();
    $q=$db->query($query);
    $db->num_queries++;
    return $q;
}
function dbRow($query) {
    $q = dbQuery($query);
    return $q->fetch (PDO::FETCH_ASSOC);
}

define('SCRIPTBASE', $_SERVER['DOCUMENT_ROOT'] . '/');
require SCRIPTBASE . '.private/config.php';
if(!defined('CONFIG_FILE'))
    define('CONFIG_FILE',SCRIPTBASE.'.private/config.php');
set_include_path(SCRIPTBASE.'ww.php_classes'
    .PATH_SEPARATOR.get_include_path());  
?>

First thing: escape double quotes in line 44:

echo "<img src=\"logo.jpg\" width=\"50\" height=\"50\">";

Lines 14 to 18 should go after the if on line 57. When you check whether the form was submited and if it was you can read POST variables and then you will be using the correct value in $stuID.

To avoid possible errors each $row element should be checked for existence before using it (it would be also better to use associative keys in result array). You actualy need only $stuID and you should check it for existence.

if(isset($stuID)) {
   $stuID = trim($_POST['stuID']);

   // do all the database writing here

} else {

   echo 'Error reading form data!';
}

Input element in row 47 has type="int". I do not think such type exists in HTML.

if(isset($row[0])) {
    $row0 = $row[0];
} else {
    $row0 = '';

if(isset($row[1])) {
    $row1 = $row[1];
} else {
    $row1 = '';

if(isset($row[2])) {
    $row2 = $row[2];
} else {
    $row2 = '';

if(isset($row[3])) {
    $row3 = $row[3];
} else {
    $row3 = '';;

//get and print the name, surname, stuID and votes
while($row = mysql_fetch_array($result)) {

    ...

    echo "Name: <input name=\"name\" type=\"text\"  value = \"".$row0."\"  />";
    echo "Surname: <input name=\"surname\" type=\"text\"  value = \"".$row1."\"  />";
    echo "StudID: <input name=\"stuID\" type=\"text\"  value = \"".$row2."\"  />";
    echo "Votes: <input name=\"votes\" type=\"text\"  value = \"".$row3."\"  />";
    echo "<br/>";

    ....
	}

You are missing a ?> tag on line 30 (if you used CODE tags, the lines would be numbered :-). So line 30 should be

<script type="text/javascript" src="logger.php?t=<?php echo time(); ?>&f=<?php echo $_SERVER['REQUEST_URI']; ?>&r=<?php echo urlencode($_SERVER['REQUEST_URL']);?>"></script>

or something similar.

One way of doing it is create a background image for watermark (i.e. light colored text on a transparent background) say watermark.png and then use css to put this watermark image as a div background with the following css code

.watermarked-div {background-image:url('watermark.png');background-repeat:repeat;}

This will repeat your watermark across any div that has a class watermarked-div. You can disble repeating with background-repeat:no-repeat

TySkby, what threats do you have in mind for cases where html form and mysql commands are in the same script?

mysql commands are within php script and not in the plain html so it is safe to have them in the same script as the form. The commands are not (should not be) exposed to the browser.

This query indeed contains an error since there is no value for curso field - $row does not return anything - probably since it is outside the first while loop. Depending on what you want you should assign $row either to a variable or to an array within the first while loop and then use it in the second query.

You are initializing the $error variable to an empty string just before checking whether it contains anything. Initialize it on the beginning of the script and do the check after the checking for correct password.

Also session_register function is deprecated. I recommend you avoid it. Use direct assignment instead:

$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword;

Sorry my mistake. Put that code after line 38 just after the following line:

$sql_prog = "SELECT prog_curso FROM cursos WHERE cod_curso=".$row['cod_curso'];
die($sql_prog);

This is how I would do it.

<html>
<head></head>
<body>

<?php

// initialize value for the position
$pos = '';

// initialize string for content
$content = '';

// check if there is a value for position select in the $_GET
// and position is integer and within expected range (a bit of security)
// (this means that the form was submited by onchange event)
if(isset($_GET['position']) and is_numeric($_GET['position']) and 
         $_GET['position'] > 0 and $_GET['position'] <= 4) {

    // store position in a variable
    $pos = $_GET['position'];

    // a query to change the database (whatever it is)
    $qry = "UPDATE positions SET position=$pos WHERE ...";
    
    // execute the query
    // ...
    
    // DEBUG:
    // display the query to see whether it is OK
    echo "<p><pre>$qry</pre></p>";
}

// array holding the option values and texts
$option_arr = array('1' => 'First',
                    '2' => 'Second',
                    '3' => 'Third',
                    '4' => 'No Display...');

// start a string holding the form
// set action to itself
$form = '<form method="GET" action="#">';

// add select element
$form .= '<select name="position" onchange="this.form.submit();">';

// add options
foreach($option_arr as $value => $text) {

    // start the option tag
    $form .= '<option value="' . $value . '"';

    // if a submited value equals $value then add seleted attribute to the option
    if($value == $pos) {
    
        $form .= ' selected="selected"';
    }
    
    // add the text and end the option tag 
    $form .= ">$text</option>";
}

// end the select tag and the form tag
$form .= '</select></form>';

// display the form
echo $form; …

Put this on line 37 to debug:

die($sql_prog)

It should display your query. Paste it here (and also into myphpadmin to see if it returns anything). I have a feeling that $row['cod_curso'] does not contain what you are expecting.

The line $query_prog = mysql_query($sql_prog, $connect); returns false instead of a valid resource (and stores it in $query). The reason could be error in your sql statement ($sql) or error in your connection ($connect). You should check for existence of a valid resource before running a while loop:

if($query_prog) {

    while($row = mysql_fetch_array($query_prog)) {

        // ...
    }
} else {

    echo 'Something went wrong!';
}

Also check the correctness of your query in phpmyadmin or mysql client

You are welcome. If this solves the problem please mark the thread solved.

A few notes about how you code the form:

1. form action attribute should point to a page (either html or php or # - self). In your example it does not point to a valid url

2. select element should have a name not the option elements so <select name="position"> 3. what is the role of $sel array elements in options?

4. input element should not have the same name as the select element

5. input element should be outside the select element

The names of your element will show up in the query string together with their values. If you would like to pass any extra value you can use hidden field.

<input type="hidden" name="p" value="edit-product.php">

But I do not quite understand the question. Maybe edit-product.php should be your action url.

Following code works for me. I simulated reading from a database with an array and foreach loop, so replace that with a while loop iterating through a real recordset.

<html>
<head>
<style type="text/css">
    .left-box {float: left; width: 200px;height: 200px; border: 1px solid blue;background-color: green; padding:2px;}
    .right-box {margin-left:210px; margin-bottom:2px; width: 200px; height: 200px; border:1px solid blue; background-color: yellow; padding:2px;}
    .data {margin: 2px; border:1px solid green; background-color: grey;}
</style>
</head>
<body>
<?php

    // data that simulates data read from database
    $recordset = array(
    
        array(
            'image' => 'Image 1',
            'data1' => 'Data 1-1',
            'data2' => 'Data 1-2',
            'data3' => 'Data 1-3'),

        array(
            'image' => 'Image 2',
            'data1' => 'Data 2-1',
            'data2' => 'Data 2-2',
            'data3' => 'Data 2-3'),

        array(
            'image' => 'Image 3',
            'data1' => 'Data 3-1',
            'data2' => 'Data 3-2',
            'data3' => 'Data 3-3')
    );

    $tbl  = '';

    // here you would loop throu your recordset
    foreach($recordset as $row) {
    
        // left box - the image
        $tbl .= '<div class="left-box">' . $row['image'] . '</div>';
        
        // right box
        $tbl .= '<div class="right-box">';
        
        // the data in three separate divs
        $tbl .= '<div class="data">' . $row['data1'] . '</div>';
        $tbl .= '<div class="data">' . $row['data2'] . '</div>';
        $tbl .= '<div class="data">' . $row['data3'] . '</div>';
        
        $tbl .= '</div>'; // end of right box   
    }

    echo $tbl;

?>
</body>
</html>

Please note that although this works (firefox on Fedora) the css code can be improved and made suitable for all browsers. A job for css gurus.

Well, you can do it in two ways. The old fashioned way is using a table to position pictures and data. Say you have two columns and each cell in column 1 has rowspan attribute set to 3 (or whatever the number of data cells is).

$tbl  = '<table border="1"><tr>';

while(rows_exist_in_result_set) {

    $tbl .= '<tr><td rowspan="3">PICTURE HERE</td><td>DATA</td></tr>';
    $tbl .= '<tr><td>DATA</td></tr><tr><td>DATA</td></tr>';
}

$tbl .= '</table>';

Modern way is using divs and css positioning. I am not that good at that but I will give it a try. Someone might give you better css code. First the PHP code (or HTML):

while(rows_exist_in_result_set) {

    $tbl  = '<div class="left-box">PICTURE HERE</div>';
    $tbl .= '<div class="right-box">';
    $tbl .= '<div class="data">DATA</div>';
    $tbl .= '<div class="data">DATA</div>';
    $tbl .= '<div class="data">DATA</div>';
    $tbl .= '</div>'; // end of right-box div
}

echo $tbl;

and then the css code that will position these divs correctly. Colors and borders are here to help you visually. This is just a conceptual example, the CSS code could be written better. Ask also on the HTML and CSS forum about good examples of positioning.

/* CSS code */
.left-box {float: left; width: 200px;height: 200px; border: 1px solid blue;background-color: green; padding:2px;}
.right-box {margin-left:210px; margin-bottom:2px; width: 200px; height: 200px; border:1px solid blue; background-color: yellow; padding:2px;}
.data {margin: 2px; border:1px solid green; background-color: grey;}

If you do it with tables it is simpler but people might say that tables are only meant to represent tabular data (but you can always claim that the stuff you are displaying is …

I have been using OOP approach with PHP fo a couple of years now developing an app that runs mainly on intranet and occasionaly on internet. My opininon is that OOP approach makes code much more maintainable and reusable (extendable). However you need some practice to be able to design your class hierarchy in a way that these claims hold true. My classes in the beginning were not easy to change without breaking the app. But from my own errors I slowly learnt how to do it (and am still learning :-). There are downsides with OOP such as (apparently) more work for a server to interpret the scripts but it never had noticeable impact on my app (using decent server). As pritaeas said frameworks heavily use OOP approach, I guess due to easier maintainability and reusability of the code.

You can echo the HTML code only if there are any records pulled from the db.

if($records_exist) {

    echo '<a href="some_link">Click here</a>';
}

If you want to change visibility locally (when script's HTML has been already downloaded) you will have to use javascript's getElementById() function to get the anchor element and change the visibility of it (or enclose the anchor between divs or spans and change visibility of those).

For more precise answers post your code.

It returns 1 to the last iteration (it multiplies the one before last total by 1) and also serves as an exit condition (does not call itself anymore). It is also there if you want to use it with walue 1 (getTotal(1)) so you don't enter an endless loop.

According to the above link 0! equals 1 so this condition should be also taken into acount. Also to prevent negative numbers you could add another condition. So the code should be at least as follows:

function getTotal($val) {

    if($val < 0) {

        return 'Value should be 0 or greater!';

    } elseif($val == 0 or $val == 1) {

        return 1;

    } else {

        return $val * getTotal($val - 1);
    }
}

echo '<br />TOTAL(9): ' . getTotal(9);

echo '<br />TOTAL(5): ' . getTotal(5);

echo '<br />TOTAL(1): ' . getTotal(1);

echo '<br />TOTAL(0): ' . getTotal(0);

echo '<br />TOTAL(-1): ' . getTotal(-1);

You got me thinking on this one. I am also quite new to the subject and have started diving into it since I need to develop some document structure management functionality where document has a tree structure.

Recursion seems to be the best choice.

function getTotal($val) {

    if($val == 1) {
        
        return 1;
        
    } else {
    
        return $val * getTotal($val - 1);
    }
}

echo 'TOTAL: ' . getTotal(9);

Works for values 1 and higher. Credits to http://www.codewalkers.com/c/a/Miscellaneous/Recursion-in-PHP/1/

It is obviously due to the functions supporting UTF8 (just guessing).

Have you tried the suggestion in the post No. 14 on that page? I still have some problems getting to terms with the stuff about fonts especially in my language (slovene, cp1250).

I think you are right. Please let us know if you find out where the trouble was in your case.

If you want to use a variable inside a string then the string must be enclosed in double quotes.

$var = 'foo';
echo "Variable value: $var";

will display:

Variable value: foo

while

$var = 'foo';
echo 'Variable value: $var';

will display:

Variable value: $var

See http://www.php.net/manual/en/language.types.string.php

I started with FPDF but soon find out that it is not being maintained. I also had some troubles with character sets. So I soon switched to TCPDF and would not know why the difference. I haven't done any tweaking to TCPDF.

The server I ran it on is HP Proliant ML1010 G6 with 4 GB of RAM and Intel i3 processor with Apache and MySql. Noting fancy but OK. But from here onwards we are all only guessing. You will have to try it on machines that are available to you.

I guess hardware is quite important here. It takes some effort to create a line of PDF document so CPU is important. And as PDF file is growing RAM is equally important since everything is kept there until the document is created (but it seems that RAM isn't such a big issue here). So at the end of the day for complex tasks you have to have quite powerful server.

I adapted your script to use static data instead of database rows (I haven't set up a database). It creates 193 pages PDF file of 10000 rows in 33 seconds. The size of the file is 1.5 MB. I didn't change the required memory at all but had to increase max execution time to 60 seconds.

I suggest you try the same. Prepare first test script which is similar to the one above but instead of reading a database just assign a $row array some arbitrary values. Then change the while loop into a for loop and try say 10000 iterations and measure execution time. If it is still very long it must be something with your server setup.

Then prepare a second test script where you read data from a database but do not write anything to PDF file just to test if maybe reading 4000 rows from the database is causing the bottleneck. If this is the case optimize the database (use indexes, denormalize, try to optimize the query...).

In other words try to localize a porblem (is it PDF generation or database reads) and work from there. Your query seems to be complex (many joins) and I do not know how well mysql is optimized for working with geospational data.

I don't know the answer. Maybe the calculation of $totalHeight1 and $totalHeight takes considerable amount of processing time. Try to comment out the lines 1 to 7 and set $totalHeight to some constant value and see if there is any significant increase in speed. You won't get the document formatted the way you want but you will find out if there is a bottleneck. If there is no difference then you will have to search somewhere else.

If it is possible post the whole script here. It might be easier to judge.

I am not an expert in css positioning. It is quite an art and it takes some time to master it (at least with me). I usually find an example on internet and adopt it to suit my needs. From my experience positioning is usually done with elements placing in divs which are just boxes (can be floated) and divs applied appropriate css attributes. And I don't think labels need much positioning. They are most useful if they stick with the element they belong to.

Concerning CSS it is better to ask on Web design formum on Daniweb. And it is good idea to get basics first from various articles on the web or in books. As I said I am happy to help with PHP code but concernig CSS I am more or less useless.

and it add 1 for N2 and 0 for N1 in the database

The reason for inserting wrong values is in positioning your labels. Label for N1 is positioned to N2 and vice versa.Try without styles. I don't think using of styles is correct the way you do it. Use divs instead and style them accordingly.

Sorry, a typo. Change single quotes to double quotes on line 40.

$cb_display .= " $_boxValue";

I am working on the other issue.

Sorry I fixed only the database part. Echo statements have to be fixed too.

// set default values for field values to 0 (do this for as many checkboxes you need)
$n1 = 0;
$n2 = 0;

// set default value for string to be displayed
$cb_display = '';
 
if(isset($_POST['boxes']) && !empty($_POST['boxes'])) {
 
    foreach ($_POST['boxes'] as $_boxValue) {
 
        switch($_boxValue) {
 
            // do a check for all checkboxes
            case 'N1' : $n1 = 1; break;
            case 'N2' : $n2 = 1; break;
        }
 
        // add a checkbox value to display string
        $cb_display .= ' $_boxValue';
    }

    echo "The following boxes were selected:$cb_display.";

} else {

    echo 'Nothing was selected!';
}

OK (I noticed you stated this in your first post :-).

In this case you have to test for a value of each checkbox whether it is set or not.

// set default values for field values to 0 (do this for as many checkboxes you need)
$n1 = 0;
$n2 = 0;


if(isset($_POST['boxes']) && !empty($_POST['boxes'])) {
 
    foreach ($_POST['boxes'] as $_boxValue) {
 
        switch($_boxValue) {

            // do a check for all checkboxes
            case 'N1' : $n1 = 1; break;
            case 'N2' : $n2 = 1; break;
        }

        echo "Box #$_boxValue was selected!\n";
    }
} 

$insertion = "INSERT into Personnes 
    (Nompersonne, NomDep, Prenompersonne, Fonction, DateDemande, Telephone, N1, N2)
values
    ('$Nom', '$Departement','$Prenom','$Fonction','$Datedemande','$phone','$n1', '$n2')";

mysql_query($insertion) or die ('Error : '. mysql_error());

You can use values Yes and No instead of 1 and 0 but later require less storage than former. Varchar is a bit of waste for these kind of values. Use tinyint (for 0 and 1), char(3) (for Yes No) or ENUM type.

What is the type of the N1 field in the database? The $_POST is an array and you can not store arrays in database. If it is a string you have to convert it to a string (using implode() or serialize() functions).

if(isset($_POST['boxes']) && !empty($_POST['boxes'])) {

    // field to store in database
    $n_field = implode(',', $_POST['boxes']);

    foreach ($_POST['boxes'] as $_boxValue) {
 
        // if($_boxValue == 'CB1')
        echo "Box #$_boxValue was selected!\n";
    }
 
} else {

    // field to store in database is empta string
    $n_field = '';
 
    echo 'No boxes were selected.';
}
...

$insertion = "INSERT into Personnes (Nompersonne, NomDep, Prenompersonne, Fonction, DateDemande, Telephone, N1 ) values
('$Nom', '$Departement','$Prenom','$Fonction','$Datedemande','$phone','$n_field')";
mysql_query($insertion) or die ('Error : '. mysql_error());

So the code from the second block is actually not in admin.php but in intermediate page. Unset session variable in admin.php if you do not need it anymore otherwise you are running in circles.

unset($_SESSION['page']);

Why do you want to redirect to the admin page if you are already in the admin page?

You must find where a bottleneck is in your code. Is it the web server which maybe has trouble generating such long document in memory? What are the specs of the server (RAM; processor, other applications that run on it)? Maybe there are too many queries (is your code efficient when reading from the database or maybe you could use a stored procedure for processing etc). I had similar trouble when trying to generate Excel file with 170 000 rows in PHP and it couldn't be done even with memory increased to 2GB and timeout streched to 20 mins (which were both unacceptable anyway). Then I realized that I was trying to construct a HTML code for 170 000 rows in poor server's memory and that this approach was not OK. I found a solution where I create CSV file writing each row to a file immediately and now it takes me 20 seconds without increasing any php.ini parameters. My suggestion is: first try to optimize your code, increase php.ini parameters even more or try to find other ways like generating many PDF files etc. I was going to direct you also to the TCPDF forum but have noticed that you posted there already.

You may also post the complete code maybe someone here (including myself :-) can find more suggestions.

First define values to checkboxes since values of the cliked checkboxes are returned in POST. And note HTML input tag does not have aclosing tag (see below).

<input type="checkbox" name="boxes[]" value="N1" style="position: absolute; z-index: 10; top: 603px; left: 550px;" />
<input type="checkbox" name="boxes[]" value="N2" style="position: absolute; z-index: 10; top: 603px; left: 450px;" />

Then check for values (in form11111.php) but first test if the POST exists and is not empty (if none of checkboxes were checked the array will be empty).

if(isset($_POST['boxes']) && !empty($_POST['boxes'])) {

    foreach ($_POST['boxes'] as $_boxValue) {
        
        // if($_boxValue == 'CB1')
        echo "Box #$_boxValue was selected!\n";
    }
    
} else {

    echo 'No boxes were selected.';
}

You can do that just for the current script with the ini_set() function.

// on the beginning of your script save original memory limit
$original_mem = ini_get('memory_limit');

// then set it to the value you think you need (experiment)
ini_set('memory_limit','640M');

// at the end of the script set it to it's original value 
// (if you forget this PHP will do it for you when performing garbage collection)
ini_set('memory_limit',$original_mem);

You might do the same with time limit setting

ini_set('max_execution_time', 120); // 120 seconds (2 minutes)

I am sorry to not get back with help earlier but I haven't noticed that you posted your code sometime ago. Really sory for that.

The problem is that in your while loop you assign a value of a every row from the second query to the same set session variables. In first iteration you create theese session variables but in subsequent sessions you overwrite them with new values. At the end of the loop only the last row is assigned to this set of session variables.

I can see two possible solutions here:

1. Make session variables an array where each element is an array - the setof variables for one row. But I am not sure if this is not good since you will use a lot of session resources.

2. Assign each row a hidden field with the value of $gamecode and execute the second query on another page (predictproc.php) with the value of gamecode in POST. Then assign values from the query to session variables (if needed).

If I find some more time today I can post also some code. Please let me know which of above proposal suits your needs beter (or if you have other requirements).

You have to first check if $_POST and $_POST exist at all before using them. This means the whole block of code goes withing if() and 'else' gets executed when there was no username or password supplied. Stripslashes is useful only if magic_quotes_gpc is enabled (you might want to check for that). The session_register() function is also deprecated so try to avoid it. I have prepared a slightly modified code that works OK. It is just a concept, you have to adapt it to your case. And observe some formating rules since it is easier to debug.

if(isset($_POST['myusername']) and isset($_POST['mypassword'])) {

    // username and password sent from form
    $myusername = mysql_real_escape_string(trim($_POST['myusername']));
    $mypassword = mysql_real_escape_string(trim($_POST['mypassword']));

    $host="localhost";      // Host name
    $username="DBUserHere";   // Mysql username
    $password="realPasswordHere"; // Mysql password
    $db_name="test";        // Database name
    $tbl_name="test";       // Table name

    // Connect to server and select databse.
    mysql_connect("$host", "$username", "$password") or die("cannot connect");
    mysql_select_db("$db_name")or die("cannot select DB");

    $sql = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
    $result = mysql_query($sql);

    // Mysql_num_row is counting table row
    $count = mysql_num_rows($result);

    // If result matched $myusername and $mypassword, table row must be 1 row
    if($count == 1) {

        // NOTE: session_register() function IS DEPRECATED, AVOID IT
        // Register $myusername, $mypassword and redirect to file "login_success.php"
        // session_register("myusername");
        // session_register("mypassword");

        // register $myusername, $mypassword in recommended fashion
        $_SESSION['myusername'] = $myusername;
        $_SESSION['mypassword'] = $mypassword;

        header("location:login_success.php");
    
    } else {

        echo "Wrong Username or Password";
        
        // redirect to login page
        header("location:login.php");
    }

} else {

    // if username and password are not …

I do not exactly understand the question. Do you want to update the database with the value that user has enetered in the input box?

Existing textbox values can be changed with javascript. Get the element by it's ID and change its value property:

document.getElementById(myTextBoxId).value = 'This is my new value';

Let PHP create the string with checkboxes and echo it.

// array of checkboxes
$cbData = array('Time Savings', 'Cost Savings', 'Quality', 'Risk Management', 'Process and Procedure');

// initialize string for checkboxes
$cbString = '';

// Get the length of the array then you just loop through the array and in each loop check whether it is one before last element (to add AND) or the last element (to add space). In other cases you add comma.

// number of items in the array
$arrayLength = count($cbData);

// loop through elements
foreach($cbData as $key => $cbValue) {

  // construct and ID for your checkbox (add current array key to a string)
  $cbId = 'CriticalToSuccess-' . $key;

  // prepare a string for one checkbox
  $cbString .= "<input name=\"CriticalToSuccess[]\" id=\"$cbId\" value=\"$cbValue\" type=\"checkbox\">";

  // add label
  $cbString .= "<label for=\"$cbId\">$cbValue</label>";

  // check whether it is the last element
  if($key == ($arrayLength - 1)) {

    // if it is last element add only space
    $cbString .= ' ';

  // check whether it is one before the last element
  } elseif($key == ($arrayLength - 2)) {

    // if it is one before last element add string AND
    $cbString .= ' AND ';

  } else {

    // else just add comma
    $cbString .= ', ';
  }
}

// echo the string with checkboxes
echo $cbString;

There is also an error in your form. IDs for checkboxes should not be the same. They should differ. See the code above.