Warn Users System Pt. 2

<?php
session_start(); //allows session
include "config.php";
switch($_GET[x]){ // Make Links ?x=case
default: // set default case
if(!$logged[username] || $logged[userlevel] !== 6){ //check if they are logged in and an admin
echo "<p class='error'>Sorry, but only Admins may view this page. Please go back!</p>"; //they are not
}else{ //or if they are
$get = mysql_query("SELECT * FROM reps") or die(mysql_error()); //get all reports
$gnum = mysql_num_rows($get); //get how many there are
if($gnum == 0){ //check if there are any
echo "There are no reports to view"; //if not...
}else{ // or if there are
echo "There are currently $gnum reports to review"; //Yay there are some
while($ec = mysql_fetch_array($get)){ //repeats the data
echo "<table width='150' align='center'>
<tr>
<td width='150' align='center' valign='top'>
<b>$ec[user]</b>
&nbsp;<b>Reported By:</b>: $ec[by]
</td>
</tr>
<tr>
<td width='200' colspan='2' align='center' valign='top'>
<p>$ec[reason]</p>
</td>
</tr>
<tr>
<td width='350' colspan='3' align='center' valign='top'>
<b>Date Reported</b>: $ec[date]&nbsp;|&nbsp;<a href='repcp.php?x=warn&y=$ec[user]'>Warn User</a>&nbsp;|&nbsp;<a href='repcp.php?x=delete&id=$ec[id]'>Delete</a>
</td>
</tr>
</table>"; //echo the report
} //End: the while
} //End: check if there are reports or not
} //End: level check
break; //end the default case
case 'warn': //the warn area :)
if(!$logged[username] || $logged[userlevel] !== 6){ //check if logged in and admin
echo "<p class='error'>Sorry, but only Admins may view this page. Please go back!</p>"; //echo this
}else{ //or do other things
if(!$_GET[y]){ //check if theres a user selected
echo "<p class='error'>No user selected</p>"; //if not
}else{ //or do other things
if(!$_POST[warn]){ //check if the form was submitted or not
echo "<form method='post'>
<b>Username</b>:
<input type='text' name='user' value='$_GET[y]' readonly='readonly'><Br />
<b>Warn Reason</b>:<Br />
<textarea rows='5' cols='35' name='reason'></textarea>
<input type='submit' name='warn' value='Warn $_GET[y]'>
</form>"; //Echo The Form
}else{ //the form was submitted...
$user = strip_tags(stripslashes($_POST[user]));
$reason = stripslashes(strip_tags($_POST[reason]));
$date = date("l, F d, Y");
mysql_query("INSERT INTO warnings (`user`,`reason`,`from`,`date`) VALUES ('$user','$reason','$logged[username]','$date')") or die(mysql_error()); //mysql query to insert or die
echo "$user has been warned"; //Echo this if success
} //End: check if form was submitted
} //End: check if user is selected
} //End: check if logged in and an admin
break; //End warn case
case 'delete': //delete case
if(!$Logged[username] || $logged[userlevel] !== 6){ //check if logged in and an admin
echo "<p class='error'>Sorry, but only Admins may view this page. Please go back!</p>"; //error
}else{ //or do this
if(!$_GET[id]){ //check if user/report was selected
echo "<p class='error'>No report was selected to delete</p>"; //if not echo this
}else{ //or do the following
mysql_query("DELETE FROM reps WHERE id = '$_GET[id]'") or die(mysql_error()); //delete the report
echo "Report Deleted"; //echo this
} //End: check if id selected
} //end: login and admin check
break; //end delete case
} //end switch and get
?>