diff --git a/editPlayer.php b/editPlayer.php
index 5904b32..7cc5fec 100644
--- a/editPlayer.php
+++ b/editPlayer.php
@@ -102,6 +102,7 @@
 echo '<center><h4>UID: '.$player->uid.'</h3></center>';
 echo '<center><h4>Player ID: '.$pid.'</h3></center>';
 echo '<center><h4>GUID: '.$guidPlayer.'</h3></center>';
+echo '<center><h4>Warning Points: '.$player->warning.'</h3></center>';
 echo '<center><h4>Bank: $'.$player->bankacc.'</h3></center>';
 echo '<center><h4>Cash: $'.$player->cash.'</h3></center>';
 echo '<center><h4>Cop Level: '.$player->coplevel.'</h3></center>';
diff --git a/notes.php b/notes.php
index 436f0f7..d72b908 100755
--- a/notes.php
+++ b/notes.php
@@ -18,10 +18,10 @@
 
 if (isset($_POST['search'])) {
     $valuetosearch = $_POST['SearchValue'];
-    $sqlget = "SELECT * FROM players WHERE CONCAT (`name`,`playerid`,`uid`, `aliases`) LIKE '%".$valuetosearch."%'";
+    $sqlget = "SELECT * FROM players WHERE CONCAT (`name`,`playerid`,`warning`,`uid`,`aliases`) LIKE '%".$valuetosearch."%'";
     $search_result = filterTable($dbcon, $sqlget);
     if ($search_result == '') {
-        $sqlget = "SELECT * FROM players WHERE CONCAT (`name`,`pid`,`uid`, `aliases`) LIKE '%".$valuetosearch."%'";
+        $sqlget = "SELECT * FROM players WHERE CONCAT (`name`,`pid`,`warning`,`uid`,`aliases`) LIKE '%".$valuetosearch."%'";
         $search_result = filterTable($dbcon, $sqlget);
     }
 } else {
@@ -33,8 +33,8 @@
 ?>
 
 <div class="col-sm-9 col-sm-offset-3 col-md-10 col-md-offset-2 main">
-<h1 style = "margin-top: 70px">Notes Menu</h1>
-<p class="page-header">Notes Menu of the panel, allows you to set notes on players.</p>
+<h1 style = "margin-top: 70px">Warning Panel</h1>
+<p class="page-header">Warning Menu of the panel, allows you to set points and notes on players.<br> If warning points are 30+ please go to SMT to get them banned from the server.</p>
 
 <div class="btn-group" role="group" aria-label="...">
 <FORM METHOD="LINK" ACTION="players.php">
@@ -65,11 +65,11 @@
             <table class="table table-striped" style = "margin-top: -10px">
               <thead>
                 <tr>
-			                <th>Player ID</th>
+			        <th>UID</th>
 					<th>Name</th>
-					<th>Alias</th>
-					<th>Note Type</th>
-					<th>New Notes</th>
+					<th>Current Points</th>
+					<th>Warning Points</th>
+					<th>Case Notes</th>
 					<th>Update</th>
                 </tr>
               </thead>
@@ -77,11 +77,12 @@
 <?php
 while ($row = mysqli_fetch_array($search_result, MYSQLI_ASSOC)) {
     echo '<form action=notes.php method=post>';
+
     echo '<tr>';
     echo '<td>'.$row['uid'].' </td>';
     echo '<td>'.$row['name'].' </td>';
-    echo '<td>'.$row['aliases'].' </td>';
-    echo '<td>'."<select class='form-control' name='warn'><option value='4'>Commendation</option><option value='1' selected='selected'>Warning</option><option value='2'>Caution</option><option value='3'>Big Caution</option></select> </td>";
+    echo '<td>'.$row['warning'].' </td>';
+	echo '<td>'."<input class='form-control' type=warning name=warning value=''> </td>";
     echo '<td>'."<input class='form-control' type=text name=note value=''> </td>";
     echo '<td>'."<input class='btn btn-primary btn-outline' type=submit name=update value=Update".'> </td>';
     echo "<td style='display:none;'>".'<input type=hidden name=hidden value='.$row['uid'].'> </td>';
@@ -97,12 +98,49 @@
     $pid = playerID($player);
 
     if ($_POST['note'] != $player->note_text) {
-        $message = 'Admin '.$user.' has added the note ('.$_POST['note'].') to '.$player->name.'('.$pid.')';
+        $message = 'Admin '.$user.' has added '.$_POST['warning'].' warning points and the note ('.$_POST['note'].') to '.$player->name.'('.$_POST['hidden'].')';
         logIt($user, $message, $dbcon);
         $note = $_POST['note'];
         $note = '"'.$note.'"';
-        $UpdateN = "INSERT INTO notes (uid, staff_name, name, alias, note_text, warning) VALUES ('$_POST[hidden]', '$user', '$player->name', '$player->aliases', '$note','$_POST[warn]')";
-        mysqli_query($dbcon, $UpdateN);
+		$warning = $_POST['warning'];
+        $warning = '"'.$warning.'"';
+        
+		$UpdateN = 'INSERT INTO notes (uid, staff_name, name, alias, note_text, warning)'
+            . ' VALUES ( ?, ? , ? , ? , ? , ? )';
+
+		if( $sth = mysqli_prepare($dbcon,$UpdateN) ) {
+		  mysqli_stmt_bind_param($sth,'ssssss'
+			 ,$_POST['hidden']
+			 ,$user
+			 ,$player->name
+			 ,$player->aliases
+			 ,$_POST['note']
+			 ,$_POST['warning']
+		  );
+		  if( mysqli_stmt_execute($sth) ) {
+			 // statement execution successful
+		  } else {
+			 printf("Error: %s\n",mysqli_stmt_error($sth));
+		  }
+		} else {
+		  printf("Error: %s\n",mysqli_error($dbcon));
+		}
+		
+		$UpdateN2 = 'UPDATE players SET warning = warning + ? WHERE uid = ? ';
+		
+		if( $sth2 = mysqli_prepare($dbcon,$UpdateN2) ) {
+		  mysqli_stmt_bind_param($sth2,'ss'
+			,$_POST['warning']
+			,$_POST['hidden']
+		  );
+		  if( mysqli_stmt_execute($sth2) ) {
+			 // statement execution successful
+		  } else {
+			 printf("1Error: %s\n",mysqli_stmt_error($sth2));
+		  }
+		} else {
+		  printf("2Error: %s\n",mysqli_error($dbcon));
+		}
     }
 }
 
diff --git a/staffcase.php b/staffcase.php
new file mode 100644
index 0000000..3fa33bf
--- /dev/null
+++ b/staffcase.php
@@ -0,0 +1,144 @@
+<?php
+session_start();
+ob_start();
+
+if (!isset($_SESSION['logged'])) {
+    header('Location: index.php');
+}
+
+$staffPerms = $_SESSION['perms'];
+$user = $_SESSION['user'];
+
+include 'verifyPanel.php';
+masterconnect();
+
+if ($staffPerms['money'] != '1') {
+    echo "<script src='scripts/na.js'></script>";
+    header('Location: lvlError.php');
+}
+include 'header/header.php';
+?>
+
+
+
+        <div class="col-sm-9 col-sm-offset-3 col-md-10 col-md-offset-2 main">
+          <h1 style = "margin-top: 70px">Staff Cases</h1>
+		  <p class="page-header">Staff Case Logs of the panel, allows you to see staff cases.</p>
+
+		  <div class="table-responsive">
+            <table class="table table-striped" style = "margin-top: -10px">
+              <thead>
+                <tr>
+					<th>Your Name</th>
+					<th>Person Reporting</th>
+					<th>Person Being Reported</th>
+					<th>Player UID</th>
+					<th>Reported For</th>
+					<th>OutCome</th>
+					<th>Add Log</th>
+                </tr>
+              </thead>
+              <tbody>
+<?php
+echo '<form action=staffcase.php method=post>';
+  echo '<tr>';
+  
+  echo '<td>'."<input class='form-control' type=text name=staffn value='' </td>";
+  echo '<td>'."<input class='form-control' type=text name=personr value='' </td>";
+  echo '<td>'."<input class='form-control' type=text name=personbr value='' </td>";
+  echo '<td>'."<input class='form-control' type=text name=uid value='' </td>";
+  echo '<td>'."<input class='form-control' type=text name=report value='' </td>";
+  echo '<td>'."<input class='form-control' type=text name=outcome value=''</td>";
+  echo '<td>'."<input class='btn btn-primary btn-outline' type=submit name=update value=Add".' </td>';
+
+  echo '</tr>';
+  echo '</form>';
+
+echo '</table></div>';
+
+if (isset($_POST['update'])) {
+	$staffn = $_POST['staffn'];
+	$personr = $_POST['personr'];
+	$personbr = $_POST['personbr'];
+    $uid = $_POST['uid'];
+    $report = $_POST['report'];
+    $outcome = $_POST['outcome'];
+
+}
+$messageIdent = md5($_POST['update'] . $_POST['staffn'] . $_POST['personr'] . $_POST['personbr'] . $_POST['uid'] . $_POST['report'] . $_POST['outcome']);
+
+$sessionMessageIdent = isset($_SESSION['messageIdent'])?$_SESSION['messageIdent']:'';
+
+    if($messageIdent!=$sessionMessageIdent){//if its different:          
+        //save the session var:
+            $_SESSION['messageIdent'] = $messageIdent;
+        //and...
+            $UpdateQ = "INSERT INTO staff_logs (staffn,personr,personbr,playerid,report,outcome,staff_name) VALUES ('$staffn','$personr','$personbr','$uid','$report','$outcome','$user');";
+			mysqli_query($dbcon, $UpdateQ);
+    } else {
+        //you've sent this already!
+    }
+?>
+
+<br><br>
+
+<?php
+
+$sqlget = 'SELECT * FROM staff_logs';
+$search_result = mysqli_query($dbcon, $sqlget) or die('Connection could not be established');
+
+?>
+
+          <div class="table-responsive">
+            <table class="table table-striped" style = "margin-top: -10px">
+              <thead>
+                <tr>
+					<th>Case Id</th>
+					<th>Staff Name</th>
+					<th>Person Reporting</th>
+					<th>Person Being Reported</th>
+					<th>PlayerID</th>
+					<th>Reported For</th>
+					<th>Outcome</th>
+					<th>Admin</th>
+					<th>Time Stamp</th>
+
+                </tr>
+              </thead>
+              <tbody>
+<?php
+while ($row = mysqli_fetch_array($search_result, MYSQLI_ASSOC)) {
+    echo '<tr>';
+    echo '<td>'.$row['case_id'].'</td>';
+	echo '<td>'.$row['staffn'].' </td>';
+	echo '<td>'.$row['personr'].' </td>';
+	echo '<td>'.$row['personbr'].' </td>';
+    echo '<td>'.$row['playerid'].' </td>';
+    echo '<td>'.$row['report'].' </td>';
+    echo '<td>'.$row['outcome'].' </td>';
+    echo '<td>'.$row['staff_name'].' </td>';
+    echo '<td>'.$row['timestamp'].' </td>';
+    echo '</tr>';
+}
+
+echo '</table></div>';
+?>
+              </tbody>
+            </table>
+          </div>
+        </div>
+      </div>
+    </div>
+
+    <!-- Bootstrap core JavaScript
+    ================================================== -->
+    <!-- Placed at the end of the document so the pages load faster -->
+    <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
+    <script>window.jQuery || document.write('<script src="../../assets/js/vendor/jquery.min.js"><\/script>')</script>
+    <script src="/dist/js/bootstrap.min.js"></script>
+    <!-- Just to make our placeholder images work. Don't actually copy the next line! -->
+    <script src="../../assets/js/vendor/holder.min.js"></script>
+    <!-- IE10 viewport hack for Surface/desktop Windows 8 bug -->
+    <script src="../../assets/js/ie10-viewport-bug-workaround.js"></script>
+  </body>
+</html>
diff --git a/verifyCheck.php b/verifyCheck.php
index df90656..f5db271 100644
--- a/verifyCheck.php
+++ b/verifyCheck.php
@@ -65,6 +65,13 @@
     } else {
         $maxCop = 7;
     }
+	
+	if ($_POST['maxWarning'] != '') {
+        $maxWarning = $_POST['maxWarning'];
+        $maxWarning = (int) $maxWarning;
+    } else {
+        $maxWarning = 30;
+    }
 
     if ($_POST['maxMedic'] != '') {
         $maxMedic = $_POST['maxMedic'];
@@ -155,6 +162,8 @@ function Rconconnect(){
 
 global ".'$'.'maxCop;
 '.'$'."maxCop = $maxCop;
+global ".'$'.'maxWarning;
+'.'$'."MaxWarning = $Warning;
 global ".'$'.'maxMedic;
 '.'$'."maxMedic = $maxMedic;
 global ".'$'.'maxAdmin;
@@ -196,65 +205,62 @@ function Rconconnect(){
         $sqldata5 = mysqli_query($dbconnect, $sqlDel5);
 
         $sqlmake = '
-	CREATE TABLE IF NOT EXISTS `log` (
-	  `logid` int(11) NOT NULL AUTO_INCREMENT,
-	  `date_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
-	  `user` varchar(64) DEFAULT NULL,
-	  `action` varchar(255) DEFAULT NULL,
-	  `level` int(11) NOT NULL,
-	  PRIMARY KEY (`logid`),
-	  UNIQUE KEY `logid` (`logid`),
-	  KEY `logid_2` (`logid`)
-	) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=latin1;
+		CREATE TABLE IF NOT EXISTS `log` (
+		  `logid` int(11) NOT NULL AUTO_INCREMENT,
+		  `date_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+		  `user` varchar(64) DEFAULT NULL,
+		  `action` varchar(255) DEFAULT NULL,
+		  `level` int(11) NOT NULL,
+		  PRIMARY KEY (`logid`),
+		  UNIQUE KEY `logid` (`logid`),
+		  KEY `logid_2` (`logid`)
+		) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=latin1;
 	';
 
         $sqldata = mysqli_query($dbconnect, $sqlmake) or die('Connection could not be established - LOG');
 
         $sqlmake2 = '
-
-	CREATE TABLE IF NOT EXISTS `users` (
-	    `ID` mediumint(9) NOT NULL AUTO_INCREMENT,
-	    `username` varchar(60) NOT NULL,
-	    `password` varchar(80) NOT NULL,
-	    `permissions` text NOT NULL,
-	    PRIMARY KEY (`ID`)
-	) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;';
+		CREATE TABLE IF NOT EXISTS `users` (
+			`ID` mediumint(9) NOT NULL AUTO_INCREMENT,
+			`username` varchar(60) NOT NULL,
+			`password` varchar(80) NOT NULL,
+			`permissions` text NOT NULL,
+			PRIMARY KEY (`ID`)
+		) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;';
 
         $sqldata1 = mysqli_query($dbconnect, $sqlmake2) or die('Connection could not be established - USERS!');
 
         $sqlmake3 = "
-
-	CREATE TABLE IF NOT EXISTS `notes` (
-	    `note_id` INT(11) NOT NULL AUTO_INCREMENT COMMENT 'auto incrementing note_id of each user, unique index',
-	    `uid` VARCHAR(50) NOT NULL COLLATE 'utf8_unicode_ci',
-	    `staff_name` VARCHAR(50) NOT NULL COLLATE 'utf8_unicode_ci',
-	    `name` VARCHAR(50) NOT NULL COLLATE 'utf8_unicode_ci',
-	    `alias` VARCHAR(50) NOT NULL COLLATE 'utf8_unicode_ci',
-            `note_text` VARCHAR(255) NOT NULL,
-	    `warning` ENUM('1','2','3','4') NOT NULL,
-	    `note_updated` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
-	    PRIMARY KEY (`note_id`),
-	    UNIQUE INDEX `note_id` (`note_id`)
-	) COLLATE='latin1_swedish_ci' ENGINE=InnoDB AUTO_INCREMENT=6;
+		CREATE TABLE IF NOT EXISTS `notes` (
+			`note_id` INT(11) NOT NULL AUTO_INCREMENT COMMENT 'auto incrementing note_id of each user, unique index',
+			`uid` VARCHAR(50) NOT NULL COLLATE 'utf8_unicode_ci',
+			`staff_name` VARCHAR(50) NOT NULL COLLATE 'utf8_unicode_ci',
+			`name` VARCHAR(50) NOT NULL COLLATE 'utf8_unicode_ci',
+			`alias` VARCHAR(50) NOT NULL COLLATE 'utf8_unicode_ci',
+			`note_text` VARCHAR(255) NOT NULL,
+			`warning` ENUM('1','2','3','4') NOT NULL DEFAULT '0',
+			`note_updated` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+			PRIMARY KEY (`note_id`),
+			UNIQUE INDEX `note_id` (`note_id`)
+		) COLLATE='latin1_swedish_ci' ENGINE=InnoDB AUTO_INCREMENT=6;
 	";
 
         $sqldata100 = mysqli_query($dbconnect, $sqlmake3) or die('Connection could not be established - NOTES!');
 
         $sqlmake4 = "
-
-	CREATE TABLE IF NOT EXISTS `reimbursement_log` (
-		`reimbursement_id` INT(11) NOT NULL AUTO_INCREMENT,
-		`playerid` VARCHAR(50) NOT NULL,
-		`comp` INT(100) NOT NULL DEFAULT '0',
-		`reason` VARCHAR(255) NOT NULL,
-		`staff_name` VARCHAR(50) NOT NULL COLLATE 'utf8_unicode_ci',
-		`timestamp` TIMESTAMP NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
-		PRIMARY KEY (`reimbursement_id`),
-		UNIQUE INDEX `reimbursement_id` (`reimbursement_id`)
-	)
-	COLLATE='latin1_swedish_ci'
-	ENGINE=InnoDB
-	AUTO_INCREMENT=1;
+		CREATE TABLE IF NOT EXISTS `reimbursement_log` (
+			`reimbursement_id` INT(11) NOT NULL AUTO_INCREMENT,
+			`playerid` VARCHAR(50) NOT NULL,
+			`comp` INT(100) NOT NULL DEFAULT '0',
+			`reason` VARCHAR(255) NOT NULL,
+			`staff_name` VARCHAR(50) NOT NULL COLLATE 'utf8_unicode_ci',
+			`timestamp` TIMESTAMP NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+			PRIMARY KEY (`reimbursement_id`),
+			UNIQUE INDEX `reimbursement_id` (`reimbursement_id`)
+		)
+		COLLATE='latin1_swedish_ci'
+		ENGINE=InnoDB
+		AUTO_INCREMENT=1;
 	";
 
         $sqldata9 = mysqli_query($dbconnect, $sqlmake4) or die('Connection could not be established - REIM!');
@@ -281,7 +287,33 @@ function Rconconnect(){
             UNIQUE KEY `accessID` (`accessID`),
             KEY `accessID_1` (`accessID`)
         ) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=latin1;
-';
+	';
+	$sqldata11 = mysqli_query($dbconnect, $sqlmake6) or die('Connection could not be established - Staff Logs!');
+
+        $sqlmake7 = '
+        CREATE TABLE `staff_logs` (
+			`case_id` int(11) NOT NULL AUTO_INCREMENT,
+			`staffn` varchar(50) NOT NULL,
+			`personr` varchar(50) NOT NULL,
+			`personbr` varchar(50) NOT NULL,
+			`playerid` varchar(64) NOT NULL,
+			`report` varchar(100) NOT NULL,
+			`outcome` varchar(255) NOT NULL,
+			`staff_name` varchar(50) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
+			`timestamp` timestamp NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+			PRIMARY KEY (`case_id`),
+			UNIQUE KEY `case_id` (`case_id`)
+		) ENGINE=InnoDB AUTO_INCREMENT=44 DEFAULT CHARSET=latin1;
+
+	';
+	
+        $sqldata12 = mysqli_query($dbconnect, $sqlmake7) or die('Connection could not be established - Player Warning!');
+
+        $sqlmake8 = ("ALTER TABLE `players` ADD `warning` enum('0','1','2','3','4','5','6','7','8','9','10','11','12','13','14','15','16','17','18','19','20','21','22','23','24','25','26','27','28','29','30') NOT NULL DEFAULT '0' AFTER `last_seen`");
+	';
+	
+';		
+	
         $sqlMakeAccess = mysqli_query($dbconnect, $sqlmake6) or die('Connection could not be established - Access!');
 
         $sqldeluser = "DELETE FROM users WHERE username='AdminPanel';";