Leper's Colony - Month checker

<?php
/*
    filename: months.php
    [there's a <form> tag with the action "months.php" (this file) so replace that if you use another filename]
    don't host this on your website, it's not protected against SQL injection
 */
// this line is used to eventually convert month numbers into month names
$month_array = array(
        "1"  => "January",
        "2"  => "February",
        "3"  => "March",
        "4"  => "April",
        "5"  => "May",
        "6"  => "June",
        "7"  => "July",
        "8"  => "August",
        "9"  => "September",
        "10" => "October",
        "11" => "November",
        "12" => "December",
);
if (!is_numeric($_GET['width']))
{
    $width = 500; // if you specify a non-numeric value for width, it defaults to 500
}
elseif($_GET['width'] == "")
{
    $width = 500; // same if you specify nothing at all
}
else
{
    $width = $_GET['width']; // this is when you specify width
}
?>
<html>
<head>
<title>Leper's Colony &bull; Month checker</title>
<style type="text/css">
body
{
    background-color: black;
    color: white;
}
div
{
    height: 22px;
}
</style>
</head>
<body>
<?php
// now to create forms
// there's a lot of C/P code so things won't be explained again
    // Connect to MySQL database
    $db = mysqli_connect("localhost","USERNAME","PASSWORD","sa") or die("The database has stopped working. :(");
    $sql = "SELECT DISTINCT type FROM lc ORDER BY type ASC"; // this query eliminates all duplicate attention-seekers!
    $result = mysqli_query($db,$sql);
?>
<form action="months.php" method="get">
<label>Type:
<select name="type">
<option value=''>None</option>
<?php
// this while loop creates an option for every request type (probation, ban, etc.) that exists
    while($row = mysqli_fetch_assoc($result))
    {
        extract($row);
        ?>
            <option value='"<?php echo $row['type']; ?>"'><?php echo $row['type']; ?></option>
        <?php
    }
    mysqli_close($result); // close the connection and then we can do the new one
// the BANS + AUTOBANS option is hard-coded instead
?>
<option value='1'>BANS + AUTOBANS</option>
</select>
</label>
<?php

    // Connect to MySQL database again
    $db = mysqli_connect("localhost","USERNAME","PASSWORD","sa") or die("The database has stopped working. :(");
    $sql = "SELECT DISTINCT requestor FROM lc ORDER BY requestor ASC"; // this query eliminates all duplicate attention-seekers!
    $result = mysqli_query($db,$sql);
?>
<label>Horrible mod:
<select name="mod">
<option value=''>None</option>
<?php
// now to create every option for every mod to grace the Leper's Colony ever
    while($row = mysqli_fetch_assoc($result))
    {
        extract($row);
        ?>
            <option value='"<?php echo $row['requestor']; ?>"'><?php echo $row['requestor']; ?></option>
        <?php
    }
    mysqli_close($result);
?>
</select>
</label>
<?php
    // Connect to MySQL database. so what
    $db = mysqli_connect("localhost","USERNAME","PASSWORD","sa") or die("The database has stopped working. :(");
    $sql = "SELECT DISTINCT day FROM lc ORDER BY day ASC"; // this query eliminates all duplicate attention-seekers!
    $result = mysqli_query($db,$sql);
?>
<label>Day:
<select name="day">
<option value=''>None</option>
<?php
    while($row = mysqli_fetch_assoc($result))
    {
        extract($row);
        ?>
            <option value='<?php echo $row['day']; ?>'><?php echo $row['day']; ?></option>
        <?php
    }
    mysqli_close($result);
?>
</select>
</label>
<?php
    $db = mysqli_connect("localhost","USERNAME","PASSWORD","sa") or die("The database has stopped working. :(");
    $sql = "SELECT DISTINCT year FROM lc ORDER BY year ASC"; // this query eliminates all duplicate attention-seekers!
    $result = mysqli_query($db,$sql);
?>
<label>Year:
<select name="year">
<option value=''>None</option>
<?php
    while($row = mysqli_fetch_assoc($result))
    {
        extract($row);
        ?>
            <option value='<?php echo $row['year']; ?>'><?php echo 2000 + $row['year']; ?></option>
        <?php
    }
    mysqli_close($result);
    /*
    QUICK NOTE C/P: if you're wondering,
    2000 + row['year'] will convert something like 7 to 2007,
    simply putting 20 before the <?php echoing ?> the variable will interpret 7 as 207
     */
?>
</select>
</label>
<label>Graph width:
<input type="text" name="width" value="500" size="4" />
</label>
<input type="submit" value="Search!" />
</form>
<?php

    /*
    End of form input fields. Now enter the actual data table!

    insert dumb comment here, the php interpreter won't ignore it
    it'll contact a mod of SA forums instead :o
     */
?>
<table>
    <tr>
        <th>MONTH</th>
        <th>NO. OF BANS</th>
        <th>&nbsp;</th>
    </tr>
<?php
    // Connect to MySQL database. so what
    $db = mysqli_connect("localhost","USERNAME","PASSWORD","sa") or die("The database has stopped working. :(");
    // a bunch of variables are being set up for upcoming loops
    $i = 0;
    $x = 0;
    /*
    the upcoming loop tries to find the highest result that will eventually be shown
    this is to measure graph length

    doob.gif
     */
    while($i < 12)
    {
        ++$i; // apparently this is faster than $i++. oh well
        if($_GET['type'] == 1)
        {
            $sql = "SELECT * FROM lc WHERE month = ".$i." AND type NOT LIKE 'P%'"; // counts bans and autobans only
        }
        else
        {
            $sql = "SELECT * FROM lc WHERE month = ".$i; // sets up for upcoming AND queries
            if ($_GET['type'] != "")
            {
                $sql .= " AND type = ".$_GET['type']; // otherwise it's individual
            }
        }
        if ($_GET['mod'] != "")
        {
            $sql .= " AND requestor = ".$_GET['mod'];
        }
        if ($_GET['day'] != "")
        {
            $sql .= " AND day = ".$_GET['day'];
        }
        if ($_GET['year'] != "")
        {
            $sql .= " AND year = ".$_GET['year'];
        }
        $result = mysqli_query($db,$sql);
        // if the result here is bigger than variable x, variable x is overwritten to define the new result
        $num = mysqli_num_rows($result);
        if ($num > $x)
        {
            $x = $num;
        }
        mysqli_close($result); // I totally forgot what this does! honest!
    }
    $i = 0;
    while($i < 12)
    {
        ?><tr><?php
        ++$i;
        if($_GET['type'] == 1)
        {
            $sql = "SELECT * FROM lc WHERE month = ".$i." AND type NOT LIKE 'P%'"; // bans + autobans
        }
        else
        {
            $sql = "SELECT * FROM lc WHERE month = ".$i; // sets up for upcoming AND queries
            if ($_GET['type'] != "")
            {
                $sql .= " AND type = ".$_GET['type']; // otherwise individual type, mod, etc.
            }
        }
        if ($_GET['mod'] != "")
        {
            $sql .= " AND requestor = ".$_GET['mod'];
        }
        if ($_GET['day'] != "")
        {
            $sql .= " AND day = ".$_GET['day'];
        }
        if ($_GET['year'] != "")
        {
            $sql .= " AND year = ".$_GET['year'];
        }
        $result = mysqli_query($db,$sql);
        // okay, now we should get the results
        $num = mysqli_num_rows($result);
        /*
        that huge line over there is the bar.
        colour is determined by length (number of results), and  length / greatest result  (variable x) becomes a percent.
        &nbsp; is a blank space; it's there to make the bar show up.
         */
        ?>
        <td><?php echo $month_array[$i]; ?></td>
        <td><?php echo $num; ?></td>
        <td style="width: 500px;"><div style="width: <?php echo ($num / $x)*100; ?>%; background-color: #<?php echo dechex(16777215 - $num); ?>">&nbsp;</div></td><?php echo "\n";
        ?></tr><?php echo "\n";
        mysqli_close($result);
    }
?>
</table>
</body>
</html>