Cleanup, minor fixes

2025-05-23 08:29:06 +00:00 · 2015-06-06 13:43:10 +02:00 · 2015-06-06 13:43:10 +02:00 · f4f8c50c46
commit f4f8c50c46
parent 88fba6ed62
2 changed files with 24 additions and 33 deletions
--- a/bans.php
+++ b/bans.php
@ -12,14 +12,14 @@
    </div>
    <br/>
    <!-- Ban check form -->
-    <form id="form" class="form-inline">
+    <form onsubmit="captureForm(event);" class="form-inline">
        <div class="form-group">
            <input type="text" class="form-control" id="user" placeholder="Player">
        </div>
        <button type="submit" class="btn btn-default">Check</button>
    </form>
    <script type="text/javascript">
-        function runCheck() {
+        function captureForm(e) {
            $.ajax({
                type: 'POST',
                url: 'check.php',
@ -27,20 +27,9 @@
            }).done(function (msg) {
                document.getElementById('output').innerHTML = msg;
            });
-        }
-        // prevent page from being reloaded on submit
-        // https://stackoverflow.com/questions/5384712/capture-a-form-submit-in-javascript
-        function processForm(e) {
-            if (e.preventDefault) e.preventDefault();
-            runCheck();
+            e.preventDefault();
            return false;
        }
-        var form = document.getElementById('form');
-        if (form.attachEvent) {
-            form.attachEvent("submit", processForm);
-        } else {
-            form.addEventListener("submit", processForm);
-        }
    </script>
    <div id="output"></div>
    <!-- End ban check form -->
--- a/check.php
+++ b/check.php
@ -3,31 +3,33 @@ if (isset($_POST['name'], $_POST['table'])) {
    require 'includes/page.php';
    $name = $_POST['name']; // user input
    global $table_bans, $table_history, $conn;
-    $stmt = $conn->prepare("SELECT uuid FROM " . $table_history . " WHERE name=? ORDER BY date LIMIT 1");
+    $stmt = $conn->prepare("SELECT name,uuid FROM " . $table_history . " WHERE name=? ORDER BY date LIMIT 1");
    if ($stmt->execute(array($name))) {
        if ($row = $stmt->fetch()) {
+            $name = $row['name'];
            $uuid = $row['uuid'];
        }
    }
-    if (isset($uuid)) {
-        $stmt = $conn->prepare("SELECT * FROM " . $table_bans . " WHERE (uuid=? AND active=1) LIMIT 1");
-        if ($stmt->execute(array($uuid))) {
-            if ($row = $stmt->fetch()) {
-                $banner = get_banner_name($row['banned_by_name']);
-                $reason = $row['reason'];
-                $time = millis_to_date($row['time']);
-                $until = millis_to_date($row['until']);
-                echo($name . ' is banned! <br>');
-                echo('Banned by ' . $banner . '<br>');
-                echo('Reason: ' . $reason . '<br>');
-                echo('Banned on: ' . $time . '<br>');
-                echo('Banned until: ' . $until . '<br>');
-            } else {
-                echo($name . ' is not banned.');
-            }
-        }
-    } else {
+    if (!isset($uuid)) {
+        $name = htmlspecialchars($name, ENT_QUOTES, 'UTF-8');
        echo($name . ' has not joined before.');
+        return;
+    }
+    $stmt = $conn->prepare("SELECT * FROM " . $table_bans . " WHERE (uuid=? AND active=1) LIMIT 1");
+    if ($stmt->execute(array($uuid))) {
+        if (!($row = $stmt->fetch())) {
+            echo($name . ' is not banned.');
+            return;
+        }
+        $banner = get_banner_name($row['banned_by_name']);
+        $reason = $row['reason'];
+        $time = millis_to_date($row['time']);
+        $until = millis_to_date($row['until']);
+        echo($name . ' is banned! <br>');
+        echo('Banned by ' . $banner . '<br>');
+        echo('Reason: ' . $reason . '<br>');
+        echo('Banned on: ' . $time . '<br>');
+        echo('Banned until: ' . $until . '<br>');
    }
 }
 ?>