From f4f8c50c4619b3d6c7ba8bce889355f4c305c1e5 Mon Sep 17 00:00:00 2001
From: Ruan <ruany@users.noreply.github.com>
Date: Sat, 6 Jun 2015 13:43:10 +0200
Subject: [PATCH] Cleanup, minor fixes

---
 bans.php  | 17 +++--------------
 check.php | 40 +++++++++++++++++++++-------------------
 2 files changed, 24 insertions(+), 33 deletions(-)

diff --git a/bans.php b/bans.php
index d315c36..daffccf 100644
--- a/bans.php
+++ b/bans.php
@@ -12,14 +12,14 @@
     </div>
     <br/>
     <!-- Ban check form -->
-    <form id="form" class="form-inline">
+    <form onsubmit="captureForm(event);" class="form-inline">
         <div class="form-group">
             <input type="text" class="form-control" id="user" placeholder="Player">
         </div>
         <button type="submit" class="btn btn-default">Check</button>
     </form>
     <script type="text/javascript">
-        function runCheck() {
+        function captureForm(e) {
             $.ajax({
                 type: 'POST',
                 url: 'check.php',
@@ -27,20 +27,9 @@
             }).done(function (msg) {
                 document.getElementById('output').innerHTML = msg;
             });
-        }
-        // prevent page from being reloaded on submit
-        // https://stackoverflow.com/questions/5384712/capture-a-form-submit-in-javascript
-        function processForm(e) {
-            if (e.preventDefault) e.preventDefault();
-            runCheck();
+            e.preventDefault();
             return false;
         }
-        var form = document.getElementById('form');
-        if (form.attachEvent) {
-            form.attachEvent("submit", processForm);
-        } else {
-            form.addEventListener("submit", processForm);
-        }
     </script>
     <div id="output"></div>
     <!-- End ban check form -->
diff --git a/check.php b/check.php
index a7f5a19..fcd0f2e 100644
--- a/check.php
+++ b/check.php
@@ -3,31 +3,33 @@ if (isset($_POST['name'], $_POST['table'])) {
     require 'includes/page.php';
     $name = $_POST['name']; // user input
     global $table_bans, $table_history, $conn;
-    $stmt = $conn->prepare("SELECT uuid FROM " . $table_history . " WHERE name=? ORDER BY date LIMIT 1");
+    $stmt = $conn->prepare("SELECT name,uuid FROM " . $table_history . " WHERE name=? ORDER BY date LIMIT 1");
     if ($stmt->execute(array($name))) {
         if ($row = $stmt->fetch()) {
+            $name = $row['name'];
             $uuid = $row['uuid'];
         }
     }
-    if (isset($uuid)) {
-        $stmt = $conn->prepare("SELECT * FROM " . $table_bans . " WHERE (uuid=? AND active=1) LIMIT 1");
-        if ($stmt->execute(array($uuid))) {
-            if ($row = $stmt->fetch()) {
-                $banner = get_banner_name($row['banned_by_name']);
-                $reason = $row['reason'];
-                $time = millis_to_date($row['time']);
-                $until = millis_to_date($row['until']);
-                echo($name . ' is banned! <br>');
-                echo('Banned by ' . $banner . '<br>');
-                echo('Reason: ' . $reason . '<br>');
-                echo('Banned on: ' . $time . '<br>');
-                echo('Banned until: ' . $until . '<br>');
-            } else {
-                echo($name . ' is not banned.');
-            }
-        }
-    } else {
+    if (!isset($uuid)) {
+        $name = htmlspecialchars($name, ENT_QUOTES, 'UTF-8');
         echo($name . ' has not joined before.');
+        return;
+    }
+    $stmt = $conn->prepare("SELECT * FROM " . $table_bans . " WHERE (uuid=? AND active=1) LIMIT 1");
+    if ($stmt->execute(array($uuid))) {
+        if (!($row = $stmt->fetch())) {
+            echo($name . ' is not banned.');
+            return;
+        }
+        $banner = get_banner_name($row['banned_by_name']);
+        $reason = $row['reason'];
+        $time = millis_to_date($row['time']);
+        $until = millis_to_date($row['until']);
+        echo($name . ' is banned! <br>');
+        echo('Banned by ' . $banner . '<br>');
+        echo('Reason: ' . $reason . '<br>');
+        echo('Banned on: ' . $time . '<br>');
+        echo('Banned until: ' . $until . '<br>');
     }
 }
 ?>
\ No newline at end of file