<?php
require(__DIR__ . "/test_secret.php");

function auth($token)
{
    if (is_null($token)) {
        return null;
    }

    global $db;

    $stmt = $db->prepare("SELECT * FROM main.token WHERE token = ?");
    $stmt->execute([$token]);

    $result = $stmt->fetch(PDO::FETCH_ASSOC);
    if (!$result) {
        return null;
    }

    $username = $result['username'];

    $stmt = $db->prepare("SELECT * FROM main.auth WHERE username = ?");
    $stmt->execute([$username]);

    $result = $stmt->fetch(PDO::FETCH_ASSOC);
    if (!$result) {
        return  null;
    }

    $stmt = $db->prepare("SELECT * FROM main.ban WHERE username = ?");
    $stmt->execute([$username]);

    $result = $stmt->fetch(PDO::FETCH_ASSOC);
    if (!$result) {
        return $username;
    }

    $reason = $result['reason']; ?>	
<!DOCTYPE html>
<html>
<body>
	<h1>Banned</h1>
	<p>You are banned for <?php echo $reason?>.</p>
</body>
</html>
		<?php die();
}

if (array_key_exists('token', $_COOKIE)) {
    $username = auth($_COOKIE['token']);
}
?>