From e659775e0d3306d4c9902a9e439cdaf751f0ea91 Mon Sep 17 00:00:00 2001
From: CodeKevin <kevin@codekevin.com>
Date: Fri, 30 Oct 2015 22:38:00 -0400
Subject: [PATCH] Closes #70

---
 CTFd/admin.py | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/CTFd/admin.py b/CTFd/admin.py
index 48d3209e..0248f978 100644
--- a/CTFd/admin.py
+++ b/CTFd/admin.py
@@ -328,20 +328,20 @@ def admin_teams(page):
 @admins_only
 def admin_team(teamid):
     user = Teams.query.filter_by(id=teamid).first()
-    solves = Solves.query.filter_by(teamid=teamid).all()
-    addrs = Tracking.query.filter_by(team=teamid).order_by(Tracking.date.desc()).group_by(Tracking.ip).all()
-    wrong_keys = WrongKeys.query.filter_by(team=teamid).order_by(WrongKeys.date.desc()).all()
-    score = user.score()
-    place = user.place()
 
     if request.method == 'GET':
+        solves = Solves.query.filter_by(teamid=teamid).all()
+        addrs = Tracking.query.filter_by(team=teamid).order_by(Tracking.date.desc()).group_by(Tracking.ip).all()
+        wrong_keys = WrongKeys.query.filter_by(team=teamid).order_by(WrongKeys.date.desc()).all()
+        score = user.score()
+        place = user.place()
         return render_template('admin/team.html', solves=solves, team=user, addrs=addrs, score=score, place=place, wrong_keys=wrong_keys)
     elif request.method == 'POST':
-        admin_user = request.form.get('admin', "false")
-        admin_user = 1 if admin_user == "true" else 0
-        if admin:
-            user.admin = 1
-            user.banned = 1
+        admin_user = request.form.get('admin', None)
+        if admin_user:
+            admin_user = 1 if admin_user == "true" else 0
+            user.admin = admin_user
+            user.banned = admin_user
             db.session.commit()
             return jsonify({'data': ['success']})