diff --git a/inc/bans.php b/inc/bans.php
index b5ce1f76..d97451cf 100644
--- a/inc/bans.php
+++ b/inc/bans.php
@@ -285,60 +285,68 @@ class Bans {
 		}
 	}
 
-	static public function stream_json($out = false, $filter_ips = false, $filter_staff = false, $board_access = false, $hide_message = false) {
-		$query = query("SELECT ``bans``.*, `username` FROM ``bans``
-			LEFT JOIN ``mods`` ON ``mods``.`id` = `creator`
- 			ORDER BY `created` DESC") or error(db_error());
-			$bans = $query->fetchAll(PDO::FETCH_ASSOC);
-
+	static public function stream_json($filter_ips = false, $filter_staff = false, $board_access = false, $hide_message = false) {
 		if ($board_access && $board_access[0] == '*') {
 			$board_access = false;
 		}
 
-		$out ? fputs($out, "[") : print("[");
+		$query = query("SELECT ``bans``.*, `username` FROM ``bans``
+			LEFT JOIN ``mods`` ON ``mods``.`id` = `creator`
+ 			ORDER BY `created` DESC") or error(db_error());
 
-		$end = end($bans);
+		print('[');
 
-		foreach ($bans as &$ban) {
-			$ban['mask'] = self::range_to_string([$ban['ipstart'], $ban['ipend']]);
+		$has_previous = false;
 
-			if ($ban['post'] && !$hide_message) {
-				$post = json_decode($ban['post']);
-				$ban['message'] = isset($post->body) ? $post->body : 0;
-			}
-			unset($ban['ipstart'], $ban['ipend'], $ban['post'], $ban['creator']);
+		while (true) {
+			$ban = $query->fetch(PDO::FETCH_ASSOC);
 
-			if ($board_access === false || in_array ($ban['board'], $board_access)) {
-				$ban['access'] = true;
-			}
+			if (\is_array($ban)) {
+				$ban['mask'] = self::range_to_string([$ban['ipstart'], $ban['ipend']]);
 
-			if (filter_var($ban['mask'], FILTER_VALIDATE_IP) !== false) {
-				$ban['single_addr'] = true;
-			}
-			if ($filter_staff || ($board_access !== false && !in_array($ban['board'], $board_access))) {
-				$ban['username'] = '?';
-			}
-			if ($filter_ips || ($board_access !== false && !in_array($ban['board'], $board_access))) {
-				@list($ban['mask'], $subnet) = explode("/", $ban['mask']);
-				$ban['mask'] = preg_split("/[\.:]/", $ban['mask']);
-				$ban['mask'] = array_slice($ban['mask'], 0, 2);
-				$ban['mask'] = implode(".", $ban['mask']);
-				$ban['mask'] .= ".x.x";
-				if (isset ($subnet)) {
-					$ban['mask'] .= "/$subnet";
+				if ($ban['post'] && !$hide_message) {
+					$post = \json_decode($ban['post']);
+					$ban['message'] = isset($post->body) ? $post->body : 0;
 				}
-				$ban['masked'] = true;
-			}
+				unset($ban['ipstart'], $ban['ipend'], $ban['post'], $ban['creator']);
 
-			$json = json_encode($ban);
-			$out ? fputs($out, $json) : print($json);
+				if ($board_access === false || in_array ($ban['board'], $board_access)) {
+					$ban['access'] = true;
+				}
 
-			if ($ban['id'] != $end['id']) {
-				$out ? fputs($out, ",") : print(",");
+				if (filter_var($ban['mask'], FILTER_VALIDATE_IP) !== false) {
+					$ban['single_addr'] = true;
+				}
+				if ($filter_staff || ($board_access !== false && !\in_array($ban['board'], $board_access))) {
+					$ban['username'] = '?';
+				}
+				if ($filter_ips || ($board_access !== false && !\in_array($ban['board'], $board_access))) {
+					@list($ban['mask'], $subnet) = explode("/", $ban['mask']);
+					$ban['mask'] = \preg_split("/[\.:]/", $ban['mask']);
+					$ban['mask'] = \array_slice($ban['mask'], 0, 2);
+					$ban['mask'] = \implode(".", $ban['mask']);
+					$ban['mask'] .= ".x.x";
+					if (isset($subnet)) {
+						$ban['mask'] .= "/$subnet";
+					}
+					$ban['masked'] = true;
+				}
+
+				$json = \json_encode($ban);
+
+				// Add a comma if there's a previous row.
+				if ($has_previous) {
+					print(',');
+				}
+				$has_previous = true;
+
+				print($json);
+			} else {
+				break;
 			}
 		}
 
-		$out ? fputs($out, "]") : print("]");
+		print(']');
 	}
 
 	static public function seen($ban_id) {