Check for wrong ids

2 files changed, 17 insertions, 9 deletions

diff --git a/productdetails.php b/productdetails.php
index c840421..63ba451 100644
--- a/productdetails.php
+++ b/productdetails.php
@@ -7,9 +7,18 @@ else
 {
 	header('Location: categories.php');
 }
+if(isset($_GET['catid']))
+{
+	$catid = $_GET['catid'];
+}
 require_once('vendor.inc.php');
 
 $product = ProductQuery::create()->findOneById($id);
+
+if ( !is_object($product) )
+{
+	header('Location: categories.php');
+}
 ?>
 <!DOCTYPE html>
 <html>
@@ -25,6 +34,7 @@ $product = ProductQuery::create()->findOneById($id);
 			<dt><a href="contact.html">Contact us</a></dt>
 			<dt><a href=".">Home</a></dt>
 			<dt><a href="categories.php">Categories</a></dt>
+			<dt><a href="products.php?id=<?php echo $catid; ?>">Back to Category</a></dt>
 			<dt><a href="login.html">Login</a></dt>
 		</dl>
 	</nav>
@@ -65,10 +75,4 @@ $product = ProductQuery::create()->findOneById($id);
 	</div>
 	<footer>Copyright by SomeCompany Ltd.</footer>
 </body>
-</html>
-
-
-
-<?php
-require_once('vendor.inc.php');
-?>
\ No newline at end of file
+</html>
\ No newline at end of file
diff --git a/products.php b/products.php
index b8391d9..1591799 100644
--- a/products.php
+++ b/products.php
@@ -9,7 +9,11 @@ else
 }
 require_once('vendor.inc.php');
 
-$category = CategoryQuery::create()->filterById($id)->findOne();
+$category = CategoryQuery::create()->findOneById($id);
+if ( !is_object($category) )
+{
+	header('Location: categories.php');
+}
 $products = $category->getProducts();
 ?>
 <!DOCTYPE html>
@@ -33,7 +37,7 @@ $products = $category->getProducts();
 <dl>
 <?php
 foreach( $products as $product ){
-	echo "<dt><a href=\"productdetails.php?id={$product->getId()}\">{$product->getName()}</a></dt>";
+	echo "<dt><a href=\"productdetails.php?id={$product->getId()}&catid={$id}\">{$product->getName()}</a></dt>";
 	echo "<dd>{$product->getDescription()}</dd>";
 }
 ?>