From 1bb6c3bc23d08851f6af786f516b3cbc73a6f391 Mon Sep 17 00:00:00 2001
From: Stefan Suhren <suhren.stefan@fh-swf.de>
Date: Mon, 11 May 2015 14:54:29 +0200
Subject: Check for wrong ids

---
 productdetails.php | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

(limited to 'productdetails.php')

diff --git a/productdetails.php b/productdetails.php
index c840421..63ba451 100644
--- a/productdetails.php
+++ b/productdetails.php
@@ -7,9 +7,18 @@ else
 {
 	header('Location: categories.php');
 }
+if(isset($_GET['catid']))
+{
+	$catid = $_GET['catid'];
+}
 require_once('vendor.inc.php');
 
 $product = ProductQuery::create()->findOneById($id);
+
+if ( !is_object($product) )
+{
+	header('Location: categories.php');
+}
 ?>
 <!DOCTYPE html>
 <html>
@@ -25,6 +34,7 @@ $product = ProductQuery::create()->findOneById($id);
 			<dt><a href="contact.html">Contact us</a></dt>
 			<dt><a href=".">Home</a></dt>
 			<dt><a href="categories.php">Categories</a></dt>
+			<dt><a href="products.php?id=<?php echo $catid; ?>">Back to Category</a></dt>
 			<dt><a href="login.html">Login</a></dt>
 		</dl>
 	</nav>
@@ -65,10 +75,4 @@ $product = ProductQuery::create()->findOneById($id);
 	</div>
 	<footer>Copyright by SomeCompany Ltd.</footer>
 </body>
-</html>
-
-
-
-<?php
-require_once('vendor.inc.php');
-?>
\ No newline at end of file
+</html>
\ No newline at end of file
-- 
cgit v1.2.3-70-g09d2