From 4fc1b9a0ca2cb19d3e6f1fbdaa9470bf2a95a499 Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <archlinux@cryptocrack.de>
Date: Thu, 21 Mar 2013 22:38:49 +0100
Subject: Return 404 error page if invalid package ID is used

We already display the 404 error page if someone tries to access an
invalid package via virtual URLs ("/packages/nonexistent"). Add the same
check to "web/html/packages.php" to make sure the same error is shown if
a user requests package details of a nonexistent package ID via legacy
URLs ("/packages.php?ID=-1").

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
---
 web/html/packages.php | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'web')

diff --git a/web/html/packages.php b/web/html/packages.php
index c1e54e1..a4a480c 100644
--- a/web/html/packages.php
+++ b/web/html/packages.php
@@ -18,6 +18,12 @@ if (!isset($pkgid) || !isset($pkgname)) {
 	} else {
 		unset($pkgid, $pkgname);
 	}
+
+	if (isset($pkgid) && ($pkgid == 0 || $pkgid == NULL || $pkgname == NULL)) {
+		header("HTTP/1.0 404 Not Found");
+		include "./404.php";
+		return;
+	}
 }
 
 # Set the title to the current query and get package details if required
-- 
cgit v1.2.3-54-g00ecf