From 4a8afe89d0bf326de7374901fca986d43b9c64b3 Mon Sep 17 00:00:00 2001
From: nolanwhy <thebackytb@gmail.com>
Date: Sun, 5 Feb 2023 12:47:04 +0100
Subject: [PATCH] f

---
 catalog.php | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/catalog.php b/catalog.php
index 0f3704f..180b39d 100644
--- a/catalog.php
+++ b/catalog.php
@@ -12,8 +12,27 @@ if (isset($_SESSION['user'])) {
 $user = new User($con, $_SESSION['user']);
 }
 
+$possiblePages = [
+  0,
+  1,
+  2,
+  3,
+  4,
+  5,
+  6,
+  7,
+  8,
+  9,
+  10,
+  11
+];
+
 if(isset($_GET["p"])) {
   $page = (int) $_GET["p"];
+  if(!in_array($page,$possiblePages)) {
+    header('location: /catalog');
+    exit;
+  }
 } else {
   $page = 0;
 }