From dc16a665aec3be17b7b6b01501782ba0a00b0005 Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Fri, 24 Apr 2015 10:59:00 -0400
Subject: [PATCH] page checks #3089

---
 src/controllers/categories.js | 9 +++++++--
 src/controllers/topics.js     | 5 +++--
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/controllers/categories.js b/src/controllers/categories.js
index 8c45cdc86e..80bf87907a 100644
--- a/src/controllers/categories.js
+++ b/src/controllers/categories.js
@@ -184,6 +184,8 @@ categoriesController.get = function(req, res, next) {
 			}, next);
 		},
 		function(results, next) {
+			userPrivileges = results.privileges;
+
 			if (!results.exists || (results.categoryData && parseInt(results.categoryData.disabled, 10) === 1)) {
 				return helpers.notFound(req, res);
 			}
@@ -196,15 +198,18 @@ categoriesController.get = function(req, res, next) {
 				return helpers.redirect(res, '/category/' + encodeURI(results.categoryData.slug));
 			}
 
+			var settings = results.userSettings;
 			var topicIndex = utils.isNumber(req.params.topic_index) ? parseInt(req.params.topic_index, 10) - 1 : 0;
 			var topicCount = parseInt(results.categoryData.topic_count, 10);
+			var pageCount = Math.max(1, Math.ceil(topicCount / settings.topicsPerPage));
 
 			if (topicIndex < 0 || topicIndex > Math.max(topicCount - 1, 0)) {
 				return helpers.redirect(res, '/category/' + cid + '/' + req.params.slug + (topicIndex > topicCount ? '/' + topicCount : ''));
 			}
 
-			userPrivileges = results.privileges;
-			var settings = results.userSettings;
+			if (settings.usePagination && (page < 1 || page > pageCount)) {
+				return helpers.notFound(req, res);
+			}
 
 			if (!settings.usePagination) {
 				topicIndex = Math.max(topicIndex - (settings.topicsPerPage - 1), 0);
diff --git a/src/controllers/topics.js b/src/controllers/topics.js
index 1548e29861..3f96682c31 100644
--- a/src/controllers/topics.js
+++ b/src/controllers/topics.js
@@ -53,12 +53,13 @@ topicsController.get = function(req, res, next) {
 			var settings = results.settings;
 			var postCount = parseInt(results.topic.postcount, 10);
 			var pageCount = Math.max(1, Math.ceil((postCount - 1) / settings.postsPerPage));
+			var page = parseInt(req.query.page, 10) || 1;
 
 			if (utils.isNumber(req.params.post_index) && (req.params.post_index < 1 || req.params.post_index > postCount)) {
 				return helpers.redirect(res, '/topic/' + req.params.topic_id + '/' + req.params.slug + (req.params.post_index > postCount ? '/' + postCount : ''));
 			}
 
-			if (settings.usePagination && (req.query.page < 1 || req.query.page > pageCount)) {
+			if (settings.usePagination && (page < 1 || page > pageCount)) {
 				return helpers.notFound(req, res);
 			}
 
@@ -81,7 +82,7 @@ topicsController.get = function(req, res, next) {
 			}
 
 			var postIndex = 0;
-			var page = parseInt(req.query.page, 10) || 1;
+
 			req.params.post_index = parseInt(req.params.post_index, 10) || 0;
 			if (reverse && req.params.post_index === 1) {
 				req.params.post_index = 0;