Redirect to 404 from profile and group

website/public/group.php

@@ -13,9 +13,16 @@
 
 include_once("../queries/group_page.php");
 
-$group = selectGroupByName($_GET["groupname"]);
+if(!$group = selectGroupByName($_GET["groupname"])) {
+    header("HTTP/1.0 404 Not Found");
+    header("Location: error/404.php");
+    die();
+}
+
+
 $members = selectGroupMembers($group["groupID"]);
 
+
 /*
  * This view adds the main layout over the screen.
  * Header, menu, footer.

website/public/profile.php

@@ -25,7 +25,12 @@ if(empty($_GET["username"])) {
     $userID = getUserID($_GET["username"]);
 }
 
-$user = selectUser($_SESSION["userID"], $userID);
+if(!$user = selectUser($_SESSION["userID"], $userID)) {
+    header("HTTP/1.0 404 Not Found");
+    header("Location: error/404.php");
+    die();
+}
+
 $profile_friends = selectAllFriends($userID);
 $profile_groups = selectAllUserGroups($userID);
 $showProfile = $user["showProfile"] || ($user["status"] == 'confirmed') || $_SESSION["userID"] == $userID;

website/queries/group_page.php

@@ -33,7 +33,12 @@ function selectGroupByName($name) {
     if (!$stmt->execute()) {
         return False;
     }
-    return $stmt->fetch();
+    $row = $stmt->fetch();
+    if($row["groupID"] == null) {
+        return False;
+    }
+
+    return $row;
 }
 
 function selectGroupRole(int $groupID) {

website/queries/user.php

@@ -101,7 +101,9 @@ function selectUser($me, $other) {
 
     $stmt->bindParam(':me', $me, PDO::PARAM_INT);
     $stmt->bindParam(':other', $other, PDO::PARAM_INT);
-    $stmt->execute();
+    if(!$stmt->execute() || $stmt->rowCount() == 0) {
+        return False;
+    }
     return $stmt->fetch();
 }