Get a post movie ID securely

classes/components/movies.php

@@ -54,6 +54,16 @@ class Movies {
 
 	}
 
+	/**
+	 * Check whether a movie specified by its ID exists or not
+	 * 
+	 * @param int $movieID The ID of the movie to check
+	 * @return bool TRUE if the movie exists / false else
+	 */
+	function exist(int $movieID) : bool {
+		return CS::get()->db->count($this::MOVIES_TABLE, "WHERE ID = ?", array($movieID)) > 0;
+	}
+
 	/**
 	 * Parse a video informations
 	 * 

functions/requests.php

@@ -212,6 +212,30 @@ function getPostPostID(string $name = "postID") : int {
 	return $postID;
 }
 
+/**
+ * Get the ID of a movie in a rest request
+ * 
+ * @param string $name Optionnal, the name of the post ID field
+ * @return int $movieID The ID of the movie
+ */
+function getPostMovieId(string $name = "movieID") : int {
+
+	//Get movieID
+	if(!isset($_POST[$name]))
+		Rest_fatal_error(400, "Excepted movie ID in '".$name."' !");
+	$movieID = toInt($_POST[$name]);
+
+	//Check movie ID validity
+	if($movieID < 1)
+		Rest_fatal_error(400, "Invalid movie ID in '".$name."' !");
+	
+	//Check if the movie exists
+	if(!CS::get()->components->movies->exist($movieID))
+		Rest_fatal_error(404, "Specified movie does not exists!");
+
+	return $movieID;
+}
+
 /**
  * Check the validity of an file posted in a request
  * 
@@ -235,3 +259,24 @@ function check_post_file(string $name) : bool {
 	return true;
 
 }
+
+/**
+ * Check the validity of a Youtube video ID
+ * 
+ * @param string $id The ID of the YouTube video
+ * @return bool True if the ID is valid / false else
+ */
+function check_youtube_id(string $id) : bool {
+
+	//Check length
+	if(strlen($id) < 5)
+		return FALSE;
+	
+	//Check for illegal characters
+	if($id !== str_replace(array("/", "\\", "@", "&", "?", ".", "'", '"'), "", $id))
+		return FALSE;
+	
+	//The video is considered as valid
+	return TRUE;
+
+}