public static function validateId($id) { if (is_null($id) || !preg_match("/^[0-9]+\$/", $id)) { throw new Exception("Data has been tempered. Aborting process."); } if (!AppointmentFetcher::existsId($id)) { // TODO: sent email to developer relevant to this error. throw new Exception("Either something went wrong with a database query, or you're trying to hack this app. In either case, the developers were just notified about this."); } }
function isUrlValid() { return isset($_GET['appointmentId']) && preg_match("/^[0-9]+\$/", $_GET['appointmentId']) && AppointmentFetcher::existsId($_GET['appointmentId']); }