PHP: Update Documentation and Add Protection for RESTful API Calls

The PHP backend has about 50 public RESTful API calls, almost all of them are somehow related to the CRUD tables from the database. There is a public description of this API for external users, which is similar in style to Swagger, but not swagger - it was written manually. Description file - HTML simple JS.

The description in places is incomplete, inaccurate, contains errors. For example, the description states that the parameter of the call is an integer, but in fact the API accepts a text constant from the dictionary (this can be seen in the CODE of the API implementation in PHP). Also, many API calls do not contain any checks for the correctness of the transmitted data or checks are not enough, i.e. an API call with incorrect parameters can break the data schema in the database.

You need to carefully look at the implementation code of all call APIs, update the fix and add help on them to be similar to Swagger, and add protection against incorrect calls.

Database - MariaDB and Postgre (both are supported), Docker is used for deployment. Front Angular. The backy framework is homemade, there is a routing of requests.

In the responses, write about your experience in similar projects. If the task is performed qualitatively and in an adequate timeframe, there will be long-term cooperation on the project.