/**
 * Validate that a string is a valid TID (Timestamp ID)
 * TIDs are base36 encoded and should be 13 characters
 */
export function isValidTID(tid: string): boolean {
	if (!tid || typeof tid !== "string") return false;
	// TID should be 13 characters of base36 (0-9, a-z)
	return /^[0-9a-z]{13}$/.test(tid);
}

/**
 * Validate that a URL is a valid HTTPS URL
 */
export function isValidHttpsUrl(url: string): boolean {
	try {
		const parsed = new URL(url);
		return parsed.protocol === "https:";
	} catch {
		return false;
	}
}

/**
 * Sanitize a string for safe display (basic XSS prevention)
 * Note: Hono's html template already escapes, but this is defense in depth
 */
export function sanitizeString(str: string, maxLength: number = 1000): string {
	if (!str || typeof str !== "string") return "";
	return str.slice(0, maxLength);
}