fix: clamp and validate limit and page query params in /api/courses

[siddharth277]

Description

Fixes unvalidated pagination query parameters in GET /api/courses.
Previously, limit and page were parsed with parseInt() and passed directly to getPaginatedCourses() with no bounds checking. This allowed:
-limit=999999 — wasteful computation across the entire dataset
-page=0 / page=-5 — negative startIndex producing incorrect slice results
-limit=abc — parseInt returns NaN, causing slice(NaN, NaN) to silently return [] with no error

Fixes #3165

Type of change

• [ x] Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

Checklist:

• [ x] My code follows the style guidelines of this project
• [ x] My changes generate no new warnings
• [ x] I have performed a self-review of my own code

[vercel]

@siddharth277 is attempting to deploy a commit to the Prem Shaw's projects Team on Vercel.

A member of the Team first needs to authorize it.

[github-actions]

📌 Contribution Guidelines Reminder

👋 Thanks for contributing to Learnova!

We maintain contribution limits to ensure quality and fair visibility:
• Per-person limit: Max 3 open Issues & 3 open PRs
• Repository limit: Max 30 open PRs total

Your current activity:

• Your Open Issues: 2
• Your Open PRs: 2
• Repository Total Open PRs: 40

⚠️ Repository has 40 open PRs (global limit is 30). Consider reviewing and merging existing PRs before opening new ones.

Tips for quality contributions:
✅ Test thoroughly before submitting
✅ Add documentation when needed
✅ Respond to reviews promptly
✅ Focus on one issue/PR at a time

📖 See our Contribution Guidelines and Discussion Board for more info.

Thanks for being a great contributor! 🎉