for my side project, I want to make a React app that has a textarea where you can paste code snippets in it and then hit save. Then I will store it into a database linked to their user account id for later retrieval.
Are there any good approaches generally used to do something like this? For example, to turn my javascript into a string and store it in a JSON format to be sent off to firebase?
I wanted to try using encodeURI at first but I couldn't even store the code inside a variable yet. Can anyone point me in the right direction? I'd appreciate it so much!
This could be a possible duplication of Is it safe to save user created javascript in database?
Although the general consensus is the risk is not high storing it. But it is high while retrieving and injecting it in the DOM for rendering.
So you should be good storing the the data as a string. But you'll have to be updated about any possible security issues that might pop up later that needs patching.
Related
I am quite new to coding so apologies if I'm asking an obvious question. I have managed to create a little web app in html/JavaScript that takes user input and transforms it and dumps it into a variable that I am interested in. All in all, all the information that I want to extract is in the form of an array comprising of 20 integers in the JavaScript code.
What I want to do now is find how to store that information so when somebody fills out the inputs and submits the form - I can have access to it. I have looked around the web and the common suggestion seems to be SQL database. I was just wondering if there is a simpler way of going about it, especially considering the tiny amount of information I need to store?
Well, if you just want to store the data on the website itself for each individual client, localStorage is the way to go. In other words, if you want to just store a bit of data for later, localStorage allows you to store data that is accessible the next time the user loads the page. This data can't be shared with other users, but if your app doesn't need too much security, or data sharing between users, localStorage is the way to go. However, the user can control what's in localStorage, so you need to make sure that you don't store anything sensitive there. In addition, you won't be able to see the data actually stored in localStorage on your website as the developer. All your handling has to be done on the client side. Every browser supports it, and it's really simple to use.
First off, you can set a value in localStorage like this:
localStorage.foo = "bar";
Then, you can get a value from localStorage like this:
localStorage.foo; //Returns "bar"
The only problem is, localStorage values can only be stored as strings.
So, in order to store an array (like you wanted to), you can do:
localStorage.arr = JSON.stringify([1, 2, 3]);
This turns the array into a string.
Then, to get the array from localStorage:
JSON.parse(localStorage.arr)
That's pretty much all you need to know for what you are describing.
If you want the full story on localStorage, visit: https://developer.mozilla.org/en-US/docs/Web/API/Window/localStorage
I hope this answer helped.
In my application I receive json data in a post request that I store as raw json data in a table. I use postgresql (9.5) and node.js .
In this example, the data is an array of about 10 quiz questions experienced by a user, that looks like this:
[{"QuestionId":1, "score":1, "answerList":["1"], "startTime":"2015-12-14T11:26:54.505Z", "clickNb":1, "endTime":"2015-12-14T11:26:57.226Z"},
{"QuestionId":2, "score":1, "answerList":["3", "2"], "startTime":"2015-12-14T11:27:54.505Z", "clickNb":1, "endTime":"2015-12-14T11:27:57.226Z"}]
I need to store (temporarily or permanently) several indicators computed by aggregating data from this json at quizz level, as I need these indicators to perform other procedures in my database.
As of now I was computing the indicators using javascript functions at the time of handling the post request and inserting the values in my table alongside the raw json data. I'm wondering if it wouldn't be more performant to have the calculation performed by a stored trigger function in my postgresql db (knowing that the sql function would need to retrieve the data from inside the json raw data).
I have read other posts on this topic, but it was asked many years ago and not with node.js, so I thought people might have some new insight on the pros and cons of using sql stored procedures vs server-side javascript functions.
edit: I should probably have mentioned that most of my application's logic already mostly lies in postgresql stored procedures and views.
Generally, I would not use that approach due to the risk of getting the triggers out of sync with the code. In general, the single responsibility principle should be the guide: DB to store data and code to manipulate it. Unless you have a really pressing business need to break this pattern, I'd advise against it.
Do you have a migration that will recreate the triggers if you wipe the DB and start from scratch? Will you or a coworker not realise they are there at a later point when reading the app code and wonder what is going on? If there is a standardised way to manage the triggers where the configuration will be stored as code with the rest of your app, then maybe not a problem. If not, be wary. A small performance gain may well not be worth the potential for lost developer time and shipping bugs.
Currently working somewhere that has gone all-in on SQL functions.. We have over a thousand.. I'd strongly advise against it.
Having logic split between Javascript and SQL is a real pain when debugging issues especially if, like me, you are much more familiar with JS.
The functions are at least all tracked in source control and get updated/created in the DB as part of the deployment process but this means you have 2 places to look at when trying to follow the code.
I fully agree with the other answer, single responsibility principle, DB for storage, server/app for logic.
Let's say a website needs to pull information from a specific table in a database based on a user's menu selection. That table's data is then fed into some JS equations and thrown onto the page.
What is the best way to go about pulling that table's information? I've read that trying to access an SQL database via JavaScript is bad practice, so is there another way to do this? I know about PHP's json_encode, but I guess I'm not entirely sure
What the syntax is if I'm calling PHP from a JS script, and
If that's 'best' practice. Still relatively new to this, so I'd like to do this right.
Another option as far as I'm concerned is attempting to pull ALL of the possible tables (not a security concern) at once on page load. I expect that'd introduce a good deal of latency, though.
It looks to me that you are not really sure what technique to use. Here are some options. I'm not going to type them here because, there is enough to find about each one:
plain php: w3schools
pure ajax call: stackoverflow
jquery: jquery
Ajax calls are more user friendly and many times more efficient because, you don't have to refresh the page. I usually get all information at once( as long your mysql data is not to big). As for security: You use php either way so it doesn't matter if you use Ajax or not. Oh and don't select valuable data of users data (like password or their emails). I hope you get more overview after this :)
I have a simple html application which displays words on a click of a next button. It fetches the words from a javascript object literal file. I want to mark some of the words as easy and some as difficult. How do I save this data from browser without using a mysql database?
can I edit the javascript object file directly from bowser?
If you want to take user input and store it permanently on your site, you'll have to employ some sort of server-side scripting. This doesn't have to be PHP, but it's probably the simplest way to do it. You can't use client-side javascript to write to a remote file directly.
If I understand correctly, you have JS object/array with words, you're modifying it and want to store it modified version permanently.
If so, then you can use "HTML5" localStorage.
This storage is per-browser. If you want to have single version shared between many users/browsers, then you will need some server-side support.
To save it on the client-side you could use cookies or local storage on supported browsers but this may not be the best approach if there are many words to keep track of.
My application has a lot of decision to make before finally saving my data to the database. I am using JQuery to do this. I have succeeded in creating a moderately long xml string, due to the fact that the user will enter data that will each need to be verified.
I have made this decision base of the number of trips i expect my application to make back to the server. Currently i'm storing this xml in a hidden field. I want to know if there are better approaches? Please.
Are you passing the hidden field along through multiple form submissions? If that's the case, you should probably look into storing session variables. This really is a lot more reliable (and better practice) than keeping it all client-side.
Make sure you're still verifying the data server-side. Don't trust javascript alone to do it.
You can use the 'data' function in jQuery:
http://docs.jquery.com/Core/data#namevalue
You can store name value pairs and retrieve them when you need them.