Form data not being sent through with phones. JavaScript - javascript

I make a web app so you can vote for the employee of the month for a supermarket, but they must be able to vote via their phone, I have created a database on mongoDB and host via Github Pages, my problem is that the database of votes does not receive the request when I try to vote via my phone, it works perfectly when I vote via Wifi but not via phone data.
the app is written in html and uses form tag, and javascript for everything else.

Github Pages hosts static pages from a GitHub repository.
That works well for apps that don't require any backed server; you can even do fairly complicated things in them (like write a Morse-code teaching app).
However, you're using MongoDB—that's a database. So you have a system that probably looks something like this:
[user] -> [webpage hosted on GitHub pages] -> [MongoDB database]
That database needs to be hosted at a location that is accessible to the GitHub pages page you load in your browser. GitHub pages is hosting your web pages in a place that's accessible anywhere in the world (which you know, since you're reading the pages on your phone over data). But if that database isn't accessible anywhere in the world, your webpages will fail to reach the database.
What URL are you using to reach your database?
I would guess it looks something like localhost:####, or some local IP (like 192.168.12.34:####). These addresses are accessible on your local network (your wi-fi), but not globally. When you connect over data, your webpages try to send data to your MongoDB instance at some IP address that doesn't exist on the cellular network. If that's the case, you need to think about hosting your database somewhere that can be accessed anywhere in the world, from any network. You can do that by exposing your MongoDB publicly (through port forwarding, etc), but that's almost certainly the wrong thing.
Instead, you probably want to set up a managed MongoDB instance—pay a service a few $ a month to host your database for you; you'll get an IP address or a domain name for your database that you can use. If you were to start writing an app in 2005, you would probably been told to pay for a VPS (Virtual Private Server) which is basically a computer with its own IP address; you could host your MongoDB on that VPS, and even serve your webpages with Apache or NGINX. That would cost about $5/month today. You could also buy a domain name for the VPS.
Apologies if this entirely misunderstands your problem, and also if this is more detail than you were looking for. Setting up a database-backed application isn't as easy as it could be.

Related

Static website access of environmental variable: "process is not defined"

I have a static website developed through 11ty (Node based SSG), which contains a Contact form that sends a request to a nodemailer API with the data. Both are hosted on Render, as a Static Website and Web Service respectively, and they share a basic auth password which I've stored in each project as an environmental variable.
The Web Service accesses the variables just fine. However, the static website's event presents me with the error in the title "process" isn't defined, as in "process.env.VARIABLE_NAME" which is how I'm accessing them. I tried including a secret .env file in the project with the same key and including dotenv in the project, but no change.
I assume the nature of the static site is making it so the environmental variable isn't being processed/applied somehow. What possible steps could I be missing here?
EDIT: Although it seems it might be possible for me to do this through methods such as command line arguments (which then get injected into the code during the build process), that wouldn't work for my case since the password had to be secret in the generated source files. The dotenv package didn't work in my case. Finally, I've opted to discard this password-based authentication instead and simply use honeypot fields to prevent spam and CORS Origin headers in the API to control request source.
Your static site is running in a different context than your web service (which acts like a server). Since your static site is run from a users browser, it does not understand node-specific functionality like loading files or accessing your process environment.
Adding your password to your static site would also create a security risk, because a user could just see your password, take it, and run their own requests without any security your site may have.
A usual approach to this would be to create an API of your own that takes in a request from your static site and talks to the API directly or a technology stack that takes the page rendering to a server (like ServerSideRendering). This way, YOUR system takes care of calling the API while your users requests are restricted.

MeteorJS: Using a client as the server?

I know that MeteorJS is an "isomorphic" web framework, which to my understanding means that code can run on both the client and server in different ways.
However, "server" here means a central server for all clients. If I'm making a quiz webapp, however, I need a central computer (for example to display the questions) to act as the "server" for a bunch of other clients. As in, using the quiz example, in a classroom setting, the student's computers would be clients and the teacher's computer the server.
Is this possible using Meteor? Can I deploy the same app but have it act differently depending on some setting or something?
What you ask for is quite possible. The most common way to achieve it is by using account roles: special privileges for some users. For example, if the teacher logs in (from any computer) the app would display the admin dashboard. alanning:roles is the de facto standard package for this purpose.
You could also possibly implement this by matching the IP address of the browser and the server, too. this.connection will tell you the client IP inside Meteor methods and publications, and Node.js can tell you the server IP. This way you don't need user accounts at all, but then all clients must connect to the teachers computer.
I'd go with account roles, I believe it's more reliable than comparing IP addresses.

How to store credentials in an Outlook Add-in

I'm looking for the correct, secure way to store credentials for a third party API in an Outlook add-in. This overview of the different storage options only says not to store credentials in Settings, but not where to put them, so I assumed the RoamingSettings would be okay. Then I ran into this page with information about RoamingSettings, where it says that is not the right location either.
The question then becomes: What is the right place? Should I build my own storage solution and store/encrypt the credentials in a file or cookie? That does not feel very secure either, since we are talking about what is basically a web app running in an Iframe.
I assume you cannot implement another authorization scheme (token based, cookies etc.) for your API and you are stuck with Basic Authentication and its issues. If you are using ASP.NET, with all the samples available it could be very easy to add another authentication scheme that is more adapted to web clients (such as Office web add-ins).
Having said that, for me your best option is to use HTML5 storage or cookie storage (if not implemented by browser) to store your credentials.
The fact that the app is iFramed is not really a big deal. Those storages (HTML5: sessionStorage/localStorage) rely on domains separation which means that the storage slots where you will put the credentials will not be be visible by other apps, even those living on the parent iFrame.
You may also consider the fact that you may serve the web add-ins and the apis from the same domain. They are both web applications!
You can do what Outlook itself does for its POP3/SMTP/IMAP4 passwords - use CredRead / CredWrite Windows API functions. The data can only be decrypted under the local Windows account used to encrypt the data, so it cannot be take to a different machine and decrypted.
I don't think you can access these functions from JavaScript. This is for an OWA addin, not the Outlook application, is it?

Where to put my php file?

I am trying to make a sign up activity on android and I am using a mysql database to store the data. On all the examples I have seen the http post goes to a ip address and then finds the php file. Can I just put the php file somewhere in the android app folder and access it from there, or do I have to find a host for it?
The php code, specially for tasks such as sign up, should never be placed on the client side or embedded with the front end application, but instead be placed on the server side hidden from the user for the sake of safety of your database/application. If you are only considering to put your php with your Android app together for the case you need to test it, and eventually doesn't have access to a server, you may then consider using Google App Engine, as it allows you to emulate a server locally without the need of a server. Here you find some info about Amazon's RDS.
You can put you php in the same directory you place your index.html file, i.e. in the root public directory of your domain. To load it to the Amazon, you can use the cPanel or the Filezilla or any other panel you wish among the options Amazon put available for their users.
In the case Amazon doesn't provide a place to put your php, as a suggestion, you can get a host that allows you to have a static ip accessing it thorough an easy to remember url address - for free. It is quite useful specially for making tests. Still if you decide at some point to have a personalized domain name registered, there are also some other good options to compare.
You dont need jQuery, when doing the POST request,PHP connects to the database get the data and return it to your app.
So to answer your question you should put the PHP in the same server where mysql runs.

Putting Node.js/Socket.io Onto a Website

So I'm getting into working with node.js and socket.io to make real-time web games, but I'm running into some obstacles.
I've already figured out how to install node.js and socket.io on my computer, and I can run basic servers and open them through http://localhost:8888/.
But now what I don't understand, and there doesn't seem to be anything on the web that explains this, is how to get this onto a website. Obviously, someone else on the internet that enters that same URL isn't going to see the same thing as what's on my screen. How do I get this onto a webpage so that anyone that visits that URL accesses the server?
I tried opening the port and then using http://<my external IP>:8888 but that doesn't work. Some sources seem to say that I need to install something on the website, but I installed node.js on my computer through command prompt, so I don't understand how that would work on a website. I found instructions for Linux, but I'm running Windows.
What you need is a:
web server - to host your game. You can, for instance, rent an EC2 instance from Amazon and install there all software required (Node.js, database, ...) or go with PaaS (Platform as a Service) solution like Nodejitsu or Heroku where you'll be given Node.js out of the box.
domain - to register a human-readable name for your web serwer (like. www.my-game.com). Normally, once you get your server, it'll have some IP address assigned to it. Domain name is an alias for it, easier to type and remember. Similar to, as in your case, localhost is just an alias for an IP 127.0.0.1 (special address meaning local system).
Of course, another solution would be to host app on your local PC and set up your router to forward traffic from it's external IP to your PC (assuming your ISP assigned you public IP). But then you'll have to worry about your PC, router and internet link being always online. And it'd be way slower than when going with external, dedicated hosting.

Categories