Tell us what’s happening:
I was thinking: after I will be finished with this survey form. Could I add the hosting service and let is use for my friend’s business- “watch repair” ? Will it work ? Is it ok with Freecodecamp rules… ?
Your code so far
Your browser information:
User Agent is: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36.
Challenge: Build a Survey Form
Link to the challenge:
If it’s set up correctly, sure. It’s a normal form after all.
Hi @Bond007. As @lasjorg said, you can host your survey form. But, please be aware of form validation as it’s an important factor in creating forms. If your form doesn’t have a proper validation, spammers could send spammy messages and hackers may break things.
Thank you for the reply. I have thought about it as well. Any advice how to prevent from happening like this?
Ya, main thing is to set up correctly.
If you don’t want to store your survey form data anywhere, then there is almost nothing to do other than some JavaScript validation, if you want.
But, if you want to store the data anywhere, you need to have a separate database and you should know PHP & SQL. You need to take all validation checks you can to protect your database from hacking, SQL injection, etc.
If you’re serious about this, then I would recommend you not to do this now. The reason is already said. You need to be an expert in backend and server side languages and you need to be extra sure that your form is stable from attacks.
There are many alternatives for this. For example, you could use SurveyMonkey, Google Forms, etc. to create these types of forms and they will take care of all validations.
If you want to do this yourself, learn JS, PHP & SQL, etc. and become an expert in data related field.
I’m not sure if you really need to be an expert in back end languages. Securing your forms isn’t that hard, PHP has some in-built functions to sanitise and filter the inputs. There’s other (relatively simple) techniques like a honeypot-input.
That would already protect from most spam and cross-scripting attacks. As long as you don’t store any sensitive data in your database, like your credit card number or personal data from the people who fill out the form, not much could happen anyway.
Finally, if someone really wants to hack you (and YOU personally), yes then you’d have to be an expert as well. Question is how relevant this case is.
That’s true. You won’t need to worry about anything if nothing is stored in any database. But, taking basic validation steps is always good.
Absolutely, it’s important to be aware of security risks from the start - before building anything. I just didn’t want the OP to give up on the project because of fear of attacks, I’ve learned a lot about PHP and SQL by building a recipe database - where the most sensitive data is how I like my tomato salad. I think you should totally give it a try @Bond007, even if you’re no expert in internet security.
Agree with @jsdisco. It’s worth trying.
But It is a risk to do it that way even nobody is gonna use it( like who I would know ) ?
I don’t really see any risks. The worst that can happen is that someone injects malicious code and prints the whole content of your database out on your site, so just don’t store anything sensible, like personal data.
The chance that you’ll get hacked is quite close to zero, though. Who would want that and why, it’s not that you’re sitting on a treasure chest filled with personal data from thousands of people.
It’s more likely that you’ll get spam. Bots fill out your form and invite you to buy something. It’s not dangerous, just mildly annoying. But if you have a small personal site with no SEO optimisation and little traffic, you won’t have to deal with avalanches of bot spam, if you even get any at all.
So I’d just go for it and try it 