stackoom
  简体   繁体   中英

Server-side data submit in Meteor

 原文  2015-04-14 07:49:45       javascript/ meteor

Question

I am new to meteor.Iam using meteor aldeed autoform and collection2 packages in my app.here is my client js file. 

Schema = {};

Schema.dc_address = new SimpleSchema({

 'dataCenterName': {
    type: String,
    index: 1,
    label:'Name of the Provider',
    regEx: /^[a-zA-Z\s]+$/
  },
'address1': {
    type: String,
    index: 1,
    label:'Address Line 1',
    regEx: /^[a-zA-Z0-9\s]+$/
  },
'address2': {
    type: String,
    index: 1,
    label:'Address Line 2',
    regEx: /^[a-zA-Z0-9\s]+$/
  },

});


  Template.dataCenters.helpers({//dataCenters is my main template
    steps: function() {
      return [{
        id: 'dc_address',
        title: 'Name & Address',
        template: 'dc_address',
        formId: 'dc_address_form',
        onSubmit: function(data, wizard) {



        var params=_.extend(wizard.mergedData(), data);
        alert(params);

     var jsonrpc = new $.JsonRpcClient({ ajaxUrl: 'http://172.16.4.190:8384' });


        jsonrpc.call(
                 'dataCenterCreate', params,
                     function(result) {alert('Pizzeria answered: ' + $.toJSON(result)); },
                    function(error)  { console.log('There was an error', $.toJSON(error)); }
            );

        }
      }];
    }
  });

here is my html page 

<template name="dc_address">
<div class="form-wrapper">
  {{#autoForm doc=this.data id="dc_address_form"  schema=Schema.dc_address }}
    <div class="col-md-12">
        {{> afQuickField name="dataCenterName" placeholder="Enter DataCenter Name"}}
    </div>  
    <table>
    <tr>
    <td class="col-md-6">
    {{> afQuickField name="address1" placeholder="#7 4th cross"}}
    </td>
    <div class="col-md-1"></div>
    <td class="col-md-6">   
    {{> afQuickField name="address2" placeholder="ITPL-banglore"}}
    </td>
    </tr>

    <button type="submit" class="btn btn-success btn-md pull-right">Next</button>

  {{/autoForm}}
  </div>
</template>

That works pretty well although - it's CLIENT side submit => it is not secure. How do I implement it is in server side?

1 answers

solution1
 0  2015-04-14 10:37:05

For security you should remove autopublish and insecure packages. Once you do this inserting anything into the databases will throw an error. Try Posts.insert({}) in the console to see the errors appear.

You get around this by adding allow and deny rules on your server (see the meteor docs for more on allow/deny rules). You can also use meteor methods using: Meteor.call(...) to insert docs into the database without having any allow rules set up. You'd have to do your own checks within the meteor method in this case.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Server-side data validation in Meteor Is there a server-side session in meteor Server-side debugging not working [Meteor 1.2] Server-side triggered toast in Meteor Meteor Server-Side HTTP Request Meteor Iron Router server-side hooks Server-side setInterval/clearInterval with Meteor Meteor: Call server-side method by client How can I insert data to my collection on my server-side main.js with meteor? How do I change Meteor server-side data and re-publish to React Native app?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM