Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add confirmation email and other fields to form #8

Open
alansill opened this issue Nov 25, 2022 · 4 comments
Open

Add confirmation email and other fields to form #8

alansill opened this issue Nov 25, 2022 · 4 comments
Labels
good first issue Good for newcomers

Comments

@alansill
Copy link
Contributor

To confirm entries and potentially allow checking to reduce duplication, we could add an email address field to the form and send a confirmation link that would have to be followed before posting the entry. The email could also be used to cut down on duplicate entries and allow people to make revisions (only the most recent entry i each category from a given email address would be kept, and text to that effect could be included in the confirmation email for clarity.)

With this additional security, we could allow people to enter information such as social media identities (possible optional field in each category) and URLs (for groups) with more confidence.
@vsoch
Copy link
Collaborator

vsoch commented Nov 25, 2022

This is being submit to a Google form. We can require people requiring email there, but unless you want to set up your own database / web service, that kind of functionality isn't possible in Google forms alone.

@alansill
Copy link
Contributor Author

alansill commented Nov 25, 2022
edited
Loading

The automation that harvests the form data would have to be both protected from malicious input (other issue) and perhaps could be extended with the validation logic bases on the email address from the form.

@vsoch
Copy link
Collaborator

vsoch commented Nov 25, 2022

But the automation is taking the input from the Google form. It goes directly from the Web UI to the Google form, and I'd (hope?) Google has checks in place for this. We could add an extra check in the automation for a malicious link but I don't think we need to implement another layer of input parsing to protect... Google's database?

@vsoch
Copy link
Collaborator

vsoch commented Nov 25, 2022

@alansill perhaps someone else can work on this - we aren't communicating well and I don't fully understand what you want - it sounds like some additional layer that is beyond what we have (GitHub pages and Google forms and automation that just grabs the responses via the exposed csv from that). I think it would be useful to look into that malicious link parser in our automation, and just raise an issue if one is found (for a human to check). I'm going to add good first issue to this so someone else can perhaps grab it up!

@vsoch vsoch added the good first issue Good for newcomers label Nov 25, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vsoch @alansill