FAQ: Preventing SQL Injection Attacks - Input Sanitization: Validating Forms

This community-built FAQ covers the “Input Sanitization: Validating Forms” exercise from the lesson “Preventing SQL Injection Attacks”.

Paths and Courses
This exercise can be found in the following Codecademy content:

Securing Express Applications

Defending Node Applications from SQL Injection, XSS, & CSRF Attacks

FAQs on the exercise Input Sanitization: Validating Forms

There are currently no frequently asked questions associated with this exercise – that’s where you come in! You can contribute to this section by offering your own questions, answers, or clarifications on this exercise. Ask or answer a question by clicking reply (reply) below.

If you’ve had an “aha” moment about the concepts, formatting, syntax, or anything else with this exercise, consider sharing those insights! Teaching others and answering their questions is one of the best ways to learn and stay sharp.

Join the Discussion. Help a fellow learner on their journey.

Ask or answer a question about this exercise by clicking reply (reply) below!
You can also find further discussion and get answers to your questions over in #get-help.

Agree with a comment or answer? Like (like) to up-vote the contribution!

Need broader help or resources? Head to #get-help and #community:tips-and-resources. If you are wanting feedback or inspiration for a project, check out #project.

Looking for motivation to keep learning? Join our wider discussions in #community

Learn more about how to use this guide.

Found a bug? Report it online, or post in #community:Codecademy-Bug-Reporting

Have a question about your account or billing? Reach out to our customer support team!

None of the above? Find out where to ask other questions here!

Did anyone else get this error when you get to running the app ?

No. Just did this recently. If you didn’t resolve it, do you mind posting your code?

Sure … I mean the exercise stuff worked for me. It was just the node app.js step where the thing errored out.

I just checked in on it again and it gave me the same error.

const express = require('express');
const partials = require('express-partials');
const path = require('path');
const validator = require('validator');
const app = express();

const PORT = 4001;

app.set("views", path.join(__dirname, "/views"));
app.set("view engine", "ejs");
app.use(express.static('public'));
app.use(partials());

app.use(express.json());
app.use(express.urlencoded({extended: true}));

app.use(express.static(path.join(__dirname, "/public")));


app.get('/', (req, res) => {
  res.render('form', { emailStatus: null })
})


//This is the part you change for the exercise.
app.post('/submit', 
  (req, res) => {
    const response = {
      emailValid: validator.isEmail(req.body.email),
      passwordValid: validator.isLength(req.body.password, { min:5, max:10 });
    }

    res.json({message: response})
});


app.listen(process.env.PORT || PORT, () => console.log(`Listening on http://localhost:${PORT}`) );

Did the next exercise too. I feel like I’m cursed with this. I had to fiddle around with doing the steps first to avoid the errors pointing out incomplete lines of code… but node app.js by the fourth step was feeding me the same error. None of the stuff in the mini browser shows.

Update: I played around with not doing the steps in order after resetting the exercise and I got it to work… Not sure what is going on but I’m going to keep in mind doing the coding steps first and the bash stuff second otherwise it wont render for me.

    const response = {
      emailValid: validator.isEmail(req.body.email),
      passwordValid: validator.isLength(req.body.password, { min:5, max:10 }); // <- The problem
    }

Nice you got it working! In the code you pasted you had a semi-colon terminating a line inside the response object. Semi-colons will throw errors if they are put inside an object. I have made that mistake as well.