I am working towards the goal of a social site, however, being a beginner, I have many questions I need to answer before getting anywhere! One of these is in regards to embedable scripts/ web apps/ widgets. I would like to allow the users of the site to upload web apps or wdigets that can be used on blogs and as standalone apps. However, I'm worried about a few things. 1) security (how to avoid sql injection(this one probably isnt much of a worry), xss etc) and also 2) how to go about storing/hosting. I would like to be able to allow free and paid apps/scripts, but I don't know how to go about the storage of data and hosting. If I let them do it externally that would introduce all kinds of problems, but how do I let them store it locally under my servers.. I would probably be using a cloud hosting service when I am finally ready to launch the site, but that would presumably become expensive. So would I have to set up a verification tool to verify that its okay, or maybe charge them for the costs of hosting it + a fee ? maybe split it into classifications? if its a class A you can get off with a one of payment to host it and either I get a split of the profit of each sale or if its free then I just get the profit from ads and they get to use their web apps? And how will data be stored, is it possible to store many sqlite databases in a mysql database?
Advice would be much appreciated.
p.s I will be using python and django for this site.