...Is it safe to upload my "Insert page" (user authentication is in place) and just insert the information from the hosting site? Then how could I make a copy of the database from time to time from the host onto my local computer?...
Personally I would upload the "Insert Page" to your server, more reliable and if the hosting company knows what it is doing and has hardened it's servers properly then it will be more secure than your home PC. Most quality hosts have their clients interest at heart which, of course, effects their bottom line.
With regard to your back up concerns - on your hosting provided site do you have cPanel or any other control panel like Plesk etc. installed?
If so, then most of those good panels have a backup facility that will suit your needs including a scheduling facility. You can configure it to backup to your home PC or anywhere you want to store your backups.
Consult the panel's documentation or raise a support ticket with your hosting provider. Often good quality hosts will do a nightly backup of all their clients data often included in the price of the hosting. Also good ftp clients have a sync and schedule feature that you can set to run once a week or so, in the background or when you are asleep.
There is nothing wrong with developing your web sites on your home PC, using XAMPP to test things out. When you are satisfied with the results, uploading the site to your hosting provider, bearing in mind you may have to tweak the uploaded files to make sure paths and file names that may be different in XAMPP to the features and paths of your host, are indeed correct for your host server's needs. On *nix based servers case is sensitive. On Windows case is insensitive. Incorrect file paths will prevent your site being served and will give error messages. I would recommend *nix servers to Windows servers for the best results for overall Internet presentations.
If you don't have a control panel then you can use the directory above your root web directory on your hosting server to store backups if you have enough allocated storage space. This directory is not accessable from the Internet.
Example - your web site is either stored in /public_html
etc. on your hosting server. So store your backups in the directory above these in /
One example of a directory structure for hosted clients is /home/user(you)/public_html/yourwebsitepages.html
- your backups would go in /home/user(you)/mybackups
Worth noting - do not delete or alter any files or directories that are already in your /home/user(you)
directory as they are placed in there by the hosting server and may cause your hosting server to fail. There is nothing wrong though if you place your own files or directories in there.
Hope this has been some help with reassuring you of your worrying security concerns.