Custom GDPR Consent Form

December 27, 2024 · AI Conversations

User
create custom gdpr in consent form for php
Assistant
Creating a custom GDPR consent form in PHP involves several steps. Below is a basic implementation of a GDPR consent form:

### Steps to Create the Form

1. **Design the HTML Form**: Create a consent form with checkboxes for different types of data processing (e.g., email marketing, analytics).
2. **Store User Consent**: Save the consent details in a database or session for further use.
3. **Backend Handling**: Validate and process the form submission.
4. **Provide a Way to Withdraw Consent**: Allow users to modify or withdraw their consent.

Here's an example:

### `gdpr-consent.php` (HTML + PHP Backend)

<?php
// Database connection (example, update with your credentials)
$conn = new mysqli('localhost', 'username', 'password', 'database');
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    // Get user input
    $email = $_POST['email'] ?? null;
    $consent_marketing = isset($_POST['consent_marketing']) ? 1 : 0;
    $consent_analytics = isset($_POST['consent_analytics']) ? 1 : 0;
    $consent_date = date('Y-m-d H:i:s');

    if ($email) {
        // Save to database
        $stmt = $conn->prepare("INSERT INTO gdpr_consent (email, marketing, analytics, consent_date) VALUES (?, ?, ?, ?)");
        $stmt->bind_param("siis", $email, $consent_marketing, $consent_analytics, $consent_date);
        if ($stmt->execute()) {
            echo "Consent saved successfully!";
        } else {
            echo "Error saving consent: " . $conn->error;
        }
        $stmt->close();
    } else {
        echo "Email is required.";
    }
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>GDPR Consent Form</title>
</head>
<body>
    <h1>GDPR Consent Form</h1>
    <form method="POST" action="">
        <label for="email">Email:</label><br>
        <input type="email" id="email" name="email" required><br><br>

        <label>
            <input type="checkbox" name="consent_marketing">
            I agree to receive marketing emails.
        </label><br>

        <label>
            <input type="checkbox" name="consent_analytics">
            I agree to data collection for analytics.
        </label><br><br>

        <button type="submit">Submit</button>
    </form>
</body>
</html>

### Database Table

Run the following SQL query to create the database table for storing GDPR consents:

CREATE TABLE gdpr_consent (
    id INT AUTO_INCREMENT PRIMARY KEY,
    email VARCHAR(255) NOT NULL,
    marketing TINYINT(1) NOT NULL,
    analytics TINYINT(1) NOT NULL,
    consent_date DATETIME NOT NULL
);

### Notes:
1. **Security**: Validate and sanitize user inputs to prevent SQL injection and XSS attacks.
2. **Withdrawal Mechanism**: Add functionality to update or delete consent based on the user's request.
3. **Logging**: Record the IP address and user agent if required for audit purposes.
4. **Cookies**: If using cookies, ensure they align with the consent given.
5. **Legal Compliance**: Consult with a legal professional to ensure full GDPR compliance.

Would you like to add withdrawal or update consent functionality?

User
make above php cookie based
Assistant
To create a GDPR consent form that is cookie-based, we need to:

1. **Check if a consent cookie exists**.
2. **Display the form if the cookie is not present**.
3. **Set the cookie after the user submits the form**.
4. **Allow users to withdraw consent**.

Here’s the implementation:

### `gdpr-cookie-consent.php` (PHP and HTML)

<?php
// Function to set the consent cookie
function setConsentCookie($marketing, $analytics) {
    $consentData = json_encode([
        'marketing' => $marketing,
        'analytics' => $analytics,
        'timestamp' => time(),
    ]);
    setcookie('gdpr_consent', $consentData, time() + (365 * 24 * 60 * 60), "/"); // Valid for 1 year
}

// Handle form submission
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $consent_marketing = isset($_POST['consent_marketing']) ? 1 : 0;
    $consent_analytics = isset($_POST['consent_analytics']) ? 1 : 0;

    // Set the consent cookie
    setConsentCookie($consent_marketing, $consent_analytics);

    // Redirect to prevent form resubmission
    header("Location: " . $_SERVER['PHP_SELF']);
    exit();
}

// Check if consent cookie exists
$hasConsented = isset($_COOKIE['gdpr_consent']);
?>
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>GDPR Cookie Consent</title>
</head>
<body>
    <?php if (!$hasConsented): ?>
        <h1>GDPR Consent Form</h1>
        <form method="POST" action="">
            <label>
                <input type="checkbox" name="consent_marketing">
                I agree to receive marketing emails.
            </label><br>

            <label>
                <input type="checkbox" name="consent_analytics">
                I agree to data collection for analytics.
            </label><br><br>

            <button type="submit">Submit</button>
        </form>
    <?php else: ?>
        <h1>Consent Saved</h1>
        <p>Thank you for providing your consent. You can modify it anytime.</p>
        <button onclick="document.cookie = 'gdpr_consent=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/;'; location.reload();">
            Withdraw Consent
        </button>
    <?php endif; ?>
</body>
</html>

### Explanation

1. **Set Cookie**:
– The `setConsentCookie()` function encodes the user’s consent into a JSON object and sets it in a cookie.

2. **Check Consent**:
– If the `gdpr_consent` cookie exists, the form is not displayed. Instead, a message shows that the user has already consented.

3. **Withdraw Consent**:
– The "Withdraw Consent" button deletes the cookie by setting its expiration date to a past time and reloads the page.

4. **Cookie Attributes**:
– The cookie is set for 1 year (`time() + (365 * 24 * 60 * 60)`).
– The path `/` ensures it’s available site-wide.

### Adding Features
1. **Custom Styling**: Use CSS to improve the appearance of the consent form/banner.
2. **Consent Details**: Decode the JSON from the cookie to display the consent choices on the user interface.
3. **Banner Style**: Replace the form with a consent banner if required.

Would you like to enhance the appearance or add additional functionality like opt-out links?

User
just one checkbox with show bottom up page as popup and close button
Assistant
Here’s a simple implementation of a GDPR cookie consent popup with one checkbox, appearing from the bottom of the page as a popup, with a close button.

### `gdpr-popup-consent.php` (HTML, CSS, JS, PHP)

<?php
// Function to set the consent cookie
function setConsentCookie() {
    setcookie('gdpr_consent', '1', time() + (365 * 24 * 60 * 60), "/"); // Valid for 1 year
}

// Handle form submission
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    setConsentCookie();

    // Redirect to prevent form resubmission
    header("Location: " . $_SERVER['PHP_SELF']);
    exit();
}

// Check if consent cookie exists
$hasConsented = isset($_COOKIE['gdpr_consent']);
?>
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>GDPR Consent Popup</title>
    <style>
        /* Popup container */
        #gdpr-popup {
            position: fixed;
            bottom: -100%;
            left: 0;
            width: 100%;
            background-color: #f8f9fa;
            box-shadow: 0 -4px 6px rgba(0, 0, 0, 0.1);
            padding: 20px;
            text-align: center;
            z-index: 1000;
            transition: bottom 0.3s ease-in-out;
        }
        #gdpr-popup.active {
            bottom: 0;
        }
        #gdpr-popup button {
            margin-top: 10px;
            padding: 10px 20px;
            background-color: #007bff;
            color: white;
            border: none;
            cursor: pointer;
            border-radius: 5px;
        }
        #gdpr-popup button:hover {
            background-color: #0056b3;
        }
        #gdpr-popup label {
            font-size: 14px;
            color: #333;
        }
    </style>
    <script>
        // Show the popup
        function showPopup() {
            const popup = document.getElementById('gdpr-popup');
            popup.classList.add('active');
        }

        // Close the popup
        function closePopup() {
            const popup = document.getElementById('gdpr-popup');
            popup.classList.remove('active');
        }

        // Show popup on page load if consent not given
        document.addEventListener('DOMContentLoaded', () => {
            <?php if (!$hasConsented): ?>
            showPopup();
            <?php endif; ?>
        });
    </script>
</head>
<body>
    <?php if (!$hasConsented): ?>
    <!-- GDPR Popup -->
    <div id="gdpr-popup">
        <form method="POST" action="">
            <label>
                <input type="checkbox" name="gdpr_consent" required>
                I agree to the processing of my data according to GDPR.
            </label><br>
            <button type="submit">Accept</button>
            <button type="button" onclick="closePopup()">Close</button>
        </form>
    </div>
    <?php endif; ?>
    <h1>Welcome to the website</h1>
    <p>Your main content goes here...</p>
</body>
</html>

### Features

1. **Popup Animation**:
– The `#gdpr-popup` element starts off-screen (`bottom: -100%`) and slides into view when the `active` class is added.

2. **Close Button**:
– A "Close" button hides the popup by removing the `active` class.

3. **Persistent Consent**:
– The consent is stored in a cookie and prevents the popup from reappearing.

### How It Works

1. **Cookie Check**:
– If the `gdpr_consent` cookie does not exist, the popup will appear.

2. **Consent Storage**:
– When the user submits the form, the consent is stored in a cookie for one year.

3. **Popup Closing**:
– Users can close the popup without providing consent. (This can be modified to force interaction if needed.)

Would you like to enhance it with custom animations or additional features like a link to a privacy policy?

Leave a Comment

Your email address will not be published. Required fields are marked *