PHP Web Form Suggestions

InfoTechEE
InfoTechEE used Ask the Experts™
on
We are trying to create a PHP form that would collect simple text fields. At the end, we also want to allow the user to BROWSE for a TXT file to attach to the form.

Besides emailing the form and the attachment to our customer service department, is there any other recommended ways to send the file over? We are looking for secure 3rd party services.

The end-goal is for customer service to receive an email once the form has been submitted, telling the customer service agent to go click on a link where they can go download the file.

I dont think using our own FTP would work because we don't want our agents searching through a directory for a particular file that was just uploaded. Instead, we are hoping for a single link inside an email notifying the agent to download a specific single file.

Any suggestions for 3rd party services?

Any other suggestions how to go about sending a file securly?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
You can store the file in a subfolder under the domain that you have the website that has the form.  There, in the email, you would just provide the url to the file (e.g. http://yoursite.com/email/customer001.txt).
To do this securely, your PHP form needs to ensure that either

a) the data never leaves the web server that PHP is running on

or

b) any data that leaves the server travels to other secure servers that you control, using an encrypted communication protocol

My suggestion is that you do this:

1) The HTML form that your user is posting to should be on a server which is running SSL. The user should connect to your page using the HTTPS protocol (e.g. https://yourserver.com/form.php). You'll need to get trusted certificates to install on your web server.

2) The form should post to the PHP page, and again, the URL should use HTTPS

3) The PHP script should take the form data and save it in a database, or somewhere local on the web server.

4) The PHP script should then email an access URL to the customer support department that contains only non-sensitive information about the user, and the URL to access the information

5) The access URL is just another PHP page on the same server (again connected using HTTPS protocol), and all it does is first authenticate the incoming user, and then retrieves the data that the user posted and outputs it.

This way the data never leaves your server, and it is only transmitted on demand through encrypted channels to your customer support staff
By the sounds of it, to put things simply you are looking for a helpdesk ticketing system. Essentially a ticketing system works like this:

1) The customer with a problem goes to your support website, hosted on a webserver somewhere that you control.

2) The customer, after looking at a knowledgebase and deciding that the knowledgebase cannot help them, decides to submit a support ticket to your support center. They do this by filling out a form on the support website which asks them key information about their issue, and lets them upload files

3) The helpdesk software stores the ticket in its database securely stored on the webserver, and emails the appropriate parties (the customer, and the support agent) about the issue

4) The support agent connects to the support website's "administrative panel", to view any open outstanding tickets and respond to them

So long as your web server is running an SSL encrypted connection and you control the webserver (e.g. don't use shared hosting, use your own server or get a virtual private server), then this is secure.

Quick googling around lead me to "HESK" which looks very straightforward for you to implement. Check it out:

http://www.hesk.com/demo.php

Author

Commented:
Thanks all.

I'm going to use some of these ideas in my post on craigslist or other websites to hire someone to do this as we don't have an in-house developer. How much does a project like this run?

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial