What are the legal requirements and best practices for handling email submissions from a contact form on a website, especially in the EU region?
When handling email submissions from a contact form on a website in the EU region, it is important to comply with data protection regulations such as the GDPR. This includes obtaining explicit consent from users before collecting their personal data, securely storing and processing the data, and providing users with the option to request deletion of their data at any time.
<?php
// Check if form is submitted
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Validate and sanitize input data
$name = filter_var($_POST["name"], FILTER_SANITIZE_STRING);
$email = filter_var($_POST["email"], FILTER_SANITIZE_EMAIL);
$message = filter_var($_POST["message"], FILTER_SANITIZE_STRING);
// Check if consent checkbox is checked
if (isset($_POST["consent"])) {
// Process the form submission
// Store the data securely in a database or send it to a secure email address
// Provide a confirmation message to the user
} else {
// Display an error message and prompt the user to give consent
}
}
?>
Related Questions
- How can PHP developers best handle the scenario of empty tables when using foreach loops for data processing?
- What best practices should be followed when comparing arrays for duplicate values in PHP?
- What are some best practices for utilizing imap_fetchbody to decode base64 strings for email attachments in PHP?