Master Form .PHP and GDPR Compliance

Master Form .PHP stores form submission results in a MySQL database. Some of that data is likely to be sufficient to identify individuals.

When the records in the MySQL database are no longer needed for the operations of the website, they can be backed up into a secure directory and removed from the database.

The free Copy and Delete software download provided in this article can be used. The job can be done automatically in conjunction with a cron schedule.

The backed-up files in the secure directory can be downloaded and deleted from the server at your earliest convenience.

The Copy and Delete software specifically searches for and copies Master Form .PHP-created MySQL database tables. However, it may be modified to work with other (or additional) MySQL tables.

Important note: This article, including the accompanying software, is intended to help you become GDPR compliant. The article does not state, nor intend to convey the idea, that using the information or the software will make you GDPR compliant. If you have any questions about GDPR compliance, please consult with a competent legal professional.

How to Set Up Copy and Delete

The Copy and Delete software is quick to set up.

Create a separate directory on your server for storing the backup files. In that directory, put a .htaccess file that contains this line:
```
deny from all
```
Download Copy and Delete, unzip it, and:
1. Update the customization section of the MasterForm_CopyAndDelete.php file according to your preferences. (Customization instructions are later in this article.)
2. Upload the MasterForm_CopyAndDelete.php file into the directory where Master Form .PHP is installed and make a note of its URL.
Create a cron job to launch MasterForm_CopyAndDelete.php on a regular schedule.

How It Works

When you load Copy and Delete into your browser or it runs via a cron job, the software:

Makes a backup file with every record older than a specified age for each MySQL form submission data table.
Stores the backup file of each table in the secure directory.
Deletes the records from the MySQL tables that have been backed up.

Although a secure directory, and because they are likely to contain personally identifiable information, it is prudent to download the backup files and delete them from the server soon after Copy and Delete runs.

Customizing Copy and Delete

There are 3 places to customize.

How long to keep the latest records —

Every record older than what you indicate here will be backed up and removed whenever Copy and Delete runs.

Specify a number followed by a letter. The number represents how many. The letter represents a unit of time. The available letters are h, d, m, or y (representing hours, days, months, or years, respectively).

Thus, "2d" means 2 days, 12h means 12 hours, and 1m means 1 month.

Specify how long to keep the latest records as a value for the $HowLongToKeepLastestRecords variable.
Backup file location and format —

(You will have previously created a special subdirectory for the backup files. The subdirectory has a .htaccess file containing the deny from all line.)

When you specify the file name, it needs to have either the .csv or .json file name extension. The .csv extension causes the backup files to be CSV formatted and the .json extension causes the backup files to be JSON formatted.

Specify the backup subdirectory and file name as a value for the $LocationForDownloadedFile variable.
Keeping separate files —

Every table that is backed up is kept in a separate backup file.

The files can be further separated for every Copy and Delete run.

If you specify 'yes', files are further separated by prepending the date and time to the file name — the date and time Copy and Delete runs. Otherwise, the current backup will be appended to the previous backup for that table.

Specify 'yes' or 'no' as a value for the $KeepEveryFileSaveSeparate variable.

Prerequisites

Master Form .PHP needs to be installed on the domain where Copy and Delete will run. Copy and Delete was created specifically for use in conjunction with Master Form .PHP.

Copy and Delete requires multi-byte functionality and MySQLi functionality.

Multi-byte functionality allows text processing of accented and other non-ASCII letters.

MySQLi functionality is more secure than its MySQL predecessor. (In case you didn't see it, the difference in the names is the lower-case letter "i" in "MySQLi" — the "i" indicating "improved".)

Virtually all business-quality hosting accounts make those two functionalities accessible to PHP scripts. My thought is that most personal or hobby hosting accounts do, too.

Use Copy and Delete to remove MySQL database records created by Master Form .PHP so no-longer-necessary personally identifiable information is stored on the server.

(This article first appeared with an issue of the Possibilities newsletter.)

Will Bontrager

We only suggest and recommend what we believe is of value. As remuneration for the time and research involved to provide quality links, we generally use affiliate links when we can. Whenever we link to something not our own, you should assume they are affiliate links or that we benefit in some way.