Customer Form — We Manually Search for Your Key PHP Script
The scripts in the two link groups below are Customer Apps for Dealing with Product Keys and Email Addresses, and Administrator Apps for Dealing with Customer Records.
In our ecommerce world, products are sold by many different methods. Amongst these are getting out demos in various ways and when people try them, some of them are very pleased and they buy what's called a key. This unlocks the full feature set of the product when they enter it. There is a need to give the product users limited access to perform a few functions such as changing their emails, retrieving their keys from our database when they misplace them, etc. There is also a need for administrative functions to manage customer records. One needs to sort them, edit them, delete them, add them, view them, search them, register to be an administrator, login as administrator, etc.
If an ecommerce company does not have any of the applications below, it is forced to perform them the 20th century ways—by hand. This means paying for people to answer phones, write emails, keep paper files of customers, etc. The 21st century way is to let software perform these tasks, let websites and videos explain the product features, and let ecommerce close the sale and send the product.
Feel free to use these free Customer Records Management scripts in your business. Note: we know they work well for us (they are well tested), but we assume no liability for how they work in your situation. Similarly, we added lots of security measures such as extensive input filtering, but we make no claims and assume no liability for how securely they work in your situation.
The best security measure to take when using the administrative part of a system like this (meaning the Administrator Apps for Dealing with Customer Records, not the Customer Apps for Dealing with Product Keys and Email Addresses in which category the script below resides) is do not have any links ANYWHERE that link to the URLs of any of the admin files on the server, so neither hackers nor Google finds them. Then use the admin CMS yourself but do not even let your momma use it. Don't even save the link to the admin login as a Favorite, just to be secure. Just stick the login username and password in Roboform and make them impossible to guess. Then use Roboform to logon. The script below, and the other Customer Apps, are included online and linked to as part of the product web pages that make life easier for everyone. Their security is mainly handled via extreme input filtering. The Admin Apps are hidden, unlinked to, and well protected with security measures, password hashes and salts, etc.
This script is called we-manually-search-for-keys.php
Customer Apps for Dealing with Product Keys and Email Addresses
- Customer Email Address Change Form
- Customer Email Address Change Form PHP Script
- Customer Product Key Retrieval Request Form
- Customer Product Key Retrieval Request Form PHP Script
- Customer Form — We Manually Search for Your Key If You Lost Your Key During the Week You Ordered
- Customer Form — We Manually Search for Your Key If You Lost Your Key During the Week You Ordered PHP Script
- Customer Form — We Manually Search for Your Key
- Customer Form — We Manually Search for Your Key PHP Script
Administrator Apps for Dealing with Customer Records
- Customer Records Management PHP Script
- Sort Customer Records by Name PHP Script
- Sort Customer Records by Email PHP Script
- Add Customer Records PHP Script
- Delete Customer Records PHP Script
- Edit Customer Records PHP Script
- View Customer Records PHP Script
- Login to Customer Records Management PHP Script
- Logout of Customer Records Management PHP Script
- Register with Captcha to Administer Customer Records PHP Script
- Register with Captcha to Administer Customer Records PHP Captcha Script
- Check ID for Customer Records Management PHP Script
- Display Emails and Names (for spreadsheet use) PHP Script
The form action in Customer Form — We Manually Search for Your Key is the script on this page: we-manually-search-for-keys.php. That script processes the data which the user enters in the form on the form page. Note that in order to get a product key and email address emailed to them, the users must enter not only the email address, but also their other data. The PHP script below will filter the data that gets entered.
If a user is not sure of the email address that was used when the product key was purchased, the user may try several emails, separated by commas.
First we define a regular expression pattern:
$pattern1 = '/[^A-Za-z0-9 \\-\\.\\@\\_\\,]/'. This will allow the legitimate characters found in the various types of data and ensure there are no nasties in input. The replacement string ensures that all bad characters are dumped. Good data MUST be found in order to get a product key and email address emailed to them.
The data that has been entered is POSTed to this PHP script from the form. Next the strip_tags() function knocks out tags in data. Then the preg_replace() function uses the pattern to ensure the POSTed data is filtered.
Then we get to the emails—which may be a comma-separated list. We use the strpos() function to check their email input for commas—it finds the position of the first one or returns false. If there are any, the email input is a comma-separated list of email addresses, in which case we use the substr() function to grab just the first in the list, since that is supposed to be their current email, since in the form, they saw: MAKE SURE THE FIRST ONE IS YOUR CURRENT EMAIL ADDRESS, which was refering to emails. The grabbed one becomes the "From" in the email which is now sent to the company administrator to process, making it the "To" when the administrator does a Reply.
We send the email using the standard form of email sending. You'll want to change words like yoursite.com, and the link to index.html later to the words that apply in your situation. The user is told: "Message sent!" and sent to index.html, so you'll want that to be a real web page or you'll want to tweak it.
The reason people have asked for email addresses as well as keys is that sometimes they need to find out what their email address was when they ordered so they can use that to either change their email address because they have a new one, or to change their email address because they are unable to retrieve their key since the emaiil address they enter is not found—they forgot the one they used when they ordered.
This script is called we-manually-search-for-keys.php
<?php
//We Manually Search for Their Key (we-manually-search-for-keys.php)
$pattern1 = '/[^A-Za-z0-9 \\-\\.\\@\\_\\,]/';
$replacement = '';
$F=$_POST['First'];
$L=$_POST['Last'];
$B=$_POST['bizname'];
$E=$_POST['email'];
$P=$_POST['phone'];
$S=$_POST['street'];
$C=$_POST['city'];
$STATE=$_POST['state'];
$Z=$_POST['zip'];
$O=$_POST['ordernumber'];
$D=$_POST['date'];
$F=strip_tags($F);
$F=preg_replace($pattern1, $replacement, $F);
$L=strip_tags($L);
$L=preg_replace($pattern1, $replacement, $L);
$B=strip_tags($B);
$B=preg_replace($pattern1, $replacement, $B);
$E=strip_tags($E);
$E=preg_replace($pattern1, $replacement, $E);
$P=strip_tags($P);
$P=preg_replace($pattern1, $replacement, $P);
$S=strip_tags($S);
$S=preg_replace($pattern1, $replacement, $S);
$C=strip_tags($C);
$C=preg_replace($pattern1, $replacement, $C);
$STATE=strip_tags($STATE);
$STATE=preg_replace($pattern1, $replacement, $STATE);
$Z=strip_tags($Z);
$Z=preg_replace($pattern1, $replacement, $Z);
$O=strip_tags($O);
$O=preg_replace($pattern1, $replacement, $O);
$D=strip_tags($D);
$D=preg_replace($pattern1, $replacement, $D);
$a= strpos($E,",");
if ($a === false) {$email=$E;}else{$email=substr($E,0,$a);}
$to = "you@yoursite.com";
$subject = "Request for Manual Search: Keys and Email Address";
$message = $F." ".$L."\n".$B."\n".$E."\n".$P."\n".$S."\n".$C." ".$STATE." ".$Z."\n".$O."\n".$D;
$headers = "From: ".$email;
$mail_sent = mail($to, $subject, $message, $headers);
if($mail_sent){echo '<SCRIPT LANGUAGE="JavaScript">alert("Message sent!");</script>';}
echo '<SCRIPT LANGUAGE="JavaScript">window.location = "index.html";</script>';
?>