Suggestions for designing a app

I have been assigned to building an emailer and dashboard for that will allow users to send text and emails to their customers that will gather social media reviews. The goal is to have a way for the users to respond to bad reviews before they are actually posted.

The dashboard is pretty straight forward and texting is probably beyond the scope of this forum.

I would guess a standard get url like
www.somedomain.com?customerid=x&stars=5 
www.somedomain?customerid=x&stars=4  
on each star link to intercept the customers intention


Anybody done anything similar and can give me some pointers or ideas where I might improve on the apps design.

Please also let me know if it is ok to ask this question since it is more general and regarding a certain project. I have specific questions that I figured I will probably become apparent as I dive in the code.

I don't know what kind of security you'd need here, but assuming that you're going to interact with a database you might look at encoding the links using base64_encode() or something similar. It would at least prevent most URL tampering and SQL injection. Like:

PHP Code:

$link = "https://www.somedomain.com?v=".base64_encode("customerid=x&stars=5"); 


Or as a CI URL segment

PHP Code:

$link = "https://www.somedomain.com/click/".base64_encode("customerid=x&stars=5"); 


Then upon click check using base64_decode's strict mode like:

PHP Code:

if(base64_decode($request->getPostGet('v'), TRUE)) { } 


or

PHP Code:

if(base64_decode($uri->getSegment(2), TRUE)) { } 


If it returns FALSE, you know something is amiss and you shouldn't trust the values. You also could go a step further and include timestamps or tokens in the string to add even more security.

Hope that gets you going in a good direction.

Designer, developer and Diet Dr. Pepper addict. Messing up PHP since <?= $when['year';] ?>

Thanks jameslittle.
I just tried base64_encode and it looks similar to some other implementations from places like Costco. That is probably the way they implemented it. It will definitely be interacting with a database and built in security is always a good idea. Thank You.

Another more specific question about the applications overall design.
The customers will login to a dashboard at www.ourcompany.com/setupaemailer but the actual url the emailer will provide to send to their customers will be from www.clientdoman.com/link so would it make sense to build a RESTful api at www.ourcompany.com/ to process the it, that way we could just install a small script on each persons website that just relays the link back to our www.ourcompany.com REST API.

I may not be seeing all the ways of solving this design issue.

*edit* it just occurred to me a small javascript file could also serve the same purpose by masking our original domain and forwarding it. I could maybe even use Ajax to make the front end experience more responsive.

Thanks jameslittle.
I just tried base64_encode and it looks similar to some other implementations from places like Costco. That is probably the way they implemented it. It will definitely be interacting with a database and built in security is always a good idea. Thank You.

Another more specific question about the applications overall design.
The customers will login to a dashboard at www.ourcompany.com/setupaemailer but the actual url the emailer will provide to send to their customers will be from www.clientdoman.com/link so would it make sense to build a RESTful api at www.ourcompany.com/ to process the it, that way we could just install a small script on each persons website that just relays the link back to our www.ourcompany.com REST API.

I may not be seeing all the ways of solving this design issue.

*edit* it just occurred to me a small javascript file could also serve the same purpose by masking our original domain and forwarding it. I could maybe even use Ajax to make the front end experience more responsive.

That sounds like a good approach to me. If your JS masking doesn't work out, maybe PHP/Codeigniter redirects would work too (unless you really want to build an API)... the flow might go something like this:

1. Customer click goes to client website landing page
   
2. Process/save/send email on the client website as needed
   
3. Redirect to a landing page on dashboard site with some sort of success token
   
4. Process/save/send email on dashboard site as needed
   
5. Redirect to "thank you" page on client website
   

In this approach, everything is being done by the browser request. The user would never see the address of the dashboard site unless they used developer tools to look at the network transactions.

I've also seen sites use iframes to do this. The landing page on the client site includes a non-visible iframe of a page from the dashboard site, and the src of that frame passes the necessary URL parameters to store in the dashboard database. But the user never leaves the client site in this approach.

Designer, developer and Diet Dr. Pepper addict. Messing up PHP since <?= $when['year';] ?>

Thanks jameslittle.
I just tried base64_encode and it looks similar to some other implementations from places like Costco. That is probably the way they implemented it. It will definitely be interacting with a database and built in security is always a good idea. Thank You.

Before you get deep into base64__encode you should read The Comprehensive Guide to URL Parameter Encryption in PHP.

Thanks jameslittle.
I just tried base64_encode and it looks similar to some other implementations from places like Costco. That is probably the way they implemented it. It will definitely be interacting with a database and built in security is always a good idea. Thank You.

Before you get deep into base64__encode you should read The Comprehensive Guide to URL Parameter Encryption in PHP.

Thanks for sharing this Dave. If you can do it that way, the random token tied to the user record is definitely a more secure method than to pass variable data as an encoded string. The base64_encode path is more about obfuscation than actual encryption.

Personally I'm using UUIDv4 to create unique customer ID's. It's not for security, but so that other customers can't guess how many documents, files, other customers there are in the system. You will still need to implement security measure to ensure that they only have access to their own data.

I'm storing it in BINARY as there are are a performance hit to JOIN table ID's as VARCHAR.

PHP Code:

<?php
defined('BASEPATH') OR exit('No direct script access allowed');

if ( ! function_exists('UUID_TO_BIN'))
{
    function UUID_TO_BIN($uuid) {
        $uuid = hex2bin(str_replace('-','',$uuid));
        return $uuid;
    }
}

if ( ! function_exists('BIN_TO_UUID'))
{
    function BIN_TO_UUID($uuid) {
        if( empty($uuid) ) return;
        $uuid = bin2hex($uuid);
        $uuid = substr($uuid, 0, 8) . '-' . substr($uuid, 8, 4) . '-' . substr($uuid, 12, 4) . '-' . substr($uuid, 16, 4)  . '-' . substr($uuid, 20);
        return $uuid;
    }
}


if ( ! function_exists('UUIDv4'))
{
    /**
     * Generates a random UUID using the secure RNG.
     *
     * Returns Version 4 UUID format: xxxxxxxx-xxxx-4xxx-Yxxx-xxxxxxxxxxxx where x is
     * any random hex digit and Y is a random choice from 8, 9, a, or b.
     *
     * @return string the UUID
     */
    function UUIDv4()
    {
        $bytes = random_bytes(16);
        $bytes[6] = chr((ord($bytes[6]) & 0x0f) | 0x40);
        $bytes[8] = chr((ord($bytes[8]) & 0x3f) | 0x80);
        $uuid = vsprintf('%s%s-%s-%s-%s-%s%s%s', str_split(bin2hex($bytes), 4));
        return $uuid;
    }
}

if ( ! function_exists('VALID_UUIDv4'))
{
    function VALID_UUIDv4($uuid)
    {
        return (bool) preg_match('/^[0-9A-F]{8}-[0-9A-F]{4}-4[0-9A-F]{3}-[89AB][0-9A-F]{3}-[0-9A-F]{12}$/i',$uuid);
    }
} 


Personally I'm using UUIDv4 to create unique customer ID's.

@jreclund,
You might find this uuid library useful.

In particular the ability to manipulate the uuid4 so that it will sort based on the time segment. Removes so of the down-side of using uuid4 as a PK. Article here.

That site that @Dave friend gave you has tons of security information I suggest
that you go over it all when you have time.

What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )