Name | Modified | Size | Downloads / Week |
---|---|---|---|
gdpr.xml | 2018-10-16 | 10.5 kB | |
gdpr.php | 2018-10-16 | 8.1 kB | |
README.txt | 2018-10-15 | 3.6 kB | |
license.txt | 2018-10-15 | 35.1 kB | |
config.dtd | 2018-10-15 | 1.2 kB | |
gdpr.dtd | 2018-10-15 | 413 Bytes | |
gdpr.xsl | 2018-10-15 | 356 Bytes | |
config_site1.xml | 2018-10-15 | 4.4 kB | |
Totals: 8 Items | 63.8 kB | 1 |
************************************************************************ Purpose: Provide central privacy statement tool for multiple websites License: GPLv3 - see license.txt Language: PHP, XML, XSLT Author: Tobias Eggendorfer ************************************************************************ ************************************************************************ * Overview ************************************************************************ Many organisations run multiple websites, each of which requires a privacy statement under GDPR. Maintaining and updating them accross these sites is a nightmare for administrators. To ease the process this tool has been written. It could be run on a central server, such as gdpr.example.com, gets passed a parameter indicating which web site's privacy statement should be displayed and then generates it from a central element repository. ************************************************************************ ************************************************************************ * Files ************************************************************************ - gdpr.php - PHP script providing the functionality - gdpr.xml - XML file providing privacy statement bits and pieces in several languages if needed. Note that the German text version provided comes with no warrantie whatsoever. It is meant as an example. Other language versions are even less complete and might therefore not even be useful as an example. - gdpr.dtd - DTD for gdpr.xml - gdpr.xsl - main style sheet to beautify the output - config.dtd - DTD for config-files - config*.xml - XML-config files, one per site. A sample config_site1.xml is provided. - license.txt - license (GPLv3) - README - This readme file. ************************************************************************ ************************************************************************ * Installation ************************************************************************ In very broad terms: gdpr.php should be accessible by the web server. The script needs to be able to read the XML files, which could reside in a directory outside the document root. The directory is configured within gdpr.php ($default_path). Most might want to set up a special webserver, serving a domain such as gdpr.example.com. There, the suggested directory structure is: gdpr/ +-www/ | +- gdpr.php + data/ +- gdpr.xml +- gdpr.dtd +- gdpr.xsl +- config.dtd +- config_site1.xml The webserver's document root is at gdpr/www. That way all config files cannot be read over the internet. $default_path should then be set to "../data/". If wanted, gdpr.php could be renamed to index.php and the webserver's DirectoryIndex being set to run index.php. That would shorten the URL. For each site to be provided, an entry in gdpr.php needs to be made to match the site to its config-file. Note that user input is not used to construct the filename. This is a security measure. To run the script, call: http://gdpr.example.com/gdpr.php?lang=en&site=site1 Or, if it was renamed to index.php: http://gdpr.example.com/?lang=en&site=site1 ************************************************************************ ************************************************************************ * Configuration ************************************************************************ Please see the XML files for documentation, which should be self explanatory. They provide plenty of comments.