Send a POST request with a button or webhook?

This is very quick in webhooks but yea you need SSL. You should consider enabling SSL everywhere (can be free with LetsEncrypt). Every site should have SSL regardless of content (even if the user doesn't submit any content). Both browsers and search engines are starting to punish sites without SSL using modern standards. You could in theory go from Quick Base button to a JavaScript page which invokes your PHP. The JavaScript page middle piece is so that you can get a Quick Base one time ticket and then either use that as the authentication server-side (so there are no stored creds) or validate it server-side if you do need to have elevated credentials performing credentials from the server. If you need that, the credentials ideally should be encrypted server-side. Your browsers might throw a mixed content warning (I don't know offhand in that situation) as well if the PHP server is insecure.

Hope this helps.