Formidable Forms Community Site

The Community forums are being phased out in favor of a new Slack group.
Add your email address below to get an invitation to join the community slack group

Slack Signup
Newsletter Optin
Help Desk
Subscribe

How to hide variables from url and still use get param

Labels

This Discussion is public

Notifications

I know how to use get param = name to pre fill form fields, but these fields are always visible so they can be changed by whoever has the link and visits the form.

I want to sent participants a unique link with which they can visit the page with the form and where their name and email address are already filled in and can't be changed.

How could I hide these variables or is there another way to prevent people form using the form twice or altering name and email address.

This is one way your requirement can be resolved. If the end user is clicking on a link, there has to be a query string associated with that link. The query string does not have to be a userid or name field though. It can be any random characters that are associated with a user's profile. Those random characters have to be in someway tied to that profile.

The process then would be, end user clicks link to form. Form receives parameter in jQuery, executes an Ajax call to retrieve the name and email from the database, form is populated with the retrieved data.

This is definitely advanced programming, but entirely do-able.

Hi Victor. Thanks for your suggestion.

Well, I'm definitely not a advanced programmer ;), so I have to find another solution.

One option I was thinking about (but don't know if that is possible) is that I would have a form with let's say 10 fields. 1 and 2 are name and email address. Then I would import a csv list with names and email addresses into that form, creating entries. Then (?) prohibit new entries to be created into that form, but changing an entry from the front end is allowed.

But I stilll don't want people to edit other peoples choices :( so another option would be to just check if the email addres is in a list with admitted mail addresses. That would be enough to keep it safe. If someone then wants to try and trick the form by entering another mail address in the url, the form can never be submitted.

I'm trying something else:

I created a form and a view were people can edit their own entry.
I import names and mail addresses into that form, and set email notification to send a mail to each one of them on trigger action Import.

Then I would need to add a link inside that email with a unique entry-key so that when they view their entry they would see name and email address already filled in.

This sounds almost logical ;), I just need some help to get the correct link to their entry.

Editing their own entry means they'll need login IDs for your site. Formidable works with the WordPress userid to allow for front end editing.

Yes, and I'm almost there ;) but importing new entries don't seem to create new users (subscribers), although I'm using and registered the User Registration add-on.

This is true. By importing, you are bypassing the hooks used by the registration add-on. I have code that I wrote for a client that creates the userid without using the Registration Add-on, but it still depends on a click of the form's submit button. Turning it into something that will create the userids on import will require some effort. As a community volunteer, that's beyond the scope of the help I can provide.

I'm a little late, but I have a comment.

https://formidableforms.com/knowledgebase/set-values-to-be-used-in-custom-displays-or-default-values/

Although I don't have an example, you can set the values without using a parameter via
[frm-set-get param_name="value"]

Hi Bobby, and no, you are not late at all. I'm still trying to figure out how to do this :).

The link you provided gives some information, but not on how to create unique links to a form in which name and email address are already filled in. I know how to do it with variables in the url, but those variables can be changed.

Jack, I just had this thought. You want to use a query string that the users can't decrypt or change. You also mentioned that you had a CSV that you could import to create records. When Formidable creates any form, record, or metadata, it creates two fields that could be used for what you want to do. It creates the item's ID and item_key. I suggest looking at building a query string using the item_key.

For example when you create an entry through the CSV import, each entry created will have an item_key that looks something like this: 3m3nk9. It doesn't matter what you call the key in the query string because of the way you would retrieve the key for the view. So to retrieve a single pre-populated entry, your query string would look something like this:

url-to-my-view/?campaign_id=3m3nk9

In the filter for your view, you set the filter to Entry key equal to [get param=campaign_id]

Since you are linking to the pre-populated entry, you'll have access to the data you need. Because entry keys are random strings, it would be close to impossible for anyone to get to someone else's record.

This was the only thing I could find that makes sense to me, but I'm not sure of the caveats.

https://rameshsai.wordpress.com/2016/11/28/hide-url-parameters/

Discussion closed.