Prevent URL hacking by adding a Secret field
Make your form update-able in the front end
You need to update the form's Settings to make your form update-able by "logged-in users" in the front end.
Add a Secret Field to your form
Create a field in the form called Secret and in the Dynamic Values section check "Calculate the default value for this field" and paste in this code. It will generate a random 10 digit number.
Create the update-entry page
This page will be secured using a view. We will call it /update-entry/. Leave the page contents blank for now.
Create a view or email targeting the update-entry page
You now now need to create a view or email which has a link of the form.
where id is the entry_id of the record (entry) you want to edit and the secret is the secret you added to the record when it was created.
Create a view to check the URL parameters
Choose an "all entries" type of view. In the Content area put the shortcode for the form to be edited. In the filter area filter
Entry Id "equal to" [get param=entry default=0] and
secret "equal to" [get param=secret default=0]
It is a feature/bug of Formidable that any value is equal to NULL. Therefore we need to set the default of the param Secret to zero if it has been removed by the user.
Add this view to the update page
You now add this view to the page /update-entry.
How it works
When a user clicks your secure link they are taken to the update-entry page. This then loads the view. The tries to select all the entries in the form but only the one that matches the entry_id and secret is returned. When this match happens the view renders the form because you put its shortcode in the content area. The form is editable because of the edit action in the URL.