Celilo io asked 2 years ago
The forms I am creating can contain very sensitive information that can not be stored as an entry or anywhere on the WP site database itself. The form is behind a login page but I do not want to use the native 'save draft' function in Formidable.
I am looking for a way to be able to store the draft of an uncompleted form as a cookie that is ONLY accessible through the browser that was used to fill out that information. Again, this information can not be accessed by anyone else even with the login to the form page.
Any suggestions?
Nick Amis answered 2 years ago
You could write custom code that removed the sensitive data from the Formidable Fields when the form is submitted, and then save it to a Cookie. Further code would be required to read the data from the Cookie and populate the fields when editing the entry.
If mandatory fields are used then placeholder values could be inserted.
Have you considered encrypting the data in the fields rather than saving them to a Cookie. Cookies are meant to be opened and read and are highly insecure. Passwords and other sensitive information should not be stored in a Cookie. The contents could be read by malware, virus or hacker.
Celilo io
replied 2 years ago Thank you for this. Could you elaborate on how I might encrypt the data in the fields? I assume that would entail additional custom code outside the scope of usual Formidable functionality.
Victor Font Staff answered 2 years ago
I agree with Nick. Cookies and browser local storage are both highly insecure. You could use either to store values. I use local storage to save the criteria for search forms so the search criteria persists after page refreshes. Encryption would be much better: https://formidable-masterminds.com/encrypt-decrypt-formidable-form-fields/
Please login or Register to submit your answer
