Corey Lee asked 2 years ago
Please help.
I have a page that runs PHP code to display customized content based on the entry key, such as https://mydomain.com/?view=21hzx, where 21hzx is the entry key (form id is 6).
The problem is that anyone with the entry key can view the content at https://mydomain.com/?view=21hzx. What's the PHP code that only allows rightful users (entry creators) to view the content?
A user can have multiple entries with a form (form id is 6).
Many thanks in advance.
Walter Jones answered 2 years ago
Are they getting linked to the entry id so they can edit the entry, or are they just viewing the entry?
If they are just viewing data, setup a view and filter it userid=current_user .
Corey Lee answered 2 years ago
Thanks for your prompt response. They just are viewing their own entry. However, I need to do it via PHP statement, given my page is built with PHP code. It begins with the following.
$view = $_GET['view'];
$entry_id = FrmEntry::getOne($view);
$entry_id = FrmProEntriesController::show_entry_shortcode( array( 'id' => $view, 'format' => 'array' ) );
$entry_id = json_decode(json_encode($entry_id), True);
Before retrieving the entry data, it needs to verify if this entry was created by this user with a form (form id=6). Any suggestion? Thanks.
Why are you overriding $entry_id? Assuming 'view' is a parameter that has an entry id, you are returning the full form entry with getOne. Then you immediately over write the variable with show_entry_shortcode and last, you decode the shortcode returned in the previous statement. I don't understand how this code can work at all.
Please login or Register to submit your answer
