We used this approach on Maid to Clean. Visitors fill out a booking request form, and on submission they are taken to a “View Estimate” page that displays the form data and an estimate based on their selections.
The ea_form_id_in_redirect() function adds the WPForms Entry ID to the redirect URL. It also includes an entry_hash parameter to prove this is a valid request. The hash is generated using the entry ID and the salt keys in wp-config.php. This prevents users from simply changing the &entry_id=XXX URL parameter to see other users’ submissions.
The view-estimate.php is the page template used by the page the form redirects to on successful submission. It calls the ea_verify_entry() function which looks at the URL for the entry_id and entry_hash. If anything is wrong (no Entry ID, no Entry Hash, invalid hash, entry can’t be found…) it returns an array with the error message.
If everything is correct, it returns an array with the success message and the entry data. You can then use json_decode() to decode the data (WPForms stores all the entry data as one large JSON blob) and display it on the page however you like.
form-functions.php
/**
* WPForms, Pass Entry ID on form completion
* @author Bill Erickson
* @link https://www.billerickson.net/code/wpforms-display-form-data-on-confirmation-page/
*/
function ea_form_id_in_redirect( $url, $form_id, $fields ) {
if( $form_id != EA_CUSTOMER_FORM_ID )
return;
$entry_id = $_POST['wpforms']['entry_id'];
return ea_url_with_entry( $url, $entry_id );
}
add_filter( 'wpforms_process_redirect_url', 'ea_form_id_in_redirect', 10, 3 );
/**
* URL with Entry
*
*/
function ea_url_with_entry( $url = false, $entry_id = false, $scheme = 'auth' ) {
$url = add_query_arg(
array(
'entry_id' => $entry_id,
'entry_hash' => ea_entry_hash( $entry_id, $scheme ),
),
esc_url( $url )
);
return $url;
}
/**
* Entry Hash
*
*/
function ea_entry_hash( $entry_id = false, $scheme = 'auth' ) {
return sha1( 'entry' . $entry_id . wp_salt( $scheme ) );
}
/**
* Verify Entry
*
*/
function ea_verify_entry() {
$return = array( 'type' => 'error', 'message' => 'Unknown Error' );
$entry_id = isset( $_GET['entry_id'] ) ? esc_attr( $_GET['entry_id'] ) : false;
$entry_hash = isset( $_GET['entry_hash'] ) ? esc_attr( $_GET['entry_hash'] ) : false;
$verified_hash = array( ea_entry_hash( $entry_id ) );
if( is_user_logged_in() )
$verified_hash[] = ea_entry_hash( $entry_id, 'logged_in' );
if( ! $entry_id ) {
$return['message'] = 'No entry specified';
} elseif( ! $entry_hash ) {
$return['message'] = 'Security hash not provided';
} elseif( !in_array( $entry_hash, $verified_hash ) ) {
$return['message'] = 'Security hash incorrect';
} else {
$entry = wpforms()->entry->get( $entry_id );
if( empty( $entry ) ) {
$return['message'] = 'Entry cannot be found';
} else {
$return = array( 'type' => 'success', 'message' => 'Success', 'entry' => $entry );
}
}
return $return;
}view-estimate.php
<?php
/**
* Template Name: View Your Estimate
*
* @package EAStarter
* @since 1.0.0
* @copyright Copyright (c) 2014, Contributors to EA Genesis Child project
* @license GPL-2.0+
*/
/**
* Estimate Content
* @author Bill Erickson
* @link https://www.billerickson.net/code/wpforms-display-form-data-on-confirmation-page/
*/
function ea_estimate_content() {
$verified_entry = ea_verify_entry();
if( 'error' == $verified_entry['type'] ) {
echo '<p class="error">Error: ' . $verified_entry['message'] . '</p><p>To receive an estimate, please complete <a href="' . home_url( 'schedule-a-cleaning-now' ) . '">this form</a>.</p>';
} else {
$entry = $verified_entry['entry'];
$fields = json_decode( $entry->fields, true );
// Display field data however you like. Ex:
echo '<p><strong>Preferred Contact Method:</strong> ' . $fields[10]['value'] . '</p>';
}
}
add_action( 'tha_entry_content_after', 'ea_estimate_content' );
// Build the page
require get_template_directory() . '/index.php';