WPForms, encoded query string

With WPForms you can add hidden fields to your form and dynamically fill them in using query strings.

But what if you don’t want the raw data shown in the URL? It might be an email address, username, or employee ID number that you don’t want appearing in server logs, Google Analytics reports, and emails.

Using the code snippet below, you can pass an encoded version of the data as a query string and let WPForms decode it when processing the form.

  1. Add the code below to your theme’s functions.php file or a core functionality plugin.
  2. Edit your form. Add a hidden field and set the default value to a query string variable you define (see this tutorial). Also add a CSS class of encoded to the field.
  3. Go here and type in the data you’d like to encode in the top box. Click “Encode” and copy the text from the bottom box.
  4. Generate a link to your form using this encoded data. First get the URL for the page that contains the form, and add your query string variable with the data to the end of the URL.

For example, if your form is on yoursite.com/contact/ , the query variable is id and the data you’re encoding is 123456789, the final link would be: https://yoursite.com/contact?id=MTIzNDU2Nzg5

* WPForms encoded query string
* @author Bill Erickson
* @see https://www.billerickson.net/code/wpforms-encoded-query-string/
function be_wpforms_encoded_query_string( $field_id, $field_submit, $form_data ) {
if ( empty( $field_submit ) || 'encoded' !== $form_data['fields'][ $field_id ]['css'] ) {
wpforms()->process->fields[ $field_id ]['value'] = sanitize_text_field( base64_decode( $field_submit ) );
add_action( 'wpforms_process_format_hidden', 'be_wpforms_encoded_query_string', 20, 3 );
view raw functions.php hosted with ❤ by GitHub