Preventing viewing or editing of results by users

  • Profile Image
    aschechtman
    Asked on April 26, 2012 at 07:23 PM

    Is there a way submissions can be locked after they are submitted?

    My understanding is that anyone with access to the form results link (ie. from an autoresponder email with a {edit_link} tag) could use that link to access and edit the results.  

    Even if I don't send an {edit_link} via email, in theory an unauthorized user could view/edit someone's results by figuring out the link: http://www.jotform.com/form.php?formID=XXXXXXXXXXX&sid=YYYYYYYYYYYYYYYYYY&mode=edit

    The formID is the same for anyone who views the form, so only the SID is unique to that user/submission.

    Is there a way to lock results to prevent viewing or editing once a result has been submitted?  Or, in other words, can I edit some setting so the above Edit Link would be invalid?

     

    Thanks


  • Profile Image
    Mike_T
    Answered on April 26, 2012 at 07:53 PM

    Thank you for contacting us.

    There is no such option to block the Submission/Edit Link. However, we do care about security and our service is safe, I do not know about any single case of security breach.

    I believe that SID parameter is generated on the server side, and no one can get it without access to your account.

    Please feel free to contact us if you need any further assistance.

  • Profile Image
    aschechtman
    Answered on April 26, 2012 at 07:58 PM

    OK.  Thanks.