In the post management action, there is a Post ID setting that is used to tell WS Form which post ID to update. To use a query string parameter to specify which post ID to update, you will need to add a hidden field to pass the value through when the form is submitted.
For the purpose of this tutorial, let’s assume the URL to your form is:
In this URL, the query string parameter
post_id is set to
123, i.e. We want to update post ID 123.
First, let’s create the hidden field to pass the post ID through with the form submission.
1. Create a Hidden Field
- Add a hidden field to the form.
- In the hidden field, add
#query_var("post_id")in the Default Value setting.
So now we have a hidden field on the form that will contain the value of the
post_id query string parameter. This will get sent as a form field value when the form is submitted.
2. Set the Post ID in the Post Management Action
In the Post Management action, we refer to the hidden field we created in step 1 by using:
.. in the Post ID setting, where
123 is the ID of the hidden field you created in step 1.
And that’s it! The
post_id query string parameter will now be passed through to the Post Management action and will be used to specify which post ID to update.
Restricting Post Updates to the Original Author
By utilizing a query string parameter to define the post ID, you inadvertently allow the possibility for individuals to modify any post ID of the same post type by altering this parameter.
To safeguard against unauthorized updates, it’s advisable to limit post modification privileges exclusively to the post’s original author. This measure guarantees that a post can only be edited by the user who initially created it.
You can activate this security feature by checking the Restrict Updates to Author setting in the Post Management action.
Furthermore, you can also restrict form population to the original author by checking the Restrict Populate to Author setting in Form Settings > Data > Populate Using Action.