"Pre or Auto" Populating Fields within a Form??? H

Hello Everyone,

I was tasked with building a Form (HTML) that emails a user that we have successfully resolved his/her issue. Within that email is a link to an optional Feedback Form.

In this Feedback Form the user inputs all pertinent info such as name, employee number, etc... Once the feedback form is complete, the user selects 'SUBMIT' and all in the world is fine.

HOWEVER, uppermanagement has tasked me with 'PRE FILLING' the user's information into the Feedback Form. Can someone please direct me in the right direction so that I can attain "User Data" from their email? Is it possible to send variables within the link to the feedback form, so that the feedback form can have certain fields populated? I have researched beyond belief and the duedate is drawing near. Any help would be greatly appreciated!

Thanks!

YES, YES, and YES.

Hopefully you are working with a database. AND, the database hold all pertinent info such as password, id, email, name etc. . . .

you will create a handle page that will be the page they are sent to from their email. The link provided will pass a variable that will be used by your handle page to look up info, and then access data to pre-fill the form data. Sounds simple.

I use php most the time so this is rather simple with mysql.

your handle page will generate text boxes that will hold the text info.

SAMPLE:

<textarea name=name wrap=VIRTUAL rows=10 cols=40>Client First name</textarea
<textarea name=last wrap=VIRTUAL rows=10 cols=40>Client Last Here</textarea>
<textarea name=desc wrap=VIRTUAL rows=10 cols=40>Client Desc Here</textarea>

These fields will be filled by your variables/arrays of the users data collected from the database.

in php the code could go something like this:

print("<textarea name=name wrap=VIRTUAL rows=10 cols=40>");
print($myUserName);
print("</textarea>");

then repeat that for all text variable you wish to auto-fill.

SECURITY ISSUES.. .

If you are using scripts that will auto-fill personal information, you are going to want to have your login protected and only accessible by the right people. For instance you don't want a page, that you can randomly pass variables that will allow a bot, or user to guess email addresses and then get user id, name, and email info. example:

a page that is passed a variable through the href link looks like this:

http://www.yoursite.com?id=asamplename

this uses the variable id
it is assigned the value of 'asamplename'

I would suggest that your link from your email refers them to a login page. The login page will handle their user id, password etc.

With that collected data you can then feel better knowing that vital information has not been sacrificed.

If you are able to use ASP to do your form,you can use the links as above
In an asp form you would need only use an output directive to populate the forms values.
heres an example

Provided you don't pass sensitive data (ex: passwords)in theese links this method is very effective.