Unique form submissions in Kentico 12 MVC
When adding forms to websites, there may be occasions where you might prefer to restrict form respondents from making multiple form submissions. It could be that your form represents a method of signing up for an event, registering interest in a topic or webinar, or you might simply prefer that the same email address isn't associated with multiple form submissions.
This topic popped up recently as a question on the Questions & Answers section of the Xperience DevNet portal. If you are new to developing Xperience websites, or you find you are having trouble implementing a certain feature of Xperience, then I highly recommend submitting questions on the Q&A section of DevNet. You can get really good solutions and detailed explanations from the Xperience community, including answers from Xperience MVPs and members of the Kentico Support team.
For this question in particular, I provided sample code which can be used in your Xperience MVC site. This module intercepts a form submission, checks for fields containing the keyword email, and compares the values submitted against values from other submissions to find a match. If it finds a match then the form submission is cancelled and an error is displayed, otherwise the form continues to process as you would expect. You can find the sample code below:
using CMS;
using CMS.DataEngine;
using CMS.OnlineForms;
using DancingGoat.GlobalEvents;
using System.Linq;
[assembly: RegisterModule(typeof(FormGlobalEventsModule))]
namespace DancingGoat.GlobalEvents
{
public class FormGlobalEventsModule : Module
{
public FormGlobalEventsModule() : base("DancingGoat.FormGlobalEventsModule")
{
}
protected override void OnInit()
{
base.OnInit();
// Register custom events
BizFormItemEvents.Insert.Before += Insert_Before;
}
private void Insert_Before(object sender, BizFormItemEventArgs e)
{
var item = e.Item;
// Sanity check to ensure we actually have a bizform item.
if (item == null)
{
return;
}
// Get all column names that contain email.
var columnNames = item.ColumnNames.Where(x => x.ToLowerInvariant().Contains("email"));
// Loop over all column names containing the keyword email.
foreach (var columnName in columnNames)
{
// Get the submitted email address value.
var email = item.GetStringValue(columnName, string.Empty);
// Lookup the current bizform for submissions with the same field value.
var existingEntry = BizFormItemProvider.GetItems(e.Item.BizFormClassName)
.Column(columnName)
.TopN(1)
.WhereEquals(columnName, email)
.FirstOrDefault();
// If it already exists, cancel it (displays an error on the MVC site).
if (existingEntry != null)
{
e.Cancel();
}
}
}
}
}
You might also be interested in...
A practical guide to migrating an Xperience by Kentico site to Kentico SaaS - covering prep, code updates, and your first deployment.
Securing sensitive data is essential in modern CMS platforms. ASP.NET Core provides the Data Protection API (DPAPI) to help simplify encryption, decryption, and key management. DPAPI is used in many features, including ASP.NET authentication, so even if you're not using it directly, it is important to understand the basics.
I have published my first Umbraco related article in the calendar, 24 Days in Umbraco. It provides insights for newcomers, some tips on how to get started. Read more about the article.