By default if a user is logged into Sitefinity a form submission will save their UserId to sf_form_entry, and thus the backend form responses show their username.
However it's not uncommon to want to have a form for anonymous submission. Maybe you want a whistleblower form or something.
The problem though is there's nothing in the UI to allow for this, and moreover there's only 2 events in the Forms EventHub. Created (Already saved to the database) and Updated (...entry updated). Neither allow data to be manipulated before save.
So very simply this runs a parameterized sql query to update that userid to a Guid.Empty anonymous user right after the entry is created. Feel free to blow all of the whistles.
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Linq;
using System.Text;
using Telerik.Sitefinity.DynamicModules;
using Telerik.Sitefinity.DynamicModules.Model;
using Telerik.Sitefinity.Forms.Model;
using Telerik.Sitefinity.Modules.Forms;
using Telerik.Sitefinity.Modules.Forms.Events;
using Telerik.Sitefinity.Security.Claims;
using Telerik.Sitefinity.Utilities.TypeConverters;
using Telerik.Sitefinity;
using Telerik.Sitefinity.Model;
using Telerik.Sitefinity.Data.Configuration;
using System.Data.SqlClient;
using System.Data;
namespace SitefinityWebApp.EventHub
{
public static class Forms
{
public static void FormEntry_Created(IFormEntryCreatedEvent entry)
{
var formTitle = entry.FormTitle;
if (formTitle.ToLower().Contains("[anon]") || formTitle.ToLower().Contains("[anonymous]"))
{
var entryId = entry.EntryId;
try
{
//Wipe the userid
if (entry.UserId != Guid.Empty)
{
var connectionString = Telerik.Sitefinity.Configuration.Config.Get<DataConfig>().ConnectionStrings["Sitefinity"].ConnectionString;
var sql = @"UPDATE [dbo].[sf_form_entry]
SET [user_id] = '00000000-0000-0000-0000-000000000000'
WHERE id = @id";
using (var connection = new SqlConnection(connectionString))
{
using (var command = new SqlCommand(sql, connection))
{
command.Parameters.Add("@id", SqlDbType.UniqueIdentifier).Value = entryId;
connection.Open();
command.ExecuteNonQuery();
}
}
}
}
catch (Exception ex)
{
//Handle the error
}
}
}
}
}