• The browser used: Firefox
• cforms version: 10,6
• Your Wordpress version: 2.8.4

Apologies, the form is in development so I can't post a URL. I'm just trying to create a dynamic form, and the verification isn't working.

It's dynamic so I can change adminTO field. Anyway, here's the code:

$slt_userInfos->ID is the value in a hidden field needed for the adminTO processing. The whole thing works without the verification fields, and if I include the form normally – insert_cform() instead of insert_custom_cform(), configured via the admin area – the verification works. But if I include the verification fields in the custom form, it doesn't submit – keeps being returned as if I've not filled in the verification field, or I've got the answer wrong (I definitely haven't).

Am I including the field wrongly in the above code?

I will have to check into that.

PS: if this is only about changing the adminTO on the fly, you can do that easily and more elegantly (and with ajax support) in my-functions.php (logic routine: "adminTO" setting).

for security reasons I would not include a users ID, however you can include the post ID and then use 1 or 2 WP functions in my-functions.php to retrieve the user ID (based on the page/post ID) and user email.

simply enable (will insert two more hidden fields to your form):

I got the solution: simply don't make the verification or captcha field 'required' – I'll make sure to add something to the code to catch this, but these two fields are by nature required and making them "even more required" confused cforms.

Gyrus said:

Many thanks for looking into this, but unfortunately it doesn't seem to work for me. I'm now using:

array('Security question','verification',0,0,0,0,0)

But it has the same result: "Please fill in all the required fields", even when the answer's right. I'm not sure if accessing the form itself might help, but I can let you access it by privately emailing a link to you, if you think it'll help.

sure, feel free to send the URL via email.

Regarding user ID, I didn't think it would be a security risk for WP user IDs to be known. How about usernames? I don't think there's anything else I can use other than email (which is obviously not a good idea). The enquiry form comes from a page that will have a salesperson assigned to it (via a Custom Field containing the salesperson's ID or username), but that page itself won't necessarily be created by the salesperson.

if the post's custom field contains the info, even better and easier. simply add some code into your my-functions.php that takes the POST ID (see my above post) and retrieves on the fly your custom fields per that post ID and then derive from that the email address.

that way you don't need any info in the form itself about that user.

Gyrus said:

Apologies Oliver, on further testing it looks like the issue was with a subject field that I'd pre-filled and disabled. I didn't realize that I should be using read-only, not disabled – it seems that disabling a field, even if it has a value, stops the form from validating.

correct, disabled fields are by W3C standards not sent back to the server.

Not sure if this is correct behaviour, but I've made the pre-filled field read-only rather than disabled, and the form submits OK now.

depends on what this field is used for.

And thanks for the tip on the hidden user info, I didn't understand your method before!