The Scenario:
I have a database of persons in Knack, which besides their name and stuff also holds some other information that is important for us. Each person has an ID which auto increments when new persons are added.
I also have a Form, which I will ask the persons to fill out. We will host the form on our own website and each person will get a unique link. For example: www.mycompany/form/pid/2 for person with ID 2 and www.mycompany/form/pid/3 for person with ID 3 and so on.
I can then collect the person id in the backend (or via javascript, doesn't really matter) and auto fill the person ID in form field, so that the form gets linked (or connected in Knack speach) to the right person.
The problem:
First I find it strange that there is no "hidden" checkbox for fields in Knack and I have to set up a display rule that always returns true to hide that field. But that's not the real problem, just a hickup.
The real problem is, if I add the connected field to the form (person ID) to auto fill it, then, EVERY person ID will get added to the select input. This means, even though I hide the field, if somebody looks at the source code of the page, he could very easily see how many persons are in our database. I don't think that's a good thing.
My original approach was to just provide a dummy short next input field, which I then populate with the person Id from the url and later, with Knack's record rules, I just take that value and place it in the real connected person Id field.
This however does not work, as Knack tells me that there "no eligible field" in the form, when I want to do that.
I am stuck now with two possible solutions that I both don't like:
1. After pageload I iterate through the select html element and remove every option that has not the person Id from the url as its text.
2. I forward the person to another page after form submit, where, serverside, I connect to the Knack API, get the hash of the person ID and add it to the just submitted form.
I don't like these solutions because it adds complexity, which we want to avoid. We would love to keep the system fail safe. Meaning, even if we remove all the eyecandy and other neat things we do with javascript in the custom js section, the form should still work, if we remove it all.
I might have missed something, and I would be happy if anybody could put me in the right direction.
A side note: In the record rules, it would be great to be able to concatenate a custom value with a form value. For example to create a link to a new form where the url would always be the same but the patient id would be dynamical. I can think of a lot of use cases for such a feature. I will open a feature request for that.
Thank you all for your time.