The form-filling process will abide by a scripted read-only setting, but unless the file is encrypted, Acrobat's editing tools can change anything.
Equally, if you haven't set document security, the user could go into form design and change whatever they wanted.
Thanks for the reply. On this advice...
I set the password security to Encrypt all document content.
I have also restricted permissions to fill in form fields and existing signature fields.
I can still modify the text box content with the text selection tool?
You have not updated the copy of the form in memory until you close the PDF and reopen it.
Thanks for the reply, But I am aware of this.
I have closed the pdf and reopened it and I am still able to modify the field content with the text selection tool?
Please see the signed version I have uploaded and try modifying the field yourself, you shouldn't be able to do it as the field is set to readonly once signed!
Unless there is some other encryption I'm missing I don't know what i am doing wrong.
1 person found this helpful
I tried accessing the document, but it doesn't look like you published it so that anyone can access it.
Sorry George try now i have published both links now.
This is definitely a bug! What you haven't said is that there is a code attached to the Mouse Down event of the text field that ultimately causes the field value to change, depending on which item the user selects from the popUpMenu. Since the field is read-only, the code should NOT be getting triggered, and the fact that it does is a big bug. You could modify the code so that it doesn't execute if the field is read-only, but this still should be fixed.
I once tried to bring up an issue where the text select tool copies the field value rather than the formatted value, and this was brushed off. I hope you have better luck. The fact is the read-only flag is really a "Do not allow interaction with the user" flag according to the PDF spec, so you have a very strong case that this should not be happening. Please report this!
Edit: changed "...the code should be getting triggered..." to "...should NOT be getting triggered...
Thanks for the feedback, thousght i was gong insane!
I work with a high end security area and need to fix this so i will report it.
I did fix this previously by changing the type of field to a selection field, this seems to fix it but means i have to go back and rewrite some of my script.
The way you chose to do this is a bit unusual. I would have been inclined to use a button to trigger the script on Mouse Up, and place the response in a read-only text field. You can leave it as a text field and just do a check to see if the field is set to read-only, and only proceed with the rest of the script if it isn't.
When you report this, leave any talk of security out of it as it may just confuse the issue. Security has nothing to do with it. The issue is the behavior of text fields (and maybe other field types as well) that are set to read-only that respond to mouse actions when the Select Text tool is active. Any scripts simply should not be getting triggered when the field is set to read-only.
I hear what you are saying George, the scripts i use are a lot more complex than the one i have shown here, I just wanted to get the point across as easily as possible. I will look into your suggestion though and check the field is set to read-only.
I sent the report off a few hours ago.