705 comments found.
Hi – I am getting an error message when trying to submit my license code.
On the “LICENSE REGISTRATION” page, I enter my code and click “Submit Purcahse Code”. I get a message that says settings saved but then a red line of text appears under the license key saying “Failed to connect. Please try again”. It maybe that our hosting firewall is blocking the request. Can you help me explain to them what to enable in the firewall if you think that’s the issue?
Hello
Yes, your firewall is very likely the issue. You need to allow bi-directional curl/WP remote requests. you will likely find other licensing communication issues with plugins without allowing normal WP functionality.
I’m getting a failed to connect even from my local machine. How can I troubleshoot this?
This is what I’m seeing in the logs
[11-Oct-2021 03:17:07 UTC] WordPress database error Table ‘wp.wp_gf_rest_api_keys’ doesn’t exist for query SELECT COUNT FROM wp_gf_rest_api_keys; made by require_once(‘wp-admin/admin.php’), require_once(‘wp-load.php’), require_once(‘wp-config.php’), require_once(‘wp-settings.php’), do_action(‘init’), WP_Hook->do_action, WP_Hook->apply_filters, GFForms::init, GF_Upgrade->maybe_upgrade, GF_Upgrade->upgrade, GF_Upgrade->post_upgrade_schema, GF_Upgrade->set_upgrade_ended, do_action(‘gform_post_upgrade’), WP_Hook->do_action, WP_Hook->apply_filters, GFWebAPI->post_gravityforms_upgrade, GFWebAPI->maybe_upgrade_schema, GF_Upgrade->dbDelta, dbDelta, apply_filters(‘query’), WP_Hook->apply_filters, WSAL_Sensors_Database->EventDropQuery, WSAL_Sensors_Database->check_if_table_exists [11-Oct-2021 03:20:23 UTC] PHP Warning: First parameter must either be an object or the name of an existing class in /site/wp-content/plugins/gravity-forms-encrypted-fields/gfef.php on line 2870 [11-Oct-2021 03:20:23 UTC] PHP Warning: First parameter must either be an object or the name of an existing class in /site/wp-content/plugins/gravity-forms-encrypted-fields/gfef.php on line 2871 [11-Oct-2021 03:20:23 UTC] PHP Warning: First parameter must either be an object or the name of an existing class in /site/wp-content/plugins/gravity-forms-encrypted-fields/gfef.php on line 2872 [11-Oct-2021 03:20:23 UTC] PHP Warning: First parameter must either be an object or the name of an existing class in /site/wp-content/plugins/gravity-forms-encrypted-fields/gfef.php on line 2874 [11-Oct-2021 03:20:23 UTC] PHP Warning: First parameter must either be an object or the name of an existing class in /site/wp-content/plugins/gravity-forms-encrypted-fields/gfef.php on line 2875 [11-Oct-2021 03:20:23 UTC] PHP Warning: First parameter must either be an object or the name of an existing class in /site/wp-content/plugins/gravity-forms-encrypted-fields/gfef.php on line 2876 [11-Oct-2021 03:20:23 UTC] PHP Warning: First parameter must either be an object or the name of an existing class in /site/wp-content/plugins/gravity-forms-encrypted-fields/gfef.php on line 2877 [11-Oct-2021 03:20:23 UTC] PHP Warning: First parameter must either be an object or the name of an existing class in /site/wp-content/plugins/gravity-forms-encrypted-fields/gfef.php on line 2878
Did you uninstall gravity forms? The plug-in requires gravity forms.
These errors sound like your basic WP install has some issues missing some basic functionality. You may need a fresh WP install.
No, I didn’t uninstall Gravity Forms. I am getting this error after digging into the plugin code: WP_Error Object ( [errors] => Array ( [http_request_failed] => Array ( [0] => cURL error 60: SSL certificate problem: certificate has expired ) ) [error_data] => Array ( ) [additional_data:protected] => Array ( ) )
Can you check this on your end?
Could be related to this issue? https://wordpress.org/support/topic/failed-to-request-via-wordpress-curl-error-60-ssl-certificate-problem/. Sending this to our hosting team.
Possibly related yes.
We have checked and I ur license server is up and responding to all requests.
The certificate problem was the issue. I had to manually update the crt file in our Wordpress install with the one here and everything is working again. https://github.com/WordPress/WordPress/blob/master/wp-includes/certificates/ca-bundle.crt
Hi! We are wanting to be able to encrypt/hide the html block content on the front end, from dev tools and source code etc… We are wanting these fields only to appear in the generated pdf based on specific conditional logic – which is working fine, except that all the html block text is viewable in the main page code and we want to hide this. Is this plugin able to do this? Thanks
Hello
Set a CSS class on the helm field and hide it with css . Our plug-in does not hide fields , it encrypts submitted data
We have a need to collect uploaded images of voided checks and driver license which needs to be protected from public view so we are compliant. I see that you are not encrypting uploaded files and we do not want link a third party service like drop box adding an additional step to retrieve files then match them up manually which with our volume is not feasible. Are you planing to make this feature to encrypt uploaded files? Do you have any custom development options available to protect uploaded files with encryption or password or hid from public securely so search engines do not index? Can we be compliant without protecting the uploaded files?
Hello
There are no current updates for file encryption. It may come in the future but not any time soon if ever. You can use a secure service like the Dropbox method, or secure send yourself the files via TLS and auto delete the files from your weberver.
Following is some info and suggestions:
GF natively hides files from public folders.
With DL and check this seems as it is a one time verification step which you could use the secure sending and auto deleting from server to accomplish, but if you need to store the files long term, an in house secure storage or third party encrypted file service would be far better over storing on your web server. Naming the email or file itself with easy corresponding entry markers can make for easy comparison.
We have previously set up a password secured (encrypted) PDF (gravity pdf) to include the uploaded images and emailed it to admin with the name matching the Entry_id and date and first name. The file is then taken and stored locally offline for reference. The uploaded images are set to auto delete after submission from the web server.
We have not looked into expanding this to simply save a copy of the encrypted pdf to the server instead of emailing it, but I would imagine this should be entirely possible with very little developer customization. This would likely be far more simple for image only files as they can be embedded in the pdf and pdf is widely web supported for viewing.
thanks for the reply. I like the process of images merged into a password protected pdf and think this will meet compliance for us. You mentioned previously this was available, but Is this currently available in your plugin and can you provide me documentation for how to accomplish that ?
Hello
This pdf feature as described are accomplished through the gravity PDF plugin.
did you write custom functions to accomplish this or was it built into gravity pdf?
Hello
It is a very simple custom template for a PDF that can embed/php echo uploaded images to PDF from a multi file upload field. Then you can attach the PDF file to the notification email (or save it to the server.. see their docs for this) and can set the file uploads to delete from the server after submission with our plugin. you cannot regenerate the PDF from there as the files are gone. Please refer to the gravity PDF plugin documentation and support for help with this. There is an example of embedding uploaded images to PDF. https://docs.gravitypdf.com/v6/developers/php-form-data-array ..see the “file upload” section for some sample code for custom template where field ID 48 is a multi file upload field
/* Add images to PDF */
if ( is_array( $form_data['field']['48_path'] ) ) { /* make sure you use the PATH */
$allowed_extensions = array( 'jpg', 'jpeg', 'png', 'gif' );
foreach ( $form_data['field']['48_path'] as $path ) {
$extension = strtolower( pathinfo( $path, PATHINFO_EXTENSION ) );
if( in_array( $extension, $allowed_extensions ) && is_file( $path ) ) { /* verify path has an image extension and it exists on the server */
echo '<img src="'. $path .'" width="200" />';
}
}
}
the PDF security options are then directly available through the PDF settings for the form.
Hello. I have to keep reactivating the license on this plugin. The client keeps emailing me saying the fields say hidden. I have to go in a reactivate the license and I’m not sure why this is happening.
Hello
Please update to latest plug-in version 5.9.1
The instruction states the following:
“Async mode still adheres to the view permissions settings, so a user must also have view permissions to the specific data on top of having the async password.”
I have a problem setting this up correctly. Async is on, Limit User/Role View Permission Lists is set, I even tried to set a User Lockout List: lockdown
Doesn’t matter what settings I tweak, any logged in user that has Encryption password is able to decrypt all fields. It seems like Async Encryption password overwrites all view permissions. What am I missing?
Hello
You are correct in this. This instruction not being updated from previous beta mode asynch. It is corrected now in new version for plugin 5.9.1 just being released.
With Asynch a user must be logged in and simply either has pass or not.
Thank you for a quick reply and for clarification on that one. So then this feature is only useful for one user or is it possible to have a unique encryption password for each user?
I have another question, trying to use merge tags in Gravity PDF template.
Since the {gfef_decrypt_ALL+} merge tag ignores permissions, then it can not be used for PDF viewing/downloading because all users able to see all fields when they view/download the PDF. Is this correct?
I was not able to use the {gfef_decrypt_ALL+_USER}, it simply states “Encrypted Field Restricted” on encrypted fields for all users, regardless of access level. What am I missing?
Thanks.
Hello
Are you using asynchronous mode? Decrypted tags do not function in asynchronous unless an asynchronous logged in user initiated the action. (Ie: generates the pdf , sends the notification , etc) There is no decryption for anything outside of a user logged in in asynchronous mode. There are also no user level permissions in asynchronous. This is covered under the asynchronous instructions.
This is part of the modes inherent operation because you cannot decrypt anything whatsoever without the asynch key and the encrypted asynch key is not useable without the user logging into asynch mode with the password. So the only time any encrypted data can be decrypted for any purpose is by a logged in user who is logged into asynch mode with the pass.
Hello
For sending out PDF on initial submission please refer to asynch mode instructions on using the “process feeds and add-ons before encrypting” method . You can send standard notifications on submission including attaching pdf version at that time. Then Any resend of the data or regenerate pdf requires asynch log in after the data is encrypted.
Asynch only has one password. Any user with permissions to view entries who has asynch pass can access via asynch mode login. Can be many users. Just use same pass.
Hello,
Asynchronous mode is off. We can’t use it due to several editors managing the form entries.
PDF are not sent out, PDF accessed by editors from the single View Entry page, this is where the encryption/decryption fails when using merge tags.
Hello
With asynch off. Correct the decrypt all tag always decrypts . The user tag pends view permissions of the individual user . Have you confirmed the users can view the fields with current permissions based on viewing the entry ?
..also, this would apply to entries moving forward. It does not decrypt anything encrypted with asynch or any other mode/pass/etc
I am testing user that is an editor, has all rights to the GF forms except the settings.
username: test1
Limit User/Role View Permission Lists: empty
User Lockout List: lockdown
User/Role Access List: list of other users, but not test1
OpenSSL: selected
Async: off
Admin Area Only Viewing: checked
Merge Tag Filter Bypass: unchecked, the green message says ( MERGE TAG RESTRICTED DISPLAY FILTER IS ON)
Decrypted Merge Tags: ALL:ALL+, ALL:ALL, ALL:ANY, ALL:ALL+:U, ALL:ALL:U, ALL:ANY:U, ALL:ANY:X
The form has a field, it has Encrypt field value checked, and “User/Role View Permission” has the username: test1 User Owned Field: unchecked
New form entry submitted on the front end by the user who was not logged in.
On the single view page, the fields stating: “Encrypted Field Restricted” for any user, including test1, view PDF link clicked. The PDF template has the following merge tags:
{gfef_decrypt_ALL} – decrypts all fields for any user
{gfef_decrypt_ALL+} – decrypts all fields for any user
{gfef_decrypt_ALL_USER} – does not decrypt for user test1 or any user
{gfef_decrypt_ALL+_USER} – does not decrypt for user test1 or any user
According to the plugin logic and instructions, the user test1 should be able to view the decrypted data on the single entry view page and using the {gfef_decrypt_ALL+_USER} merge tag, is this correct?
Hello
The lockout list overrides any single field view permissions. Then the access list overrides the lockout list. The individual field setting is the lowest permission level.
The user needs to be listed in the access list of you have locked everyone out on a global level with “lockdown” in the lockout list.
There is a section called “Understanding the view permissions flow” in the instructions that details the permissions hierarchy.
Please let us know if changing your permissions flow does not solve the issue.
Thanks for pointing to that section. Per instructions, added user test1 to User/Role Access List. As a result, fields on the single page view are decrypted, but the merge tags {gfef_decrypt_ALL_USER} and {gfef_decrypt_ALL+_USER} are still not decrypting. The form has a new entry after settings changed.
Hello
Have you checked the dev site for any plug-in conflict in error reporting when generating the pdf?
We can verify that the custom user tags function the same as other custom tags in pdf generation.
Be sure to update to latest GF and latest gravity PDF and our plug-in version 5.9.1
The problem resolved by unchecking the “Admin Area Only Viewing” checkbox. FYI, Viewing/downloading PDF is done from the Admin area.
Hello
Yes, this would make sense. Although pdf links are in GF admin area, the page they link to in order to view or download which processes/generates the pdf is not an admin area page. The normal decrypt tags function because they are not permissions based, while the user tags do not because they add permissions, which includes the admin area only permission setting for all users.
Generally speaking leaving permissions available on the front end is perfectly fine as devs have full control over what is displayed or accessible from the front end.
Hi, we’ve enabled encryption and followed instructions. Notification emails are showing fields as encrypted (correctly). But, all users who log in to the site are able to view unencrypted data in form entries.
We only provided two specific users with unencrypted view access in the settings page. We did not list any roles with this access in the settings. We created a separate demo user who has moderate privileges and this user was still able to see unencrypted data. Did we do something wrong?
Hello
What users did you restrict? All users have access unless otherwise restricted. Please review #6-9 of plug-in setup to cover view permissions flow.
If you only want 2 users to have access you should use “lockdown” in the lockout list and the 2 players usernames in the access list
Hope this helps 
Well clearly I did not read the documentation clearly enough. I mistakenly assumed it was default “lock all”. Entering lockdown worked. Amazing/fast support though, thanks!
Happy to help 
Is there a way for this plugin to allow the fields in WP-ADMIN to be encrypted/hidden but the email version still show the actual values?
Hello
Yes, you would just use the plugins decrypted merge tags to send out decrypted field data in the notifications/confirmations.
You then would want to also restrict who could access gravity forms and/or resend the notifications.
Hi,
We’ve installed and setup the GF Encrypted Fields plugin. Where we use the Decrypted Merge Tag to show fields on the notifications. The merge tags are unlocked using the Universal Unlocks. We also have multiple user admin who manages the forms.
The fields are showing on the notification as expected, but when we view the Entries through GF, the encrypted fields are empty. I can see the encrypted entries on the “wp_gf_entry_meta” table.
When we tried the Decrypt Tool the encrypted fields in the “wp_gf_entry_meta” are deleted and what remains are the field values that are not encrypted.
Please help use resolve this.
Cheers,
Hello
What encryption type are you using?
The decrypt tool should not be used unless the current key/pass combo is successful in decrypting/making readable the data while viewing entries. The tool does state this explicitly.
Hello
I assume you are still testing in a development site with test data, but if you needed to recover the deleted data (from unsuccessful decryption) you can just do a quick DB restore from previous to your decryption run from the backup(s) you made beforehand according to the tool instructions.
For your viewing data issue, it sounds as if whoever set up the plug-in may have for some reason used the “Encryption password override” setting. This setting is not to be used in setup and does explicitly instruct that it should not be. Please check this setting and remove any entry. reading this settings instructions will explain what it is for and when it is useful as well as why this behavior is expected to occur if the setting is used. The encrypt / decrypt tool instructions detail why you cannot successfully decrypt data if the password override is currently being used and the specific data you are decrypting is not viewable or decryptable as it was not encrypted under that override password.
Please be sure to take the time to follow all initial setup and setting instructions as they do detail usage and behavior. on a live site, incorrect usage of the encrypt/decrypt tool can delete actual form data. Of course this is also very easily recoverable with a simple DB restore, but it is easily avoidable.
thank you for your response.
We’re using “OpenSSL” for encryption type.
We used the decrypt tool to check if the data will be decrypted, this way we eliminate the possibility that the issue is only on the frontend (GF entries).
Yes, the current issue is on a staging environment, so no actual data is involved. but the issue got us worried because we have another GF Encrypted Fields plugin on a production site with live data to be encrypted.
We will try to remove the Encryption password override”, and we’ll give an update.
Hello
Sounds good. If the issue is not resolved please contact us via our contact form (click our user name) and we can work to look at your setup to determine the issue
When adding the purchase code to the license screen we are getting a “Failed to connect, Please try again” error, meaning we can’t enable the plugin we just purchased.
Hello
Are you behind a proxy or on a server which is not www connected? These are disallowed for activation. Your server must be online snd not behind firewall/proxy restrictions/masking.
Alternately, what location/web host are you connecting from? Our licensing server uses standardized black listing for known problematic ip ranges/servers and we do not override this for any circumstance. If correcting the above does not resolve your issue, you can request a refund through your envato account which we will promptly approve.
hello. if i go into a form and turn off encryption for a field that has been encryped, will all the existing values for this field in this form be decryped, or does it only apply to new entries? I need to decrypt one field in a form, including all existing entries. i looked at the tool – should i enter “decrpyt”, form id, leave entry id blank, and put the field id in the last field?
Hello
Database decryption is only done through the encrypt/decrypt tool. It sounds correct for your suggested use but always follow directions and back up your DB.
Field encryption settings only apply to new entries.
perfect ! thank you
You will want to specify a batch size for number of entries to process and utilize the offset if more than 200
ok. the form has about 3000 records in total. so i just need to do it in batches of 200?
Correct. You could override the limit in the code but it’s not advised as it can cause server timeout issues pending your server
Hi
I have a form with an email field that has the encrypted field checked.
Upon submission, the following error is displayed (and I cannot hide it even by setting errors to be hidden in the WordPress config.php file).
Notice: Trying to access array offset on value of type bool in /path/to/plugin/gravity-forms-encrypted-fields/gfef.php on line 2197
I’m running WordPress 5.8, PHP 7.4.23, Gravity forms 2.5.9 and Gravity Forms Encrypted Fields 5.9
I have recreated the form from scratch but still the same issue
Any ideas? I really need this sorted.
If you don’t know the answer is there any way to suppress the notice issues to anonymous visitors for the short term (as mentioned above restricting errors in the WP config.php does not help)
Thanks
Hello
Are you sending out a notification to this encrypted email field?
What other GF add one are running that are using the email field on submission?
Im sending an email to the Admin account only (other forms on the site do have an email going to the submitter and also have the same error notice). All fields are included in the admin email with the submitter email field being among them. No email goes to the user.
Im also using the Gravity PDF plugin on another form on the site but the issue occurs on all of the webforms.
The piece of code that php reports the problem is below (gfef.php). I was wondering if the line ’$config = GFUser::get_active_config($form, $entry); ‘should be commented out? Note that if I temporarily remove this code notices disappear.
add_action(‘gform_after_submission’, ‘gfef_delete_active_form_entry_files’, 109, 2);//adjusted for process order pre stripe checkout 99999999 -> 109 function gfef_delete_active_form_entry_files($entry, $form) { $config = false; if (class_exists(‘GFUser’)) { //$config = GFUser::get_active_config($form, $entry); $config = gf_user_registration()->get_config($form, $entry); } if (!$config[‘is_active’]) { $entry = GFAPI::get_entry($entry[‘id’]); gfef_delete_form_entry_files_ip($entry); } }
Hello
Please send us an email from our contact form (click our user name) and we will send new code for you to try as possible release solution.
Thank you
Thanks – email sent
-Resolved : pending plug-in update
Thanks for the report on the notice 
Hello, if i encrypt a field in the gravity form and send it is value to the client by SMS “twillio add-on” it will be sending as encrypted or decrypted message?
Hello
This depends on when and how you send the value. In most cases you can decide what to decrypt and when.
If this is at/during submission, you can send out the sms decrypted by simply not encrypting any certain fields needed until after the submission process (feeds and add-ons) are completed.
Or , for both during submission and after , if the sms template sent out uses GF merge tags , you can use the plugins decrypted merge tags to place decrypted field data in it to be sent out whenever.
Hope this helps 
Thank you for your fast response.
Actually I am using the value as OTP, and will be sent after a certain step (Using Gravity Flow), and yes I am using the GF merge tags.
Are you offering a refund if i test it and it doesn’t work? If yes I will buy it and try if this will works fine with me.
Please be noted that for the OTP field I am using Populate Anything by GravityWiz.
Hello
You can certainly always request a refund through your envato dashboard if you find the particular flow does not work for you.
Relying on passing encrypted values through many other plugins in certain ways is always open for conflicts if the unencrypted values are relied on for any functionality. If it is just a random field that the other plugins do not need to access decrypted to function then the functionality to print it out decrypted using our decrypted merge tags should generically always work where general GF field merge tags are accepted as long as the plug-in adheres to gravity forms standardized GFAPI to get field data.
Also, pulling the data decrypted should be functional for any user who has field viewing permissions to see it decrypted if the plug-in adheres to the GFAPI
I’m using the Gravity View search function for an entry claim process on a website, and it looks like it’s not possible to search by encrypted fields right now. Is that still the case, or is there a workaround?
Correct
Search of encrypted fields in gravity view is not available currently. It’s only possibly in main GF functionality. We have worked with them on this in the past but some limitations still in place prevent us from implementation still.
hello. question about licenses. i currently have two sites licensed nusgra.org.uk and newcastleproms.co.uk
i wish to remove the license from nusgra.org.uk but i no longer have access to the wordpress site (its been deactivated)
when i review my licensing screen on newcastleproms.co.uk and can see that the nusgra site is still listed and i cant remove it. please can you do this?
It will stay active until you attempt to activate on another website if you update to latest plug-in version. Latest version will let you deactivate the website if it is inaccessible upon activation of a new site
Hi
I have a form with an email field that has the encrypted field checked.
Upon submission, the following error is displayed (and I cannot hide it even by setting errors to be hidden in the WordPress config file).
Notice: Trying to access array offset on value of type null in /path/to/plugin/gravity-forms-encrypted-fields/gravity-forms-encrypted-fields.php on line 1845
I have recreated the form from scratch but still the same issue
Any ideas?
Thanks
Hello
Are you using latest plug-in version 5.9?
Hello! Thank you for the plugin! But i found 2 very important limitations: 1. Search by encrypted fields doesn’t work 2. Draft submissions doesn’t encrypted Hope you will fix it in upcoming release. Thank you so much in advance! Serge
Hello serge
Please utilize the “native search permissions” option in the settings page to search encrypted fields.
“Draft submissions” is unclear. We support the “partial entries” with encryption.
Hello!
Thank you so much for the quick answer!
1. Native search helps. Thank you!
2. Sorry, _draft_submissions — table name for partial entries. Does it should be encrypted by default? I’ve checked again — for my setup not: data saved ‘as is’, without encryption.
Thank you so much in advance!
Serge
Hello
The fields must have encryption turned on and would encrypt entries moving forward. Does not retroactive
Hello! I understand this. Encryption tuned on 2 weeks ago, all is ok in wp_gf_entry_meta table, fields for which Encryption turned on really encrypted. But in wp_gf_draft_submissions table values of encrypted fields saved as is, without encryption
Is normal encryption active, or encryption after submission is processed turned on?
For all encrypted fields ‘Encrypt After Submission is Processed’ checkbox not checked
Hello Which GF /WP/plug-in version?
Sorry, I’ve mixed 2 settings: Partial entries & Save and Continue. The problem concerns the last (save and continue). When Save and Continue button clicked in the form data stored to ‘wp_gf_draft_submissions’ table as json (filed ‘submission’) with 2 sub-arrays (sub-trees): ‘submitted_values’ and ‘partial_entry’. Fields with encryption enabled stored encrypted in ‘partial_entry’ sub-array but as is in ‘submitted_values’ sub-array. See example:
{ “submitted_values”: { “3”: “test”, “4”: “test”, “5”: ””, “8”: “01/01/1970” }, “partial_entry”: { “3”: “GFEncrypt: 337512902c7fb6cf0911173046Y3U5T3VJdmJUc1B0NVNZZkNFSmVtSFM5ckZvQlBVY2d1SjFFd2l0dEhsND0=”, “4”: “GFEncrypt: 5e4f6944dcb824330b236708a7OFJ1aGJITVBlcDEwdGRKc01pR0tKZz09”, “8”: “GFEncrypt: 0fe4957c7c16469c6162461cf9Y05jZTIwbGx0S1BTb01ZbVA1NHIwdz09” }, “field_values”: ””, “page_number”: “1”, “files”: [], “gform_unique_id”: “610188b1549ef” }
Versions WP: 5.8 GF: 2.5.9 Plugin: 5.9
Hello
The plug-in does not support encryption on save and continue operation. Only partial entries are supported. I will suggest to dev team to look into possible plug-in option based support of encrypt for entire Json object of saved entry and decrypt on continue. This appears it would be potentially a simple implementation given the json object is not over size of server limitations to process.
If you would like to help with dev and possible/potential release of this feature, please contact us through email form on our author page (click user name) and send contact info with mention to save and continue support please
UPDATE
New in version 6.0 Added suppot for encrypting the “Save and Continue” option data per form. (Partial entries and Save and Continue are now both supported.) Tested on WP 5.8.2
Is it possible to encrypt the file upload location string in the database?
Hello The file upload location is obscured by GF as the default. You could use the encryption functions with a custom snippet to further encrypt it though.
Can you share an example of that snippet?
EX: function your_function_name($file_path, $field) { return gfef_text_encrypt($file_path, $key) } add_filter( ‘gform_fileupload_entry_value_file_path’, ‘your_function_name’, 10, 2 );
you would then choose the time and place (using the appropriate GF filter when retrieving the data as desired) to use the provided “gfef_text_decrypt($text, $key)” function to output the useable link again. It should be relatively quick and easy for a dev to write this up for specific user access pending your intended functionality.
we do not assist with users custom programming, but i think this may be a useful feature to possibly implement for release in order to be able to give only specific users access to file downloads. Granted, this assumes that your other users cannot access your web server via FTP/SSH etc to directly access the files outside of WP. I will run it by the team.
using the gform_permission_granted_pre_download filter would likely be a simple shortcut to skip writing custom validaton or encryption unless you would like the actual string in the database encrypted in case or breach.
for this reason and others, we do reccommend simply using a third party uploader like dropbox as it can simply delete the local file copy and you can auto set permissions or passwords to uploaded files using the available options and/or filters and a few lines of code, or just give access when and where you would like with dropbox’s regular sharing links etc.
Hello
I believe you may have receive this information from another developer. Perhaps those of the Gravity PDF plug-in?
I have a form that a user will need to re-submit on a regular basis. I will be using information from their previous entry and pre-populating the form using Gravity Perks Populate Anything. Since they are the user that submitted the form will they be able to view those values, will the form fields pre-populate correctly, or will it be encrypted if Admins are the only one’s with view permissions?
Hello
You can give the original submitting user access to view their own submitted data unencrypted by using the option in the encryption settings within the needed fields. If the user is logged in it should pull unencrypted for them to populate the fields.
Hi, Can I export a spreadsheet with the encrypted data and then decrypt it after it’s downloaded? Thanks!
Hello
Gravity Forms can export in CSV format. If you leave the data encrypted in the CSV you would need to build a system to decrypt it based on our encryption. our plug-in for GF does not decrypt data outside of gravity forms.
Generally you would just download the CSV with decrypted data over SSL when you want to have a readable spreadsheet format file. You could then store the file in protected storage, if not used for printing etc. and then deleted.
Could you build a system to decrypt it and how much would that cost?
Also, is there a way to create a user whose only role is to read the decrypted data on the site? Can I adjust the admin role so that the admin can’t read the decrypted data?
And how long would it take to build the system?
Hello
You can simply only give one user (any user) the ability to see data decrypted, but this user must be able to access the GF entry data. you can exclude whoever you want from seeing it (including admins) .
For building a system to decrypt the data after downloading it encrypted, I am wondering what the purpose of downloading the data encrypted is? Why not just give only the intended persons the decrypted CSV data to begin with instead of making them decrypt it? The intended flow and environment of your process is not known, so one would be guessing at what it would involve to build anything.
If we were to suggest a system already in place, it would be as simple as giving the intended person(s) the ability to log into WP and download the specific data decrypted. A plug-in like Gravity View can moderate which entries they would have access to based on whatever entry marker /selection etc.
I hear what you’re saying – that makes sense, thank you. Is the data stored in the website database in an encrypted or decrypted format? If someone, without permission, gained access to the server, would they be able to take the decrypted details from the database? Thank you,
p.s. The user who can access the decrypted data in the dashboard – They can export the entries decrypted, correct?
Encrypted in DB . Yes, users who can access decrypted can export decrypted assuming they have the ability to export entries.