Code

Discussion on Gravity Forms Encrypted Fields

Discussion on Gravity Forms Encrypted Fields

Cart 3,529 sales
Recently Updated

PluginOwl supports this item

Supported

This author's response time can be up to 5 business days.

705 comments found.

Hi – I am getting an error message when trying to submit my license code.

On the “LICENSE REGISTRATION” page, I enter my code and click “Submit Purcahse Code”. I get a message that says settings saved but then a red line of text appears under the license key saying “Failed to connect. Please try again”. It maybe that our hosting firewall is blocking the request. Can you help me explain to them what to enable in the firewall if you think that’s the issue?

Possibly related yes.

We have checked and I ur license server is up and responding to all requests.

The certificate problem was the issue. I had to manually update the crt file in our Wordpress install with the one here and everything is working again. https://github.com/WordPress/WordPress/blob/master/wp-includes/certificates/ca-bundle.crt

Hi! We are wanting to be able to encrypt/hide the html block content on the front end, from dev tools and source code etc… We are wanting these fields only to appear in the generated pdf based on specific conditional logic – which is working fine, except that all the html block text is viewable in the main page code and we want to hide this. Is this plugin able to do this? Thanks

Hello

Set a CSS class on the helm field and hide it with css . Our plug-in does not hide fields , it encrypts submitted data

We have a need to collect uploaded images of voided checks and driver license which needs to be protected from public view so we are compliant. I see that you are not encrypting uploaded files and we do not want link a third party service like drop box adding an additional step to retrieve files then match them up manually which with our volume is not feasible. Are you planing to make this feature to encrypt uploaded files? Do you have any custom development options available to protect uploaded files with encryption or password or hid from public securely so search engines do not index? Can we be compliant without protecting the uploaded files?

Hello

This pdf feature as described are accomplished through the gravity PDF plugin.

did you write custom functions to accomplish this or was it built into gravity pdf?

Hello

It is a very simple custom template for a PDF that can embed/php echo uploaded images to PDF from a multi file upload field. Then you can attach the PDF file to the notification email (or save it to the server.. see their docs for this) and can set the file uploads to delete from the server after submission with our plugin. you cannot regenerate the PDF from there as the files are gone. Please refer to the gravity PDF plugin documentation and support for help with this. There is an example of embedding uploaded images to PDF. https://docs.gravitypdf.com/v6/developers/php-form-data-array ..see the “file upload” section for some sample code for custom template where field ID 48 is a multi file upload field /* Add images to PDF */ if ( is_array( $form_data['field']['48_path'] ) ) { /* make sure you use the PATH */ $allowed_extensions = array( 'jpg', 'jpeg', 'png', 'gif' ); foreach ( $form_data['field']['48_path'] as $path ) { $extension = strtolower( pathinfo( $path, PATHINFO_EXTENSION ) ); if( in_array( $extension, $allowed_extensions ) && is_file( $path ) ) { /* verify path has an image extension and it exists on the server */ echo '<img src="'. $path .'" width="200" />'; } } } the PDF security options are then directly available through the PDF settings for the form.

Hello. I have to keep reactivating the license on this plugin. The client keeps emailing me saying the fields say hidden. I have to go in a reactivate the license and I’m not sure why this is happening.

Hello

Please update to latest plug-in version 5.9.1

The instruction states the following:

“Async mode still adheres to the view permissions settings, so a user must also have view permissions to the specific data on top of having the async password.”

I have a problem setting this up correctly. Async is on, Limit User/Role View Permission Lists is set, I even tried to set a User Lockout List: lockdown

Doesn’t matter what settings I tweak, any logged in user that has Encryption password is able to decrypt all fields. It seems like Async Encryption password overwrites all view permissions. What am I missing?

Hello

Have you checked the dev site for any plug-in conflict in error reporting when generating the pdf?

We can verify that the custom user tags function the same as other custom tags in pdf generation.

Be sure to update to latest GF and latest gravity PDF and our plug-in version 5.9.1

The problem resolved by unchecking the “Admin Area Only Viewing” checkbox. FYI, Viewing/downloading PDF is done from the Admin area.

Hello

Yes, this would make sense. Although pdf links are in GF admin area, the page they link to in order to view or download which processes/generates the pdf is not an admin area page. The normal decrypt tags function because they are not permissions based, while the user tags do not because they add permissions, which includes the admin area only permission setting for all users.

Generally speaking leaving permissions available on the front end is perfectly fine as devs have full control over what is displayed or accessible from the front end.

Hi, we’ve enabled encryption and followed instructions. Notification emails are showing fields as encrypted (correctly). But, all users who log in to the site are able to view unencrypted data in form entries.

We only provided two specific users with unencrypted view access in the settings page. We did not list any roles with this access in the settings. We created a separate demo user who has moderate privileges and this user was still able to see unencrypted data. Did we do something wrong?

Hello

What users did you restrict? All users have access unless otherwise restricted. Please review #6-9 of plug-in setup to cover view permissions flow.

If you only want 2 users to have access you should use “lockdown” in the lockout list and the 2 players usernames in the access list

Hope this helps :)

Well clearly I did not read the documentation clearly enough. I mistakenly assumed it was default “lock all”. Entering lockdown worked. Amazing/fast support though, thanks!

Happy to help :)

Is there a way for this plugin to allow the fields in WP-ADMIN to be encrypted/hidden but the email version still show the actual values?

Hello

Yes, you would just use the plugins decrypted merge tags to send out decrypted field data in the notifications/confirmations.

You then would want to also restrict who could access gravity forms and/or resend the notifications.

Hi,

We’ve installed and setup the GF Encrypted Fields plugin. Where we use the Decrypted Merge Tag to show fields on the notifications. The merge tags are unlocked using the Universal Unlocks. We also have multiple user admin who manages the forms.

The fields are showing on the notification as expected, but when we view the Entries through GF, the encrypted fields are empty. I can see the encrypted entries on the “wp_gf_entry_meta” table.

When we tried the Decrypt Tool the encrypted fields in the “wp_gf_entry_meta” are deleted and what remains are the field values that are not encrypted.

Please help use resolve this.

Cheers,

Hello

I assume you are still testing in a development site with test data, but if you needed to recover the deleted data (from unsuccessful decryption) you can just do a quick DB restore from previous to your decryption run from the backup(s) you made beforehand according to the tool instructions.

For your viewing data issue, it sounds as if whoever set up the plug-in may have for some reason used the “Encryption password override” setting. This setting is not to be used in setup and does explicitly instruct that it should not be. Please check this setting and remove any entry. reading this settings instructions will explain what it is for and when it is useful as well as why this behavior is expected to occur if the setting is used. The encrypt / decrypt tool instructions detail why you cannot successfully decrypt data if the password override is currently being used and the specific data you are decrypting is not viewable or decryptable as it was not encrypted under that override password.

Please be sure to take the time to follow all initial setup and setting instructions as they do detail usage and behavior. on a live site, incorrect usage of the encrypt/decrypt tool can delete actual form data. Of course this is also very easily recoverable with a simple DB restore, but it is easily avoidable.

thank you for your response.

We’re using “OpenSSL” for encryption type.

We used the decrypt tool to check if the data will be decrypted, this way we eliminate the possibility that the issue is only on the frontend (GF entries).

Yes, the current issue is on a staging environment, so no actual data is involved. but the issue got us worried because we have another GF Encrypted Fields plugin on a production site with live data to be encrypted.

We will try to remove the Encryption password override”, and we’ll give an update.

Hello

Sounds good. If the issue is not resolved please contact us via our contact form (click our user name) and we can work to look at your setup to determine the issue

When adding the purchase code to the license screen we are getting a “Failed to connect, Please try again” error, meaning we can’t enable the plugin we just purchased.

Hello

Are you behind a proxy or on a server which is not www connected? These are disallowed for activation. Your server must be online snd not behind firewall/proxy restrictions/masking.

Alternately, what location/web host are you connecting from? Our licensing server uses standardized black listing for known problematic ip ranges/servers and we do not override this for any circumstance. If correcting the above does not resolve your issue, you can request a refund through your envato account which we will promptly approve.

hello. if i go into a form and turn off encryption for a field that has been encryped, will all the existing values for this field in this form be decryped, or does it only apply to new entries? I need to decrypt one field in a form, including all existing entries. i looked at the tool – should i enter “decrpyt”, form id, leave entry id blank, and put the field id in the last field?

You will want to specify a batch size for number of entries to process and utilize the offset if more than 200

ok. the form has about 3000 records in total. so i just need to do it in batches of 200?

Correct. You could override the limit in the code but it’s not advised as it can cause server timeout issues pending your server

Hi

I have a form with an email field that has the encrypted field checked.

Upon submission, the following error is displayed (and I cannot hide it even by setting errors to be hidden in the WordPress config.php file).

Notice: Trying to access array offset on value of type bool in /path/to/plugin/gravity-forms-encrypted-fields/gfef.php on line 2197

I’m running WordPress 5.8, PHP 7.4.23, Gravity forms 2.5.9 and Gravity Forms Encrypted Fields 5.9

I have recreated the form from scratch but still the same issue

Any ideas? I really need this sorted.

If you don’t know the answer is there any way to suppress the notice issues to anonymous visitors for the short term (as mentioned above restricting errors in the WP config.php does not help)

Thanks

Hello

Please send us an email from our contact form (click our user name) and we will send new code for you to try as possible release solution.

Thank you

Thanks – email sent

-Resolved : pending plug-in update

Thanks for the report on the notice :)

Hello, if i encrypt a field in the gravity form and send it is value to the client by SMS “twillio add-on” it will be sending as encrypted or decrypted message?

Thank you for your fast response.

Actually I am using the value as OTP, and will be sent after a certain step (Using Gravity Flow), and yes I am using the GF merge tags.

Are you offering a refund if i test it and it doesn’t work? If yes I will buy it and try if this will works fine with me.

Please be noted that for the OTP field I am using Populate Anything by GravityWiz.

Hello

You can certainly always request a refund through your envato dashboard if you find the particular flow does not work for you.

Relying on passing encrypted values through many other plugins in certain ways is always open for conflicts if the unencrypted values are relied on for any functionality. If it is just a random field that the other plugins do not need to access decrypted to function then the functionality to print it out decrypted using our decrypted merge tags should generically always work where general GF field merge tags are accepted as long as the plug-in adheres to gravity forms standardized GFAPI to get field data.

Also, pulling the data decrypted should be functional for any user who has field viewing permissions to see it decrypted if the plug-in adheres to the GFAPI

I’m using the Gravity View search function for an entry claim process on a website, and it looks like it’s not possible to search by encrypted fields right now. Is that still the case, or is there a workaround?

Correct

Search of encrypted fields in gravity view is not available currently. It’s only possibly in main GF functionality. We have worked with them on this in the past but some limitations still in place prevent us from implementation still.

hello. question about licenses. i currently have two sites licensed nusgra.org.uk and newcastleproms.co.uk

i wish to remove the license from nusgra.org.uk but i no longer have access to the wordpress site (its been deactivated)

when i review my licensing screen on newcastleproms.co.uk and can see that the nusgra site is still listed and i cant remove it. please can you do this?

It will stay active until you attempt to activate on another website if you update to latest plug-in version. Latest version will let you deactivate the website if it is inaccessible upon activation of a new site

Hi

I have a form with an email field that has the encrypted field checked.

Upon submission, the following error is displayed (and I cannot hide it even by setting errors to be hidden in the WordPress config file).

Notice: Trying to access array offset on value of type null in /path/to/plugin/gravity-forms-encrypted-fields/gravity-forms-encrypted-fields.php on line 1845

I have recreated the form from scratch but still the same issue

Any ideas?

Thanks

Hello

Are you using latest plug-in version 5.9?

Hello! Thank you for the plugin! But i found 2 very important limitations: 1. Search by encrypted fields doesn’t work 2. Draft submissions doesn’t encrypted Hope you will fix it in upcoming release. Thank you so much in advance! Serge

Versions WP: 5.8 GF: 2.5.9 Plugin: 5.9

Hello

The plug-in does not support encryption on save and continue operation. Only partial entries are supported. I will suggest to dev team to look into possible plug-in option based support of encrypt for entire Json object of saved entry and decrypt on continue. This appears it would be potentially a simple implementation given the json object is not over size of server limitations to process.

If you would like to help with dev and possible/potential release of this feature, please contact us through email form on our author page (click user name) and send contact info with mention to save and continue support please

UPDATE

New in version 6.0 Added suppot for encrypting the “Save and Continue” option data per form. (Partial entries and Save and Continue are now both supported.) Tested on WP 5.8.2

Is it possible to encrypt the file upload location string in the database?

Can you share an example of that snippet?

We have no such snippet written as we have not found a need for it as the true file upload path is already obscured by GF by default. For purposes of blocking actual file download, there is also a filter which forces users to be logged in to access the uploaded files via the provided obscured link https://docs.gravityforms.com/gform_require_login_pre_download/ as an example though, the snippet would basically just use the gform_fileupload_entry_value_file_path https://docs.gravityforms.com/gform_fileupload_entry_value_file_path/ Filter provided by GF and use our developer encryption function to encrypt the path variable and return it.

EX: function your_function_name($file_path, $field) { return gfef_text_encrypt($file_path, $key) } add_filter( ‘gform_fileupload_entry_value_file_path’, ‘your_function_name’, 10, 2 );

you would then choose the time and place (using the appropriate GF filter when retrieving the data as desired) to use the provided “gfef_text_decrypt($text, $key)” function to output the useable link again. It should be relatively quick and easy for a dev to write this up for specific user access pending your intended functionality.

we do not assist with users custom programming, but i think this may be a useful feature to possibly implement for release in order to be able to give only specific users access to file downloads. Granted, this assumes that your other users cannot access your web server via FTP/SSH etc to directly access the files outside of WP. I will run it by the team.

using the gform_permission_granted_pre_download filter would likely be a simple shortcut to skip writing custom validaton or encryption unless you would like the actual string in the database encrypted in case or breach.

for this reason and others, we do reccommend simply using a third party uploader like dropbox as it can simply delete the local file copy and you can auto set permissions or passwords to uploaded files using the available options and/or filters and a few lines of code, or just give access when and where you would like with dropbox’s regular sharing links etc.

Hi there, You helped me last year with signed=1 and expires=10 in the PDF shortcode which works great. However, if I need to attach a PDF to a notification, will the expires= apply to that attached file too? I need the PDF attachment to be read/print capable for a couple years. These are employee performance assessments. Thanks for your help. julie.duran@wels.net

Hello

I believe you may have receive this information from another developer. Perhaps those of the Gravity PDF plug-in?

I have a form that a user will need to re-submit on a regular basis. I will be using information from their previous entry and pre-populating the form using Gravity Perks Populate Anything. Since they are the user that submitted the form will they be able to view those values, will the form fields pre-populate correctly, or will it be encrypted if Admins are the only one’s with view permissions?

Hello

You can give the original submitting user access to view their own submitted data unencrypted by using the option in the encryption settings within the needed fields. If the user is logged in it should pull unencrypted for them to populate the fields.

Hi, Can I export a spreadsheet with the encrypted data and then decrypt it after it’s downloaded? Thanks!

I hear what you’re saying – that makes sense, thank you. Is the data stored in the website database in an encrypted or decrypted format? If someone, without permission, gained access to the server, would they be able to take the decrypted details from the database? Thank you,

p.s. The user who can access the decrypted data in the dashboard – They can export the entries decrypted, correct?

Encrypted in DB . Yes, users who can access decrypted can export decrypted assuming they have the ability to export entries.

by
by
by
by
by
by

Tell us what you think!

We'd like to ask you a few questions to help improve CodeCanyon.

Sure, take me to the survey