699 comments found.
The use of Decrypted Merge Tags (ALL:ALL+, ALL:ALL, ALL:ANY, ALL:ALL+:U, ALL:ALL:U, ALL:ANY:U, ALL:ANY:X, ALL:ALL+, ALL:ALL, ALL:ANY, ALL:ALL+:U, ALL:ALL:U, ALL:ANY:U, ALL:ANY:X) does not unlock data in notifications when using {all_fields}.
Need directions to unlock all forms, all fields and decrypt all form entries to remove restrictions.
Hello
This is because {all_fields} is not a decrypted merge tag. It is a standard GF. Merge tag. Please read the full instructions and use the decrypted merge tags you presumably unlocked to get decrypted results.
These are selectable directly in the merge tag drop down lists in your notifications/confirmations after unlocking them.
Most users prefer the {gfef_decrypt_ALL} tag as a replacement for the standard {all_fields} tag.
There are extensive and complete instructions for using the tags including examples and video tutorials directly in the instructions for the decrypted merge tag options. Please click the “click here for instructions” button there to expand them.
- Does this work with gravityexport, gravityflow and gravitypdf without any special things ?
- Does it work if I save my entries in another (external) database? (using the gform_after_submission hook)
- Can we generate the passphrase/password that will be used for encryption? - Is there a documentation of hooks we can use from your plugin?
Hello
The short answer is all of this is possible, but it seems you will be doing some custom programming that would be needed to go with it. We do not provide custom hooks into the encryption system as a precaution, but you can could use the system as designed for most of this. For encrypting within your custom programming you could call the encryption functions directly. However it should be stated clearly that we do not assist with custom programming.
There are a few documented developer encryption/decryption functions we provide to call at will which you could also use within your own ecosystem
Thank you for these answers,
But where can I find the documentation for the encryption/decryption functions you mention? You haven’t answered, is it possible to set your own password for encryption?
Hello
You can use your own explicit pass directly with the custom functions, and you always indirectly set a psuedo password using the plugin normally.
Documentation: https://www.pluginowl.com/gravity-forms-encrypted-fields-developer-documentation/Hi there, I have a business plan generator using Gravity Forms and want to encrypt certain field data on the database only, I don’t need to encrypted in any other way. I also use GravityPDF so wanting to know if your plugin works with it?
cheers Rich
Hello
Yes you can use it plugin with gravity pdf. We include a simple custom pdf template for decrypting the field data, but you can write one to meet whatever your pdf formatting requirements are.
ok thanks 
Hello! Running into issues on a Pantheon test environment:
`Warning: file_put_contents(/code/wp-content/plugins/gravity-forms-encrypted-fields//includes/salt.php): failed to open stream: Permission denied in /code/wp-content/plugins/gravity-forms-encrypted-fields/gfef.php on line 71`
Is this something that might resolve once we’ve pushed the plugin to the live environment?
Normally yes. It sounds like you don’t have the proper write permissions to that directory as you normally would on a web server environment for WP.
How do we enable this on local development?
Currently when entering the license number in Development environment we’re getting: “Failed to connect. Please try again”
The local development is running on Docker, PHP 8.0, SSL.
Any ideas?
licensing requires internet access.
You can remove the internet access after successful licensing, or install /activate on web dev environment and then clone/port the install to a local environment after licensing.
Hey there! I accidentally purchase the item twice, so could I please have a refund on one of the licenses?
Hello
Authors can not issue refunds. As Envato Marketplace is the seller, please request it through your Envato account from item purchases.
Hi,
We have the plugin set up with the Async mode.
Some of our forms send out notifications to the staff that don’t have access to WordPress. We want to keep it this way, so we followed the “Decrypted merge tags” instructions to send out decrypted fields in emails: - unlocked all decrypted merge tags - entered the universal unlocks - in notifications settings, we included {gfef_decrypt_ALL} in the message
However, we still received the “Encrypted Field Restricted” message in the emails. Can you advise if we missed any step or got something wrong? We want to send out decrypted values in notifications emails but still keep the fields encrypted on the site.
Gravity Forms Encrypted Fields version 6.1.7 WordPress 6.2.2
Thanks!
Hello
Please follow the instructions on settings page for ENCRYPTION TYPE option under “Open SSL / Strict Access Mode :”
These instructions are listed before the ability to turn on asynch mode. Complete details of this mode including details to send decrypted data in anonymous notifications with asynch mode are listed there. I believe you may have to also use the “process feeds and add-ons before encrypting” option on the individual fields to use the method described there. A new version with this instructional addition has just been released. 6.1.8
Hello. We need to encrypt a user uploaded image. Is this possible with this plugin?
Hello
This plug-in does not encrypt file uploads.
You can use the Dropbox or google drive add-ons for this or likely zapier for a number of other solutions. Those file storage solutions offer encrypted storage and have great sharing permissions for access control. The add ons allow for auto deleting of your server side copy after transfer as well.
Conditional logic on redirect confirmation I have encryption enabled on a field and I am using that fields value to redirect the user to a certain page. With the encryption enabled, the redirect is not working consistently. Is there anything I can do to delay the encryption till after this field is checked?
Hello
Use the “encrypt after submission is processed” option in the field’s encryption options.
Ahh. I was looking for a form wide setting for this. Is it possible to loop through all forms (and fields within) and set the “encrypt after submission is processed” flag to true on supported fields? I used a similar approach to set all supported fields to encrypt. IE: $field->encryptField = true;
$field->delayedencryptField = true
Thanks!
Fatal error: Unparenthesized `a ? b : c ? d : e` is not supported. Use either `(a ? b : c) ? d : e` or `a ? b : (c ? d : e)` in xxx/wp-content/plugins/gravity-forms-encrypted-fields/gravity-forms-encrypted-fields.php on line 2503
This began after upgrading to PHP 8. When will this be updated?
Hello
It appears you are using a very outdated plug-in version.
Please update your plug-in version according to updating instructions in the plug-in settings page or plugin readme.txt. Current version is 6.1.7
You can get auto updates and notifications using the ENVATO MARKET plugin. Or select to receive notice of this plug-in’s updates via email in your envato account under your purchase of this plugin.
Hi I just purchased your plugin and when I activate plugin it throws fatal error on “Settings -> GF Encrypted Fields”
Warning: Attempt to read property “status” on null in …\wp-content\plugins\gravity-forms-encrypted-fields\gfef.php on line 3016
Warning: Attempt to read property “status_message” on null in …\wp-content\plugins\gravity-forms-encrypted-fields\gfef.php on line 3017
Fatal error: Uncaught TypeError: property_exists(): Argument #1 ($object_or_class) must be of type object|string, null given in …\wp-content\plugins\gravity-forms-encrypted-fields\gfef.php:3018 Stack trace: #0 …\wp-content\plugins\gravity-forms-encrypted-fields\gfef.php(3018): property_exists() #1 …\wp-includes\class-wp-hook.php(308): gravity_forms_encrypted_fields_settings_page() #2 …\wp-includes\class-wp-hook.php(332): WP_Hook->apply_filters() #3 ….\wp-includes\plugin.php(517): WP_Hook->do_action() #4 …\wp-admin\admin.php(259): do_action() #5 ….\wp-admin\options-general.php(10): require_once(’...’) #6 {main} thrown in …\wp-content\plugins\gravity-forms-encrypted-fields\gfef.php on line 3018
Looks like the error is because of invalid SSL on my local machine. By any chance, are there other way where I can activate the plugin?
It would be really helpful for our scenario as internet is disabled on our servers, the only way to install/update is via FTP.
Looking forward for your recommendation, thank you!
Hello
You have to have internet connection to license. Fixing or removing your invalid SSL should help licensing communication with your server.
We are looking to update plugin to account for the error and give message of invalid SSL.
I keep getting the Settings Page LOCKOUT Password incorrect password error even though the password is DEFINITELY the one I entered when setting up. What is going on?
The settings page password only accepts 16 characters. If you pasted in something longer when setting it it is truncated to the first 16 chars. This is documented in the instructions for the lockout password.
The lockout page input accepts up to 32 chars. If you did this, just paste in the first 16 of your password you are using.
Okay, thank you!
Hi we are using gravity forms with our medical domain and wanted to secure the form which should be include with HIPPA compliance security. Do you provide HIPPA compliance ? Please let us know.
Thank you
Hello
HIPPA compliance is not met by encryption alone. Please see our FAQ on this :
https://codecanyon.net/item/gravity-forms-encrypted-fields/18564931/faqs/30672The above in consideration, the encryption we offer should exceed HIPPA compliance standards.
The admin viewing security protocols we include should also help in your overall HIPPA compliance.
Oh OK, Do you sign BAA regarding your service ?
Hello
The nature of the question is a little unclear. We do not offer any 3rd party service including handling or processing of your PHI therefore we would not enter into any BAA. Essentially, being only a tool to provide encryption, it is not operated by us, but by your org. This is the same as Gravity Forms , other plugins etc, or Wordpress software itself being only software your org is utilizing and has access to as part of your PHI intake and handling.
The software is self/user managed, and you configure and run on your own WP server. It provides encryption of your Gravity Forms data at rest on your own SQL server as well as provides security access restrictions for anything from very simple to complex data access protocols for your sites users/admin users.
Hope this helps 
ok thank you
I just started getting this error message for the plugin: PHP Fatal error: Uncaught TypeError: property_exists(): Argument #1 ($object_or_class) must be of type object|string, null given in /nas/content/live/tadvisors/wp-content/plugins/gravity-forms-encrypted-fields/gfef.php:3018\nStack trace:\n#0 /nas/content/live/wp-content/plugins/gravity-forms-encrypted-fields/gfef.php(3018): property_exists(NULL, ‘license’)\n#1 /nas/content/live/wp-includes/class-wp-hook.php(308): gravity_forms_encrypted_fields_settings_page(’’)\n#2 /nas/content/live/wp-includes/class-wp-hook.php(332): WP_Hook->apply_filters(’’, Array)\n#3 /nas/content/live/wp-includes/plugin.php(517): WP_Hook->do_action(Array)\n#4 /nas/content/live/wp-admin/admin.php(259): do_action(‘settings_page_g…’)\n#5 /nas/content/live/wp-admin/options-general.php(10): require_once(’/nas/content/li…’)\n#6 {main}\n thrown in /nas/content/live/wp-content/plugins/gravity-forms-encrypted-fields/gfef.php on line 3018, referer: /wp-admin/options-general.php?page=gravity-forms-encrypted-fields
I’m not able to get to the Settings page.
Hello
Did you recently migrate /restore/ modify the site or change servers or php versions?
Standby, I believe the issue may have been on our end. This should now be resolved, but please let us know if the issue persists
Hi,
I am currently transferring from Gravitate Encryption to Gravity Forms Encrypted Fields. I have a site with 400+ forms and ~300,000 entries. I have written a function to completely decode the previously encoded entries via a Gravitate Encryption function. I was able to have it run through the gf_entry_meta table (100,000 rows at a time) and decrypt all entries in batches.
I currently have the plugin installed and running and I need to encrypt all the entires again. Unfortunately to encrypt all the data again through the plugin interface would be very slow and a bit quirky.
Is there a function that I can fun outside the plugin to take a string and encrypt it? Gravitate Encryption offers a $decrypt_service = new GDS_Encryption_Class(); and $decrypt_service->decrypt($row->meta_value); Just looking to bypass the GUI and run the encryption on the database table itself.
Thanks, P
Scratch this request. Sorry. Just found the function within your code. Thanks.
Hello
There are developer functions for use that are safe to use. Please see the online guides to them. at the very bottom of the expanded setup instructions button text there is a link.
The function to use is: gfef_text_encrypt($text, $key)
But please read through documents on it first before use. Trying to Encrypt too much at one time will likely lead to database timeouts.
Is there a function to mimic the “Global Form Encryption Switch” functionality on the plugin GUI? I would like to be able to run a function and switch my forms (~400) to use encryption.
Hello
Not directly as a developer function. The function in code is “gfef_global_encryption” if you want to grab it from the code to slim it down and modify for your use case.
I have ran through and encrypted all data in the entry_meta table, but when I look at entries, it is showing the encrypted data instead of the user readable string. IE: enx1:QYkDZwXwsjJVJdWTs4aRRzm+suqwrH+1cWzE+f1u/FjmYBA0CInPEVnPFvr… instead of a first name. It there anything I need to do to enable the translation of the strings on the backend entry view screen?
Hello
Are you using our gravity forms encrypted fields plugin. Our plug-in does not encrypt strings as the example one you posted.
If you are in fact using our plug in, you can follow the detailed instructions on the settings screen under the top button :” SETUP AND OPERATION INSTRUCTIONS “ to get up and running. There are also video tutorials available in the top button section on settings page.
I am using your plugin. I set up a custom cron job to run through the gf_meta_entry table and used the “gfef_text_encrypt” function to encrypt each entry. All the data that was converted was un-encrypted to begin with.
The odd thing is that all meta in the database does have the right encoding (IE: GFEncrypt: aa91545966defec7b1dce6ea01TGRQdmZPZ0pGbWJYSU8yOHVtT0lSWWRwalRiY2tNRkk0RFdYaWpoYlpxST0=) but when i go to view the data within the entires section is displays it in differently (IE: enx1:QYkDZwXwsjJVJdWTs4aRRzm+suqwrH+1cWzE+f1u/FjmYBA0CI…).
Oddly enough too is that the email field within that form i just referenced is in the GFEncrypt: xxx format, but it is the only field. All fields besides one are single line text fields.
Gotcha.
Once you carefully set up the plug in following the numbered instructions you should be able to view your data as long as it was encrypted properly according to our plugins supported field types etc.
With running encryption from custom code it’s possible to encrypt basically anything, but I see you are using the custom “string” encryption to encrypt field data now. It is best to do this using the built in batch encryption after fully setting up the plugin to be sure that all field types are encrypted properly and of supported type. I see you have an extraordinary amount of preexisting entries and this would be slow overall. In general if you are not running new data processes on the old data is best to just archive it and start fresh with new entries moving forward as far as storage. but if using the dev encryption for fields to re-encrypt quickly, just be sure the field types are supported by our plug-in for field data encryption.Thanks for the explanation. I had missed a check to see if the field has been set to encryptField. I will add this flag and try again. Thanks for the explanation and the quick replies. Really appreciate it.
Is there a way to not show field values for anyone (only show encrypted values) until a user types in both the encryption key and password each time?
For example, the user would need to be logged into their account AND also know the encryption key and password to view the real value.
That way, if their account is breached or accessed by someone else, then they wouldn’t be able to view the real values since that hacker wouldn’t know the key and password to view it.
Hello
Please read on the asynchronous encryption mode. This requires both a logged in user with also entering single encryption password.
This is built in to the plug-in, and is enabled in the encryption type selection options further instructions.
It does come with some caveats due to no decryption being possible without logged in user and entered pass, so anonymous user notifications etc need to be accounted for and the instructions go over this.
Is there a way to maintain the encrypted fields value when an entry gets edited? I currently have an application form with an encrypted field for a SSN and the form generates a PDF. The SSN is encrypted in the WP back end but I do have it visible on the pdf. My issue is that the client is editing and updating the entries and in doing so the “Encrypted Field Restricted” value is overwriting the actual SSN. Is there a way to protect this field from being edited and maintain its original values?
Hello
The encrypted values are not updated unless they are actually changed when editing entries using the standard Gravity Forms entry edit interface.
..This however depends on the way the entries are being edited. The plug-in or custom solution they are using to edit entries must adhere to gravity forms same method of editing. If it saves over all data regardless of if it was changed or not then it will overwrite the encrypted data strings with whatever is in the field during the edited submission.
Suggested solutions:
1. Have them Use the gravity forms entry editor 2. Use a compliant entry editing method and/or only edit the fields that need editing so the restricted field data is not displayed or overwritten with the edit. 3. If appropriate, give the editor field view permissions in the existing setup so the information is displayed or hidden decrypted and just submitted for encryption again. 4. Write a small snippet to skip over saving encrypted field data if the submitted data matches your restricted display for that form. (This would allow new data entry on original submission or changing forms data with new field data on edit, but if the restricted display is submitted it would just keep whatever data is already there if anything.) This solution has been suggested by one of the devs who has it posted for a possible additional selectable plugin option for later release. Basically this would prevent the exact match of the restricted display from being submitted and actually saved initially, or over any existing or blank data at any following point if turned on.
Hi!
After a re-design, i cant activate my license. https://prnt.sc/k3Oy_H9sR7Tq- dev license is deactivated. - the /en/ installation is no more (deleted for good)
Best regards
Hello
Are you using the latest version of the plug-in? 6.1.7 If not please upgrade.
You can click our user name to send us an email via our author page contact form and include the purchase code there in private so we can assist.
I’ve written to you. Thanks!
We have a mysterious issue where encrypted entries are being permanently deleted. When we test a form submission ourselves, it works fine. But we have a real user who has tested for us twice, and we receive the notification email with her unencrypted data and file attachment. But the entire entry is gone from the website. It’s not in the trash nor in the database. The form has both encrypted and encrypted fields, as well as a file upload field. The form is set to delete files after email, but we do not have it set to delete the entries. Here are our plugin settings:
Admin-Area Viewing Only = checked Delete Entries After Submission = BLANK (no ids or any text has been entered here) Delete Only File Uploads After Submission = 12 Attach File Uploads to Notification Emails = 12:Accounting Notification
Anti-spam honeypot is turned on for the form and Honeypot is set to “not create an entry” if it’s flagged as spam. Could this be related? We receive the notification email with the entry data (which includes and entry ID and link to the entry) which is not supposed to happen if the entry wasn’t created. There are no errors in the log. However we did not have gravity-specific error logging turned on at the time she submitted.
Do you know why an entry could be entirely deleted in this setup? Yet the entries are not deleted in our personal tests?
Hello
There is no known reason related to our plug-in that we can point to why this would happen. Have you tried disabling our plug-in and seeing if it still happens, or turning off the file deletion to test your possible honeypot related note?
When you test the form are you logged in as a user? Admin?
When she tests the form is she logged in?If they are not logged in or logged in as a non admin user, you should be able to test this yourself with another same level user you create, or just not be logged in on another browser. I assume this is how you are already testing to test the end user environment, but if not you can just turn on GF logging and run a couple tests with the same user setup as the person who’s entries are deleted. Then view the GF logs. Our plug-in logs it’s file and entry , signature etc. deletion so it would be noted. As a note our plug-in does not utilize if the user is logged in or not or what role they are for file or entry deletion so this should not make any difference.
You may want to check any other plugins or custom code you have relating to gravity forms for any settings which could potentially cause this as well.
Side note: if you are not running plug-in version 6.1.7 please update to latest version.
Thank you. My aim is to recreate the issue, so I’m using the same theme/plugins to ensure it’s the same environment our customer was using. She is not a logged-in user. I’m also testing while logged out, different IP, obviously spammy info… it works every time.
Are you aware of any potential conflicts between your plugin and a combo of Honeypot and Akismet? According to the log, my intentional-spam entries were flagged by Akismet, not Honeypot. The entry was created and put in the spam folder, not deleted.
Does your plugin have any setting that would clear entries after a certain timeframe?
We do have GF logging turned on now, but it was off when the customer submitted her disappearing-entry. My client is reluctant to ask her to test again until we know more, so just trying to dig on my own first.
Thanks for your insight.
Hello
There is no setting to clear entries after X timeframe.
We use honeypot and Akismet together with our plug-in in the dev and live environments quite often without issue.
Oh, and yes—I did update to 6.1.7 yesterday, before I submitted my tests. Was there anything in that update that would relate to this issue?
Hello
No. Updating never deletes any data. The most that can happen is if for some reason you are using a custom website key against all instructions, the key can fail to regenerate, and the auto key will take over for any new entries. A custom key needs to be checked and potentially re-entered after every update or site migration etc. which of course leads to failure to do so. This would result in your old encrypted data under the custom key not showing up in your entries displays, but the entries themselves would still be displayed and any non encrypted data in them would still display normally. Changing the key back to the custom key would display both again.
Again though, this wouldn’t ever delete any data from the database. It would just be sitting there encrypted and would read/display correctly again when the custom key it was encrypted under is entered again. Deleting data has to be done quite deliberately.
Ok, thank you. We are using the auto key. And sounds like spam filters are not the issue. Will keep digging.
