698 comments found.
I have changed the domain name for my site. How can I change the license to my new domain? I no longer have access to the old domain.
Hello
You can send us a private message by clicking our user name and using the author contact form. Include your purchase code and explicitly list the exact website you would like to deactivate, and we can deactivate it for you from our end. Any deactivated site will cease to function for decryption and other accessibility of encrypted data. DO NOT list purchase code here .. only in the private email form.
Hi
I have been using the repeating fields code for Gravity forms found here: https://docs.gravityforms.com/repeater-fields/, but the encrypted fields module causes an error on submission (even though these fields do not have encryption on them).
I think this is caused by the repeating fields part of the form being sent to submissions as an array, and your encryption module requires a string. When i dont add any content to these fields i do not receive an error.
Here is the part of the error
Fatal error: Uncaught TypeError: substr(): Argument #1 ($string) must be of type string, array ….
.../wp-content/plugins/gravity-forms-encrypted-fields/gfef.php on line 757
Any ideas on how I can fix this?
Thanks
Jonathan
Hello
Repeater fields are not currently a supported fires type.
Hello
You should be able to try this form again using repeating forms without encryption on them but able to enter data. This issue has been corrected in later plug-in versions so updating to latest plugin version should correct the issue for you
Hello,
We are interested in potentially purchasing this plugin however we need to know the following:
Are upload fields supported for the encryption capability?
Hello
First let me specify that our plug-in does not encrypt uploaded files for storage on the server. There are already great fast solutions out there for encrypted file storage and sharing/access. Read below for more information.
If you are asking about how a file is protected while in transfer from the users machine to your server on initial upload, this is the same as the data entry is protected and is done by simply using https for the connection. Https is a secured SSL encrypted connection between client and server.
As far as once it’s on your server you can use the gravity forms Dropbox add-on or a third party solution like GDrive file uploader to have the files moved to secure storage on those platforms and delete any local copy (Both are encrypted storage and offer robust sharing and access options). Or you can likely transfer to other storage and access solution via other plugins, or use a different solutions API etc. with custom programming.
If you wanted to skip the files ever being on your server at all you can use solutions like driveuploader or a google form with file upload field or another encrypted file upload solution directly within your gravity form by just embedding them in an html field in your gravity form.
I hope this helps 
I’m interesting in purchasing this plugin to comply with cybersecurity requirements. My client is asking me how the process collects and packages a file upload for transfer. We want to make sure that there is no trace of the file on our server once it is emailed via the notification and deleted. Can you give me some details there?
Hello
First let me specify that our plug-in does not encrypt uploaded files for storage on the server. There are already great fast solutions out there for encrypted file storage and sharing/access. Read below for more information.
If you are asking about how a file is protected while in transfer from the users machine to your server on initial upload, this is the same as the data entry is protected and is done by simply using https for the connection. Https is a secured SSL encrypted connection between client and server.
As far as once it’s on your server you can use the gravity forms Dropbox add-on or a third party solution like GDrive file uploader to have the files moved to secure storage on those platforms and delete any local copy (Both are encrypted storage and offer robust sharing and access options). Or you can likely transfer to other storage and access solution via other plugins, or use a different solutions API etc. with custom programming.
If you wanted to skip the files ever being on your server at all you can use solutions like driveuploader or a google form with file upload field or another encrypted file upload solution directly within your gravity form by just embedding them in an html field in your gravity form.
I hope this helps
Thank you this is helpful. Can you provide any details about how the local copy of the file is deleted? Is there a possibility that even though the file was deleted it could still be accessed in the “trash”? Or is it deleted in such a way that it is gone forever?
I appreciate your help here.
Hello
Files uploaded through Gravity forms are stored in non indexed ways with obscured file names. They are deleted from the server without any “trash” option.
For more information on GF files, check the gravity forms documentation on file uploads security. You can programmatically set parameters like requiring login or certain WP permissions before download is possible on top of deletion after processing/submission so the file is further protected during processing
https://docs.gravityforms.com/security/#h-file-upload-securityHi, I have encrypted the email field in the form and one of my notification email is sending the email to the filled email but it seems like the email is failed to send because of the email field is encrypted. Please advise how we can pass the email as decrypted data for notification email.
Here’s the setting for your reference: https://snipboard.io/QmKYPz.jpgHello
Please read in full and follow the plug-in instructions listed in the plugin settings page under top button “ Setup and Operation Instructions”
Step #12 covers this in detail with pictorial reference and guide video.
You must use a decrypted merge tag in this field while selecting the “enter email” option for the notification email. The field data (email address) is encrypted so it must be decrypted to make a readable email to send to.
Hi, I have tried to add my user role to User/Role View Permission in form editor but it doesn’t let the user with the added role to view and export the entries with normal data. Please advise.
For your reference, my user role is Donation Form User with slug donation_form. I have added donation_form to the field but it doesn’t work.
Hello
What type of encryption is being used?
SSL or SSL Asynch mode? Is the field user owned?
We are using SSL Async mode and the field is not user owned. If I adding the username, the user will able to view in normal data
Hello
Asynch mode requires the Asynch login on top of the user/role permissions. Is the user logging into Asynch as well?
For the role slug check the role slugs listed in the tooltip of the fields permissions setting. This lists the roles slugs as required for entry, without additional spaces after separating commas.
If this role should have access to ALL encrypted data you can just use the global user access list on the plug-in settings page to give them access to all encrypted form fields (still requires asynch login)
Realistically fit most setups you do not have to use individual user permissions when using asynch as only logged in people with the asynch password can access, so you just only give the pass to users that should have it, but if you have a need for complexity beyond that for specific fields/forms it is there as well.
Apologies, just realised we are using SSL mode instead of SSL Async mode
Within normal OpenSSL mode it would be the same. Check the available role slugs. The role slugs are listed in the tooltip of the fields permissions setting. This lists all of the available roles slugs as required for entry, without additional spaces after separating commas.
We have checked the role slug is correct and there is no space after the separating commas when we set in User/Role Permission field. It only works when I set the role slug in User/Role Access List
Can I check if we can export the csv file with readable data when using Entry Automation? Currently, the data is encrypted when we schedule to auto export with Entry Automation
Hello
There is a setting on our plug-in settings page called “Limit User/Role View Permission Lists”. If you put anything in it it limits valid usernames and roles allowed in the field settings view permissions options . If anything is in here please be sure you either also add the role you are trying to use , our remove all restrictions listed in the option and save the setting blank to have no restrictions or it won’t work.
If you can schedule the export to run under a user account that has access it should be decrypted. Otherwise there is no logged in user with access performing the action if the system does it itself so there is no authorized decryption.
If the plugin does not allow for user account spoofing to export, you would have to do some custom programming to run the export and decrypt the data or be run while the system spoofs a user that has access.
There is no input in Limit User/Role View Permission Lists, you can see my setting here : https://snipboard.io/Uu9Jov.jpg
In User/Role Permission setting, this is what we input which donation_form is the role slug: https://snipboard.io/sjbaf9.jpg
How is the role you are using created? Programmatically or a plugin?
The role is created from User Role Editor
Hello
Do other roles work when listed in the fields view permissions option?
You should not use the gfef_decrypt function directly. There are developer functions available to use and well documented listed at the bottom of the plugin settings page setup and operation instructions.
The recommended function is : gfef_developer_decrypt($entry_id, $field_id, $format) - Returns decrypted Gravity Forms field value or false, and can optionally attempt to have Gravity Forms format the display.
You would use this function within an available hook that lets you augment the individual field data before returning it to be exported. We do not assist with custom programming. But you would basically only need to pass the entry id and field id to the variables and return the resulting decrypted field data.
hi Does it encrypt the information before submission, so the http payload is encrypted already ?
Thanks
Hello
No. Encrypting the http transmissions is simply done by using HTTPS instead of HTTP. HTTPS uses SSL/TLS to encrypt communication between your clients and your server. Our plugin encrypts the data on submission for storage in the database at rest.
I am creating a job application for a client. The Gravity Form saves the encrypted data. I installed GravityPDF, https://gravitypdf.com/, but the PDFs will not display the decrypted data. Do you know how I can achieve that?
Hello
Please see the setup instructions further down under the gravity pdf section. There are instructions and even links a starter custom template for decrypted PDFs.
In short you need to use a custom pdf and then use the decrypted merge tags in it to print decrypted information. You can stick to the provided basic template or create your own with html/php based on existing ones etc.
Which page for setup instructions? I am looking on the PDF page under my form’s settings tab. This is where I enabled password security and set a password for the PDF.
Which template is the one provided? The options I have listed are Blank Slate, Focus Gravity, Rubix, and Zadani in the template drop-down box on the PDF page.
Hello
The setup instructions for our plug-in on the plugin settings page.
Settings-> GF ENCRYPTED FIELDS
Open button for setup instructions at top of page. Scroll down to gravity pdf section.
If you have not yet read the instructions completely please follow through to disclose other important info for setup and usage
Hi,
We have this plugin configured for our form and so far everything is working good. Recently we noticed an issue with notifications.
When an user submit a form, we send 2 notification – one to the admin and another to the user.
While the admin notification seems to work good, user notification fails with the below error message.
WordPress was unable to send the notification email. Cannot send email because the TO address is invalid.
How do we configure this plugin to process all notification emails before encrypting the data?
Thanks
Hello
If you are encrypting the email address field for the users email and then using a merge tag for that field in the send to address, you need to use a decrypted merge tag for that email field. This is covered in initial setup instructions and further detailed in the decrypted merge tag setting instructions. There is also a video tutorial section on using a decrypted merge tag for the “send to” email field of you are going through the video instructions.
Assuming you have the decrypted tags already set up, just use the decrypted tag for the users email instead of the standard tag, because the standard tag will fill in “ENCRYPTED FIELD RESTRICTED” or whatever you have set for the restricted view, which is not a valid email address. The decrypted tag will print the proper email in after decrypting the data.
Hi Can you pls confirm if the plugin ver. 6.1.9 works with latest WP 6.4.1? Need confirmation before I update. The dashboard says WP 6.4.1 support is ‘unknown’
Hello
The last update to WP 6.4 is tested with latest plug-in version (6.1.9). 6.4.1 is a minor release and should present no significant changes. In our dev and live environments for the plug-in it has presented no issues to date.
However, as always, you should test any upgrades to any plugin and / or WP version in a dev environment before committing the updates to a live site.
Hi. We have just launched our client site but we are now unable to deregister the previous testing URL we were using because it is no longer accessible. Would you be able to help?
Thank you.
Hello
Since the previous domains still exist and are reachable the plugin will not let you do it yourself after the fact. For future, you can self unregister through the plugin at any time before changes are made to make this not possible at any time to open the slot up.
Clock our user name and send us an email using the author contact form including your purchase code and the exact url to de register. That site will no longer have available usability for decryption or data output with the plugin.
How do we change the purchase code for a website. I had a client buy some keys for their stuff and we need to change the key on one website to use the new key?
Hello
Expand the top button on settings page that lists “LICENSING AND DEACTIVATION”
Select the checkbox to “ Deactivate License For This Website” and save changes to deactivate the current license. Then enter the new purchase code on the license activation screen that comes up next and relicense the plugin using the new purchase code.
I was hoping to use this plugin to securely accept Driver’s License photos from my customers. The goal would be to immediately delete the file as soon as I have forwarded it to Dropbox. So far I cannot get it to send the file. It deletes the entry before it has a chance to get to the Dropbox. Do you have a way that I can handle this?
Hello The short answer for doing that is that the Dropbox add-on itself should have an option to delete local file after upload. Our plugin immediately deletes the file after submission and notifications etc, but the transfer to Dropbox is asynchronous and continues beyond that.
I have set up this plugin and copied the Settings Page LOCKOUT three times to a text file to ensure it was correct. Now I cannot access the settings. Can you tell me a procedure to reset the plugin?
Hello
The settings page lockout password instructions specify that it only accepts between 8-16 characters when you are setting it up. Anything entered or pasted in longer than this would be truncated to the first 16 characters. Without wiping and reinstalling the plugin, you should first try only entering the first 16 characters of whatever you have stored that you pasted into the settings page lockout password field which is assumed longer than the accepted length.
Please let us know if you need further assistance with the settings page password.
You are a genius, that worked. Thank you much.
Glad to help
We have updated the instructions for the settings page lockout password on the settings page to specify that longer entries are truncated.
Hello, we recently changed the domain of a website that had the license key attached to it and we were about to add the plugin to another website and use the license key on there but was told we reached our limit and it listed the domains. Is there anyway to remove one of those domains that it says it’s in use on? It’s the one we switched the domain from so we don’t have access to the backend anymore. Thank you in advance for your help!
Hello
Since the previous domains still exist and are reachable the plugin will not let you do it yourself after the fact. For future, you can self unregister through the plugin at any time before changes are made to make this not possible at any time to open the slot up.
Clock our user name and send us an email using the author contact form including your purchase code and the exact url to de register. That site will no longer have available usability for decryption or data output with the plugin.
Thank you for your prompt response! We have sent the email.
Done
Wow that was fast! Thank you very much it is truly appreciated! Probably the best customer service we’ve every had honestly.
Happy to help
Hi all – what is the difference between the HIPAA FORMS WordPress plugin by Code Monkeys, and this plugin? My Gravity Form submit is already encrypted in transport, but I need the form data encrypted in storage, at rest.
Hello
Although we are not experts in the HIPPA FORMS plugin, the details of our plug-in and functionality are listed in the description for you to compare products.
Mainly the other is a 3rd party service for encrypted data storage, and ours is a local storage encryption solution with robust user access control and display tools. Our plugin can certainly fill the need to encrypt the data at rest in steps to achieve a compliant system setup.
This is great news – I appreciate the quick response, and detail you provided. Will make the purchase!
When trying to activate the plugin we’re getting this error:
Fatal error: Unparenthesized `a ? b : c ? d : e` is not supported. Use either `(a ? b : c) ? d : e` or `a ? b : (c ? d : e)` in /site/wp-content/plugins/gravity-forms-encrypted-fields/gravity-forms-encrypted-fields.php on line 2356
Can you please help/fix? Thanks!
Hello
It sounds like you may be trying to activate an old version?
What version of the plugin are you using and what version: Gravity forms PHP Word press
Also, I see it does not list your user as having purchased the plugin. Please send us an email (click our user name and use author contact form) with your purchase code so that we can assist further with plug-in version. DO NOT list your purchase code here publicly.
Yeah it’s for a client it wasn’t through my account. I’m not sure if we can get access to the account where it was purchased but I’ll try. The client has Version 4.4.2 installed. Is that current or old?
Also Gravity Forms is currently Version 2.7.16 and latest version of Wordpress. PHP 8.2
Hello
Current version is 6.1.8
You should only have to upgrade to the current version to resolve the issue. To do that you will need to access the account with the purchase code to download new version and license.
Oh wow it’s way old. Okay thank you I’ll work with the client on that.
We got the client to log in and download the latest version, but we’re having trouble activating. As shown in this screenshot I’m trying to activate it on a domain that it’s already validated for, but it’s not activating: https://i.imgur.com/Zhlzt6m.png
How can I deactivate it if it’s not even giving me the option to?
Interesting. Are you using a proxy or other connection method which could alter the connecting url?
You can send us a private message by clicking our user name and using the author contact form. Include your purchase code and explicitly list the exact website you would like to deactivate, and we can deactivate it for you from our end. Any deactivated site will cease to function for decryption and other accessibility of encrypted data.
Hello
It is the www added to your domain. You could change this back in your WP settings very briefly to match exact URLs again to deactivate or activate. Only writing for others benefit to resolve any similar issue. We already deactivated via your email from the contact form.
Once we updated the plugin, one of our forms started sending blank CC information – before the update, any user with permissions could see the encrypted info. Please advise.
Hello
Hello, did you recently migrate the site or update the plugin? Please check your encryption website key. This is almost always due to using a custom website key and not checking it after an update to be sure it did not revert to the auto key from update where it did not correctly repopulate or after migrating the site. Or if you migrated the site the auto key would change based on the new WP installation. Replace it with the correct key you originally used to encrypt the data.
We strongly advise against ever using a custom website key over the auto key for this reason as warned against doing during setup unless you have to from a site migration. We would advise to manually decrypt any data under it and re encrypt under the auto key. Or you can check the website key for correct repopulation after any of this plugins updates to be sure it is correct and did not revert to the auto key.
Additionally our plug-in does not encrypt CC info as gravity forms does not even store it. Did you have some custom programming done to store and encrypt this data?
We use an auto key and no custom programming was done. We can see the encypted data on the other forms but not on the one. We could see the infromation before we updated the plugin.
Please check your key to be sure it matches the one the plug-in was set up with.
Are you referring to credit card data? And is this on the site viewing entries, or in email notifications?
What version did you upgrade from-> to?
How would I know if its the same one? Referring to viewing the data as well as emails. We are using the latest version of the plugin. As stated earlier, we can see the encypted info for other forms, just not the one.
Hello
You would check the current one against the one copied and securely backed up from setup.
If you can see all other forms data it is unlikely that the key is off though, so this is likely not the issue.
You can take the form down publicly while you work though the issue as a suggestion if possible.
If the form having issues uses a different type of field that has changed in gravity forms you may want to try removing encryption from the field or adding a new field to replace it and re adding encryption.
Please answer the following to help us assist.
1. Are you referring to credit card field data?
2. Are you speaking about old data or also the new data from newly submitted entries.
Referring to CC field data This refers to old and new data.
Is the CC field data the only field having an issue?
The CC field is blank when we look at entries for this particular form
Our plugin does not process or change CC fields in any way. They are not a supported field type for our plugin and it does not interact with them. Unless some type of PHP error is happening directly from our plug-in preventing the CC data to be printed there would not be a connection. Are there any errors being reported in the WP or gravity forms logs or onscreen when processing a form submission?
A suggestion to fix any possibly corrupt field would be to try replacing the CC field by deleting it and re adding a new one with the same config. The CC field (stripe and others) changed somewhat recently with gravity forms and could be corrupted on that form from the update of gravity forms or the CC add on plugin update.
As always, making a backup before any changes is recommended
That doesn’t make sense. Are you saying that the CC field has to be a text/number field? It was working fine before the plugin was updated. There have been no errors either.
Hello
We are suggesting replacing the existing CC field by deleting it and replacing it with a new CC field of the exact same type and configuration in its options added to the form in the exact same place as the existing field may be corrupt.
From our plug-in side. The CC field has never been supported or able to add encryption to. It is not an option to encrypt CC fields because gravity forms does not actually store CC data. It interacts with the processors on submission via SSL and then drops the data so there is nothing to encrypt.
Are you using some type of add-on to retain/store the CC data?
To try to help with what I presume you are seeing, The most you should see for CC card data from Gravity Forms is the last 4 digits of the card # and the rest is covered in x’s, ie: XXXXXXX
But again this is not from our plug-in. Gravity forms does this and it does not even have the rest of that data behind the Xs. This is done for PCI compliance and Xs are only there for display to show you are only seeing the last 4 digits. This is documented on Gravity Forms documentation here:
https://docs.gravityforms.com/credit-card-field/Without using an additional plugin to retain the full card data (unnecessary for even recurring payments etc, and strongly never recommended) this is never stored, and either way our plug-in would not ever interact with the card data.
If the above is what you are experiencing. The CC field data the field is not corrupt. This is normal operation.
I cannot say how you could have ever viewed the cc data previously without an additional add-on or plugin to do so, but we can say it is independent of our plug-in.
We are using YOUR plugin to decrypt the information. So certain users can see the information while for the rest its decrypted. Are we even on the same page here?
While the other forms show the decrypted information for the form fields with no issues, this one particular form after the update shows just a blank space. No information period – either decrypted or encrypted.
Hello
To restate.
The credit card field type is not encrypted or able to be encrypted, and our plugin does not directly interact with the CC field type in any way whatsoever.
You have stated that all of the other fields on the form that our plug in does actually interact with are all working correctly, and that you have no reported errors of any kind with our plug-in or otherwise in processing forms. The issue is both in notifications and in viewing entries on the website.
It appears that the you first noticed this issue after an update of our plug-in so the assumption is that it is due to our plug-in. However, most times multiple plugins are updated at a time or some were very recently, and the point of noticing an issue on plugin update is not necessarily the time it started or the plugin it is related to.
There are some easy ways to verify this or at least narrow it down.
1. Is it verified that it was working immediately before update of this plugin alone, and stopped immediately after?
2. Have you tried the general gravity forms solution we recommended of simply replacing the CC field with an identical field? Without implementing any suggested solutions, we cannot resolve any issue.
3. Have you tried updating if available gravity forms, your CC processing add-on, and WP to be sure you are running the latest versions with all fixes etc.?
4. Have you tried just rolling back our plugin version and testing again, or perhaps temporarily disabling our plugin and testing? If it is directly caused by our plugin, even without any error being listed , this should resolve the issue to just revert to the previous version and can be verified after updating again.
I was able to see the encrypted data and now it remains encrypted even on my login with any changes to our settings. I need help seeing the data.
Hello
Hello, did you recently migrate the site or update the plugin? Please check your encryption website key. This is almost always due to using a custom website key and not checking it after an update to be sure it did not revert to the auto key from update where it did not correctly repopulate or after migrating the site. Or if you migrated the site the auto key would change based on the new WP installation. Replace it with the correct key you originally used to encrypt the data.
We strongly advise against ever using a custom website key over the auto key for this reason as warned against doing during setup unless you have to from a site migration. We would advise to manually decrypt any data under it and re encrypt under the auto key. Or you can check the website key for correct repopulation after any of this plugins updates to be sure it is correct and did not revert to the auto key.
The use of Decrypted Merge Tags (ALL:ALL+, ALL:ALL, ALL:ANY, ALL:ALL+:U, ALL:ALL:U, ALL:ANY:U, ALL:ANY:X, ALL:ALL+, ALL:ALL, ALL:ANY, ALL:ALL+:U, ALL:ALL:U, ALL:ANY:U, ALL:ANY:X) does not unlock data in notifications when using {all_fields}.
Need directions to unlock all forms, all fields and decrypt all form entries to remove restrictions.
Hello
This is because {all_fields} is not a decrypted merge tag. It is a standard GF. Merge tag. Please read the full instructions and use the decrypted merge tags you presumably unlocked to get decrypted results.
These are selectable directly in the merge tag drop down lists in your notifications/confirmations after unlocking them.
Most users prefer the {gfef_decrypt_ALL} tag as a replacement for the standard {all_fields} tag.
There are extensive and complete instructions for using the tags including examples and video tutorials directly in the instructions for the decrypted merge tag options. Please click the “click here for instructions” button there to expand them.
