PluginOwl

PluginOwl supports this item

Supported

This author's response time can be up to 5 business days.

35 comments found.

Can you Gravity forms plugin send results of user input to an email address encrypted?

Gravity Forms Encrypted Fields

Rob

Short answer , YES. There is a developers tool to send out the existing encrypted version of field data, or generate an encrypted version of field data through a custom merge tag. So even if the field data is not encrypted in the database it can still be sent out encrypted in the confirmation result or notification emails. (..It can also send out encrypted data as unencrypted and readable in notification e-mails)

However .. long answer. This is a DEVELOPERS TOOL, and we do not support or assist in however one is going to handle that data on the receiving end. A developer can dissect this plugin and fairly easily ascertain the proper way to decrypt the field data for a given installation using the unique private keys for that installation but we do not officially provide any support or documentation for that or other custom development based on this plugins encryption.

The client needs to show the site to an insurance provider and prove the forms are encrypted. how can an outsider see that the forms are encrypted? in case you need it, my purchase code is 09f4ef2d-2ad6-48be-9886-e58acf163183

aha!....i’m an idiot. lol thanks.

No worries. Glad to point you in the right direction!

We wanted to follow up and notify you that ver 3.2 which was just released has the option to enter “Encryption Verification Mode” now. Which when turned on reveals raw database values directly in the entries views without having to disable the plugin or access the database so you can see the encrypted strings directly there within the backend :). Hopefully this is useful to you. Please refer to the options instructions before any use.

  • Added Encryption Verification Mode Option to encryption test section of setting page to reveal raw encrypted data on entries pages for verification of encryption.

I’m trying to upgrade to the latest version from v 2.0. What is the decrypt tool? I know I need to decrypt everything, and I have copied by webkey, and have all p/w’s. Not sure where to go from here. Thanks in advance, Bryan

Hello Bryan,

The decrypt tool was added in the version immediately following 2.0. For now you should reinstall 2.0 if you haven’t already.

Please send us an email here

https://codecanyon.net/user/pluginowl

so we can send you an intermediate version to upgrade to that has the decrypt tool. Using the intermediate version you can decrypt your form entries per instructions in the 3.1 readme file for upgrading, and then you can upgrade to 3.1. Please follow all instructions in the readme file to upgrade to the intermediate version, and also from that to 3.1

I am looking at building a form that will collect CreditCard information for a reservation system. Currently, I am using a custom built HTML/JS form that sends an email with the CC info PGP/GPG encrypted which is then decrypted by the company that receives the reservation email.

Can your plugin provide the same level of public/private key encryption so that I can transmit CC information securely by email and have be able to be decrypted by the receiver?

Well, technically speaking this plugin isn’t designed or purposed to be used for encryption of data transmission but rather its purpose is mainly to protect data at rest. That said the type of encryption is different but is for all intensive purposes equal or ahead in terms of data protection when used properly.

..While this plugin can send data encrypted in emails, it does not encrypt the e-mail itself, and for your specific case you are speaking of collecting and transmitting data that needs to be PCI compliant (without the use of Gravity Forms own card processor gateways like Stripe, PayPal), and should consult the PCI Regulations and other authorities on what would be required of you in this scenario.

Hi,

I had the plugin working on a testsite. Now i have installed the plugin on the livesite. The entry on the email field is not encrypted in the table prefix_postmeta in de database.

Please advice…

Kind regards,

Wouter

Assuming all of the system and encryption test is good to go, please be sure that you have turned encryption on for the e-mail field in the form editor on that fields advanced tab.

Also note that previously existing field data is not encrypted by turning encryption on for a field. It will be hidden as restricted but is not actually encrypted since encryption takes place on entry submission and/or update. You must use the encrypt/decrypt form tool to specify the form and if you are just retro encrypting only certain fields .. the fields to encrypt and run encryption on all past entries for the form.

Please upgrade to the latest 3.1 version if you are not running it already as it has usability improvements to the form encryption tool if you need to use it, and read instructions for the tool before use.

Does this work with gravity view? so that only admins can see encrypted info?

..Well, unfortunately we can’t give a complete compatibility check and green light for gravity view, but we CAN say that users have reported it working just fine with their respective versions and usage of that plugin at this time.

Assuming basic compatibility , setting up an admin only view would be done through that plugin , and additionally you could/should narrow decrypted view permissions to the admin role or users only through our Gravity Forms Encrypted Fields plugin.

Hi,

The plugin is encrypting great, but the general search is not working. When you click on entries in Gravity Forms, there is a search field in the top right and it is not working. Is it searching on the encrypted values? Any idea?

Thanks for the quick reply. I tried entering a list of comma separated usernames (user1,user2,user3) but it didn’t work. Is there something I am missing? Do I need to put the role in there also?

The user name is all that’s needed. No spaces around commas. Please also note the directions on the usage of it ..specifically concerning not being able to search for partial values. That’s just not currently possible due to encryption. It’s recommended to just search for an entry based on a field with a simple input where you can search its exact value like a first name or email ( capitalization variants are looked for as well) ..make sure you save changes.

That worked, thanks.

Would it be ok to use an import entries plugin with the GF Encrypted Fields plugin? Here is the link to the plugin I am looking to use to import old entries https://gravityview.co/extensions/gravity-forms-entry-importer/

This is not something we’ve tested but others report using gravity view just fine. You would have to use the encryption tool to encrypt any old entries that do not have encryption if you want them to be encrypted.

swill01

swill01 Purchased

I am having an issue. I’m trying to run a decrypt on my fields to upgrade, but it’s not decrypting them.

Hmm, I’m assuming youve saved the settings on the options page already? Even if you haven’t changed anything you need to save them to generate the key. If you’ve done that and it’s still not working It’s likely something to do with your write permissions to your server directory, but for a quick fix .. assuming you have the old copy of the plugin on the dev server still, and you can just copy the “includes” folder from there and overwrite the one on your live server with it. ..this folder should not be replaced on update to save the website key.

swill01

swill01 Purchased

O.k. So that’s the issue. So the plugin needs to be able to write to the includes folder then?

Correct. If you’ve added any restrictive htaccess rules or other security based server changes they could be interfering with the auto generation. But once it’s hereafter it’s good to go as long as you don’t replace the folder.

cfu3i29

cfu3i29 Purchased

Is there any chance you will make the plugin compatible with the function “review before submission” where people can review their entries before the form is submitted? I have tried various settings but none seem to work. The fields are (correctly) encrypted as soon as the button is clicked to advance to the next page of a multi-page form, on the review page the entries are therefore not visible.

There are no current plans to change when the encryption takes place. If you create a standard multi page form without the use of the “review before submission” plugin and encrypt fields on it you’ll see you can flip between pages and the data remains unencrypted until actual submission. We have not looked into the functionality of the plugin you are using but It seems that it may be altering the normal core functionality of how a multi page form normally works if the data is actually already being encrypted on page changes.

..Just as a hopefully helpfull note, there may be some ways to encourage data review without using that particular plugin. One of the things we have done in the past is to just use conditional logic to hide the submit/next page button until a user clicks a checkbox stating that they have reviewed the information entered for accuracy. This can be done per page.

cfu3i29

cfu3i29 Purchased

Many thanks. Yes, it does indeed appear that the code we use for this is not playing nicely with the encryption at all. We already do what you suggested (ask for a tick in a box) and this works fine too.

wbgadmin

wbgadmin Purchased

I turned on ENCRYPTION VERIFICATION MODE but the data in the entries screen is decrypted. I was expecting the data to show encrypted after turning on verification mode. Was I incorrect in my assumption?

Well, from your description of things I am guessing that you have the plugin configured properly, but you have not yet turned encryption on for any of the forms individual fields in the form editor yet. Encryption / Hiding needs to be turned on per individual field in the fields advanced tab. That is also where you would set individual or role based view permissions for the single field.

You can hover over the help icons by the field settings in the fields advanced tab to get more info on any of the settings in there.

wbgadmin

wbgadmin Purchased

My mistake. I didn’t realize I needed to turn on the encryption, field by field, in the advance tab. All is working as expected. Thanks much for responding!

Glad to be of assistance and thank you for the purchase.

Yes, it is a good idea to only turn encryption on for the fields that actually need to be encrypted. You can alternatively turn on “Hide Field Value” for any fields which do no really need to be encrypted, but would be good to be hidden from any other prying admin eyes.

Happy encrypting :)

Hi, I’ve installed the plugin as required but when I save the settings I get no website key. Also when I add a custom key of my own it doesn’t save it. What am I doing wrong? Thanks for any help.

Awesome, thanks. I have everything set and encryption is turned on. I created a new form and set the fields to encrypt in the advanced tab. However when I filled out the form then viewed the entry in the CMS, the entry in not encrypted.

Hmm, I’m actually assuming it is likely working properly.

It sounds like you are seeing the data as normal simply because you have the viewing permissions to do so. If no particular users or roles were entered into the user view permissions for the fields and the settings page user lockout list isn’t on lockdown mode then by default ALL admin form entry viewing users will have viewing permissions and will see the data as decrypted in all entry and export interfaces. Once any user or role has been entered, the viewing permission is restricted to only the entered users/roles, and any restricted users would see the encrypted or hidden “restricted display” which is whatever you’ve set that to be or nothing.

However, If you’d like to just check and see if its encrypted regardless of your currently configured user/role viewing permissions you can turn on encryption verification mode from the system check portion of the settings page and then check the entries again from any user login. It is very important to follow all instructions for that option while using.

Yep, working. Thanks!

I’m considering this plugin for my team and have some questions. Can you explain how search behavior is provided? Is data encrypted using a static, unsalted key? Where is the key stored if it’s not stored in the database? Last, would it be possible to review the code before purchasing, so I can be comfortable that the encryption logic is up to date with latest info sec guidelines?

Last, we’re running an old version of PHP (5.3). I understand this isn’t supported, but can you comment on whether or not you would expect it to work?

We have never tried it to see what if any functionality would be retained, but compatibility was built looking forward to 7+.

Without thoroughly reviewing the plugin’s functions I can say that there are definitely some core functions which are PHP 4+.

I imagine some old plugins are keeping you at 5.3? Otherwise of course if you are able to upgrade, 5.4 would be relatively safe to run it on at this point in time ..although unsupported due to forward looking additions, changes and improvements.

Terrific, thanks again. We’re looking into upgrading and just wanted to get as much info as possible.

No problem. using 5.6+ would of course be preferable for many other reasons than this plugin alone :)

arincon05

arincon05 Purchased

Hello, is it possible to mask the form entries as a lead is filling out the encrypted form? I thought it was possible to have each character turn into a star as in *** when they are entering in their information into a form?

I believe it is available on a single line text field.

What type of field are you adding?

arincon05

arincon05 Purchased

perfect. that was the problem. I was adding fields for date of birth. but I just changed it to a single line text field and added a placeholder. thanks!

Excellent.

You can use an input mask from the general options tab as well to restrict input to a date format but the input hiding operates oddly with a mask in place so i do not necessarily recommend it.

Hi, we passed every test on the plugin’s system check, but get the following two errors: 1. “Notice: Undefined variable: creatinguser in C:\inetpub\wwwroot\wordpress\wp-content\plugins\gravity-forms-encrypted-fields\gravity-forms-encrypted-fields.php on line 173” 2. in the fields set up view: “Notice: Undefined offset: 2.”

Message sent! Thank you.

You should have ver 3.4 in your inbox. Please let us know if this resolves the issue.

Update:

We just completed a successful test environment run of the following system environment with no reported errors on any operations. The WordPress version difference should not factor. It seems there was just a small code error that needed correction. Thank you again for reporting it so we could resolve it quickly. Version 3.4 will be available for general download within a few business days after it is approved by Envato staff for release.

PHP version – 7.0.14
Wordpress version – 4.7.3
Gravity Forms plugin version – 2.1.3
Gravity forms Encrypted Fields version – 3.4

Hopefully the issue have been resolved for you as well but of course let us know if it oddly persists. :)

Happy encrypting!

by
by
by
by
by
by