252 comments found.
I bought a second license for my second website. I don’t know where to enter the license information. I de registered from the first license, but can’t find where to enter the new one.
Hello,
The license/purchase code is entered when you first attempt to visit the settings page for the plugin if it is not already currently active. You can see what license /purchase code is currently active and/or deactivate a license by clicking on the “licensing information” button at the top of the settings page.
Hope this helps 
Hi, we bought 2 licenses of this. We are having issues in the notification email using {gfef_decrypt_ALL+} shortcode. We have ALL:ALL+ in the decrpyted merge tags settings.
All other fields are showing correctly in the email notifications, however the “TIME” field which has no encryption is not showing in the email.
I’ve tried to use the {all_fields} and all fields are showing.
Any thoughts?
Thanks
Hello,
What type of field is the “time” field?
Hi there,
Its the gravity form standard “time” field where you can select the time
Ok, we can look to add support for it within our ALL type tags in an update.
It should be affable via a single standard GF merge tag for the field at the moment.
Alright!
So you mean time field is not yet supported bt gf encrypted fields merge tags?
If so, what i am thinking is to turn off the merge tag restricted display filter (check merge tag filter bypass) and just use {all fields} tag
This wont affect the encryption in the database right?
Thanks
Possibly if that works for your current setup but although you are correct in that it does not affect the DB encryption, generally for most setups turning the filter off is not the answer.
The filter just covers ALL encrypted data with the restricted display regardless of if the user generating the merge tag content has access or not. This prevents an admin with access from say .. resending a notification with unencrypted data to a an email address that would normally not have access in thier notification if they generated the notification themselves.
However most users of forms have no access themselves since they are not logged in or simply do not have permissions even if they are logged in. So if they fill out a form and gereate a notification, the normal all_fields tag will still restrict the data they do not have permissions to.
Our ALL type tags (aside from the USER tags) are essentially a way to bypass these permissions checks and give a constant decrypted output for where they are used.
The easiest way to incorporate any single field is to just use its own single field merge tag. IE: {time:4}
The standard.. and our All tags just print individual tags in order within a styled table. It would of course be a bit cumbersome to set up for a larger form, but you can also actually copy the full standard all_fields table html into the notification/confirmation, add any needed rows, and just insert individual decrypted merge tags to print in the field data spots if any currently unsupported field has to be in order within that same table structure. Again ..not ideal on larger forms, but pretty simple to incorporate and also allows for easily styling the table output differently per field for a prettier custom output.
UPDATE:
The plugin now both supports printing out standard “time” fields in the decrypted merge tags, and also fully supports the encryption of the “time” field.
hope this helps
- Added support for ‘Time’ fields.
- Added the ability to include individual HTML field label and content in “ALL” type decrypted tags with the “GFEF Merge Tag Include” option in the HTML field’s advanced tab in the Form Editor.
- Added the ability to delete signatures on submission and send as attachments to specified notifications with the ” Delete Signatures After Submission” option.
- Fixed issue with merge tag drop down if unlock list ended with a comma.
- Tested on WordPress 5.0.3
Thank you for this! We already updated the plugin and the time field is indeed fully supported now.
However we are having a problem, the encrypted form entries are not showing after the update.
Re-enter the original custom website key that was originally used.
Earlier plugin versions did not attempt to auto restore a custom website key when used and required that it be re-entered immediately after update/reinstallation.
New versions attempt to preserve it but still require double checking it for accuracy after update/reinstallation.
The auto key does not need to be checked. Unless the site has been cloned/migrated. It is then a custom key on a different install.
Hi, Thanks for your quick response, Yes web key is working. We manually placed it in salt
Hi, I am helping customers set up your plugin on a couple of sites and would like to recommend to use on another but did you ever get confirmation if it was working with GravityFlow as we are looking at it for process management. Thanks
We have not yet looked into the possible scenarios with Gravity Flow, but on the surface there is no inherent reason they shouldn’t play nice. Some users seem to be up and functioning with it and others not, so it could just be configuration. The decrypted merge tags would need to be able to be used to send emails to if sending to an email address field on the form which is encrypted, this is the same as sending to an encrypted email for notifications etc. When we are able (working on feature additions and updates for plugins right now) we will look into the interplay between the two. The most common reason for some functionality not working is that users are not using decrypted merge tags for data that is needed for something to function, and instead trying to function using either the standard merge tag (which just prints in the restricted display) or the encrypted string data. for example.. you cant send an email address to an encrypted string or check if a user name is active based off a restricted display of “Encrypted Data” , you need to print in the actual decrypted data using the proper decrypted merge tag for it to work. There could be something beyond this entirely but we have yet to check into it ,and will when we can.
Hi I messed up! I don’t have Gravity Forms, I have Form Craft.
Any chance of a refund? This plugin is useless to me 
Hello,
..Although we would shamelessly recommend you make the switch to Gravity Forms , Authors cannot directly issue refunds. You can request a refund through Envato. When the refund is approved the plugin license will become invalid so it is best to deactivate and uninstall it first.
Hope this helps
You report that Gravity Forms Encrypted Fields requires “PHP 5.6+”, which is my current version. I am upgrading to PHP 7.2. However, the plugin PHP Compatibility Checker reports that there are 21 errors with your plugin. Please let me know if these errors will disable your plugin. Here is the list: FOUND 21 ERRORS AFFECTING 9 LINES 205 | ERROR | The constant “MCRYPT_RIJNDAEL_128” is deprecated since PHP 7.1 and removed since PHP 7.2 206 | ERROR | Function mcrypt_get_iv_size() is deprecated since PHP 7.1 and removed since PHP 7.2; Use OpenSSL instead 206 | ERROR | Extension ‘mcrypt’ is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or pecl/mcrypt once available instead 206 | ERROR | The constant “MCRYPT_MODE_CBC” is deprecated since PHP 7.1 and removed since PHP 7.2 208 | ERROR | Function mcrypt_create_iv() is deprecated since PHP 7.1 and removed since PHP 7.2; Use random_bytes() or OpenSSL instead 208 | ERROR | Extension ‘mcrypt’ is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or pecl/mcrypt once available instead 208 | ERROR | The constant “MCRYPT_RAND” is deprecated since PHP 7.1 and removed since PHP 7.2 209 | ERROR | Function mcrypt_encrypt() is deprecated since PHP 7.1 and removed since PHP 7.2; Use OpenSSL instead 209 | ERROR | Extension ‘mcrypt’ is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or pecl/mcrypt once available instead 209 | ERROR | The constant “MCRYPT_MODE_CBC” is deprecated since PHP 7.1 and removed since PHP 7.2 236 | ERROR | The constant “MCRYPT_RIJNDAEL_128” is deprecated since PHP 7.1 and removed since PHP 7.2 237 | ERROR | Function mcrypt_get_iv_size() is deprecated since PHP 7.1 and removed since PHP 7.2; Use OpenSSL instead 237 | ERROR | Extension ‘mcrypt’ is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or pecl/mcrypt once available instead 237 | ERROR | The constant “MCRYPT_MODE_CBC” is deprecated since PHP 7.1 and removed since PHP 7.2 241 | ERROR | Function mcrypt_decrypt() is deprecated since PHP 7.1 and removed since PHP 7.2; Use OpenSSL instead 241 | ERROR | Extension ‘mcrypt’ is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or pecl/mcrypt once available instead 241 | ERROR | The constant “MCRYPT_MODE_CBC” is deprecated since PHP 7.1 and removed since PHP 7.2 1799 | ERROR | The constant “MCRYPT_RIJNDAEL_128” is deprecated since PHP 7.1 and removed since PHP 7.2 1800 | ERROR | Function mcrypt_get_iv_size() is deprecated since PHP 7.1 and removed since PHP 7.2; Use OpenSSL instead 1800 | ERROR | Extension ‘mcrypt’ is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or pecl/mcrypt once available instead 1800 | ERROR | The constant “MCRYPT_MODE_CBC” is deprecated since PHP 7.1 and removed since PHP 7.2
Hello,
I have copied in a response to a previous identical inquiry below.
We are going to add this to the FAQ as well.
—
The plugin Is fully compatible with php 7.2.
The plugin provides 2 encryption types to choose from and already states that mcrypt is depricated as of php 7.1 (can still be used as optional library install) and that Open SSL is required to be used for php 7.1+
Our plugin also states that open SSL is strongly recommended when choosing an encryption type regardless of php version.
You will notice on reading the errors you’ve listed that they are all pertaining to the use of mcrypt should you try to use it in php 7.1+ (Without having it optionally installed) and then specify to use Open SSL instead. We do not plan on removing the mcrypt option as it is still a viable option for installs not intended to run on <php 7.1 and none of the functions listed are used/called if Open SSL is selected so there are no actual functional errors in reality.
It is important to be aware that many plugins have older functions available for backwards compatibility and other cases that may not be useable in newer php versions but will or can Be used with older.
Hope this helps
Hello,
I understand this plugin is not Multisite tested, but when activated on a per site basis for a multisite network:
Does this plugin support one license for sites on a multisite network? If one license will not work for sites on the multisite, is there a license that does cover multiple site uses on a single network?
AS
Hello,
You are correct as far as the licensing is concerned. There is no multisite licensing available. Envato offers only licensing for single sites/products. This is regardless of if the sites can be centrally controlled through a multi-site interface. By definition, “Multi-Site” is multiple end sites (each site in Multi-site is capable of being quite unique) and each will require it’s own unique license. However, concerning this and users running multisite for truly identical sites, ..there is no real use for the multi-site environment if the sites are in fact identical, and we encourage users to either just funnel the forms through a single individual site, or better yet to point the existing used domains to a single individual website.
Hope this helps
Hi! I am trying to secure file uploads to my website using your plugin with Gravity Forms. I’ve installed and setup the Dropbox Add-On. I tested that the uploads are going to Dropbox and they did so successfully. Then, I turned on the Delete Only File Uploads After Submission function of your plugin and tested again. This time, the uploads did not go to Dropbox. However, they were not in the entry details. Can you please assist with this ASAP? Thank you.
Hello,
Are you by any chance registering a user on the same form?
No user is being registered. We are simply using the data to evaluate and determine scholarship eligibility.
And the upload is through a Dropbox feed correct?
Yes, it is.
Are you testing with the same files?
Yes.
What is the file size?
233KB and 209KB
For attempting to troubleshoot this can you try using a small file of 10k or less?
Ok , let us know the results.
I used files that were 333B and 737B. Nothing in Dropbox and the file uploads were empty in the entry.
For attempting to troubleshoot this can you try using a small file of 10k or less?
I did. 333 bytes are only 0.333 kilobytes. So, both the files I used were less than 1KB.
Ok thanks, I didn’t notice the missing k. We can take a look at this to see what might be occurring. The feeds are processed before the file is deleted so unless the file is deleted mid transfer or the deleting of it triggers the feed to also delete it, it should be passed on to the separate system and then deleted locally.
We will likely speak with GF on this issue.
We should however note that the recommended way of sending files securely is by attaching them to notification emails using our plugin and then using a secure email via smtp for notifications and deleting the files after submission using our plugin. You could automate this for long term storage to something like google drive or Dropbox via Zapier or similar if desired.
I don’t know of a way to send secure emails from our web server.
You can configure your WP site to send all e-mail through other services instead of using the standard WP mail functionality through plugins such WP Mail SMTP or WP PGP.
Switching from the standard WP mail allows you to use security like SSL, TLS, or other encryption. From there it is only dependent on the e-mail’s send chain on where it going. If you are sending it using say TLS from your email server to another address on your server, your chain is secure. Or using more explicit PGP or similar is an option.
I checked with the website host and they said they don’t allow us to send through mail servers other than theirs, so I don’t believe that solution will work. Please let me know when you anticipate an update on this issue. Thank you.
Using the described method you could send through your hosts email, or any other email service as it uses SMTP. For example, you could use Gmail or any other mail provider and account that allows SMTP with TLS/SSL.
SMTP allows you to connect to other mail accounts securely and remotely so it is not at all tied to your web host or thier provided mail accounts/servers although you could likely use thiers as well as long as they provide SMTP with TLS/SSL. It just comes down to what address you want to send from and recieve at when you consider the emails chain.
Update:
As far as deleting the local copy if you are going to use the Dropbox add-on, you can just set the Dropbox add on to delete the local copy after it has uploaded to Dropbox. You don’t need to use our plugins deleting of files option for that specific form if the files are going to dropbox and you set it to delete the local copy.
If you are e-mailing a copy of the file as described above, you can set our plugin to delete the files after the secure emails are sent.
Hope this helps
Hi, I use gravity pdf with the encrypt plugin but cannot populate the pdf with a calculated field result – it always shows “0” (zero) in the pdf. The calculation on the form itself works, and the data (data source and calculated result) is stored as an entry correctly. Also the source fields are ok in the pdf. It just doesn’t populate the pdf with a calculated field result when encrypted values are a part of the calculation. I’ve tried a variety of field settings and encrypted/decrypted merge tags but only non-encrypted source fields for the calculation work, and this is the data I need encrypted. Any ideas?
Hello,
Are you using the decrypted merge tags in the pdf template?
No, I’m using one of the default templates from gravity pdf – Core Focus Gravity. Off the shelf, you get all the pagination, conditional logic, headers/footers, blank field handling, exclude css etc. which I’d have to rewrite with merge tags. It works ok with all fields that are encrypted, with the exception of calculated results. thx
Is it possible to copy the calculated field value to a simple text field which is not calculated? Newest versions of Gravity Forms allow using the merge tag for a field to pre-pop/default values on other fields. This could potentially store your calculated value as a simple input which is no longer being calculated.
I think I’ve made a mistake in my original comment. I don’t think calculations work at all. An encrypted source field is always ignored. It doesn’t matter if you use the standard merge tag or the {gfef_decrypt_n} tag. The data isn’t stored in the calculated field as an entry. Please could you do a test and see if you get the same result? Thanks.
Hello,
Yes we get the same results. The calculations do not currently allow for using encrypted source data. However, you CAN save the final calculated field data encrypted. If the source field data is also sensitive you can choose to have the source field data deleted on submission. If it must be saved, you can always auto copy it to another hidden field and save that field encrypted. Our auto formatter plugin has automatic field copying (as well as user input “click to copy”) options. If choosing a route like this you would have to update the source fields and the encrypted copy on an edit if necessary, and the unencrypted calculation sources would be deleted after update again.
Hope this helps
Ok thanks. A native option for encrypted source fields of calculations would be nice. Please add it to the list
Hi I’m interested to buy your pluggin. I ve got some question: 1 – does it work with gravity pdf? 2 – do the mails send by GF are encrypted too? 3 – If yes, How to desencrypt them? 4 – Does the SQL is encrypted? 5 – Does the pluggin encrypt the file uploaded?
Tkx
Hello
1. Yes. Gravity PDF has custom templates and we provide a basic template for a decrypted PDF. beyond that you can create your own template or modify and existing one to suit. Our plugins decrypted merge tags must be used within the template or if programming the template the developer helper functions can be used to decrypt field data.
2. You can send your WP email by SMTP using SSL /TLS if you choose to send though encrypted mail platforms like gmail etc. plugins like wp mail SMTP or PGP mail can set this up .
3. Gmail is auto decrypted on the receiving end as most email providers do . PGP mail requires the public key.
4. ? I’m not exactly sure what you mean here. The individual field data for fields with encryption on is encrypted in the database.
Hope this helps
Thank you, could you tell me more about the uploaded files? Are they encrypted too? 1 – could you give me an example? If i export a pdf, the filed are encrypted like * and how to desencrypt them? 3 – what is PGP? How to install what you talk about? 4 – if a hacker download the SQL is it possible for him to read the content?
1. Files are not encrypted by our plugin currently. Gravity forms offers the Dropbox add on which transfers uploaded files to Dropbox and can delete the local server files . This results in encrypted storage for the files on Dropbox platform. You can then share the files as you wish. You can also simply attach the files to the gravity forms notification emails of choice and then have our plugin delete the files after submission.
2. Search “WP Mail SMTP” and “WP PGP mail”
3. No. The field data is encrypted in the database.
Hi!
How use the standard Gravity Forms modifier :label with at encrypted field?
example: {name:3:label}
Best
Hello
The encrypted fields do not support the modifiers. However, you can just use the actual text for the label of field 3 wherever you are trying to print the label from a merge tag.
We may be able to let the standard tags with certain modifiers pass through in an update. It will have to be looked at as a possibility.
Ok thanks. It would be an interesting improvement for a future update. Use actual label text isn’t a solution when use a conditional logic and is necessary hide label and content from an unused field.
I see.
The content should be empty and print nothing if the field is unused, but the label will still print regardless. This would be true if using the modified merge tag as well, but to help us understand the use case, how are you using conditional logic to show or not show something, and what is the merge tag being used in?
Is conditional logic in the form to hide or show the field? If so I believe the label would still print from the merge tag even if the field is hidden / unused on the form. Unless you can also use conditional logic to insert the merge tag or not in its place based on your use case. This is what we are wondering.
Sorry to continue editing, but in considering the scenario above, if your use case is similar.
I’m not immediately aware of a way to use conditional logic within a specific confirmation/notification, but our solution has been to create 2 and use the suitable one based on conditional logic. So if field 3 has value then use the one with label and value for field 3 .(we just type label name in) and if field 3 has no value .. then use the one that doesn’t include field 3 or label name.
They are basically cloned and just include/exclude field 3 information.
Is this what you are looking to do?
I have applied my purchase license, I have enabled the encryption on a field, but when I look in the database, the data is not encrypted. I can still see the same data I input on the form. Am I missing something here?
Hello.
Have you followed the complete set up instructions at the top of the Settings page? Complete written instructions as well as an instructional video for setup are there. Once you have followed the complete setup instructions and Gone over the system check, if you are still experiencing that the data is not encrypted please let us know.
Hope this helps!
Hi,
Is this plugin compatible with standard GF payment solutions? It seems there is an issue with a Hungarian payment system (called Simple Pay), and I suspect maybe it is caused by encryption.
When encryption for some fields (like names) are turned on, form is not redirecting the user to the payment page – even if “Process Feeds/Add-Ons before encrypting” option is turned on.
Hello,
Yes. You can use the plugin with standard gravity forms payment processors. However, you should not attempt to encrypt any fields used in Card processing information as GF does not store it anyway. We are unfamiliar with your particular Hungarian processors operations.
When using the “process before encrypting” option, the data is not encrypted until after ALL feeds and add one such as payment processing is completed. However, if you are passing other data to the processor via merge tags you must use the plugins decrypted tags.
Hope this helps
