PluginOwl

PluginOwl supports this item

Supported

This author's response time can be up to 5 business days.

16 comments found.

simon88

simon88 Purchased

Nice Idea! Great work! Wish You good luck with Sales!

One pre Sale question:

My scenario: I collect User Information using Gravity forms. These Information are Saved In the User Meta table. The User is able to change These Information with another gravity Form.

Is there a Setting in your Plugin so only the (logged in) owner of the Data can see it and modify it? (I.e. User enters Sensitive Data during signup which is encrypted using your Plugin. If necessary the User can update this Data and Access it. Also the encrypted Data can be Used in other Plugins )

Is this possible?

Thank You very much!

simon88

simon88 Purchased

And bought it! :-) Have a great day!

Thanks for the purchase!

Just working to be sure the new features of 2.0 are working as intended and checking for errors or bugs, and it will likely be submitted today for updating the current version 1.7.1 to the new 2.0 so be sure to grab it (follow update instructions in 2.0 readme.txt file) and if you feel like it, let me know what you find for your installations purposes. One thing about the plugin in ver. 2.0 is it doesn’t yet add additional gravity forms capabilities, so in any version if another user has access to edit others submissions they still can, but they wont know what they are replacing if they edit a hidden or encrypted field. This was important in initial build to allow for admin users who can’t access field data as readable to be able to update it still with new data if needed, but we’re looking into the possibility of adding a capability to allow for ‘edit own submissions’ while not being able to edit others. But, in all honesty it is secondary to the main plugin features being worked on.

You can check the front page for current and upcoming version info at bottom of description.

..new version ready to go, but upload service is down :( will try again tommorow.

very nice work, good job! all the best for your sales ;)

Thank you Eric. We are working hard to build on the product and look forward to creating more!

Hi,

First, I love the plugin. Great job. Encrypting only specific fields is a huge advantage.

I do have two compatibility questions:

(1) Is your plugin not compatible with Gravity Forms User Registration? It appears that when an email field is encrypted, the GF User Registration plugin no longer validates whether that email address is already in use upon user registration (I am able to register two accounts with the same email address). Also, it appears that when the “username” field (a single line text field) is encrypted, it throws an error that only alphanumeric characters may be used – even when only alphanumeric characters are used (I believe it is validating the encrypted value, which inevitably contains special characters). To be sure, when encryption is disabled these issues do not arise.

(2) I am using a gform_save_field_value filter to capitalize the first letter of each word in ‘address’ and ‘name’ type fields (e.g. “if ($field->get_input_type() == ‘name’) { $value = ucwords(strtolower( $value )); }”). However, when encryption is activated, the name and address fields are not decrypted properly and further fail to appear in the return of the {all_fields} merge tag. Should I not use this filter when encryption is activated? Is there another way to change the values of these fields prior to encryption?

Thank you again for your plugin, and your help and support is much appreciated.

Will

ver 2.3 just came out. Change your function priority back to 10 and replace the files (do NOT replace the “includes” folder or you’ll have to regenerate your website key or re-enter your custom/old one) in your current version plugin folder. This version sets the encryption with a ridiculously high priority number to make it run last after anything else that hooks into the same hook.

We have no reason to suspect it wont work then unless something else is up with how your initially adding the hook. yours should get processed first, then the encryption after everything else.

Well although its not part of our plugin, we’d like you to be happy so we finally got some time to test and debug why your results are the way they are ,and were still not sure. For some unknown reason the function errors when using the hook name to specify the form ID, but you can just pull that in the hooked function anyway so this function does that, so we did write this alternative function that works fine and should run for you great. just replace yours with this. BTW you should probably prefix your function’uppercase_text’ with some random thing that someone else wont use :) add_filter('gform_save_field_value', 'uppercase_text', 10, 4); function uppercase_text($value, $lead, $field, $form) { $form_id = $form['id']; if ($form_id == '22') { if ( $field->type == 'name' ) { $value = ucwords(strtolower( $value )); } if ( $field->type == 'address' ) { $value = ucwords(strtolower( $value )); } return($value); } }

hope this helps

Perfect, thank you! for anyone else trying to do something similar, i think another way to get the same result with an action rather than a filter would be like this:

add_action( 'gform_pre_submission_20', 'pre_submission_handler' ); function pre_submission_handler( $form ) { $ltcapfirstname = ucwords(strtolower(rgpost( 'input_8_3' ))); if (!empty($ltcapfirstname)) { $_POST['input_8_3'] = $ltcapfirstname; } }

the filter you posted is working great as well.

Nice Plugin ! all the best.

Thank you!

Great work! :-)

Thank you!

Can you confirm this plugin works with on php7?

Sorry, miscommunication on our end.

The intentions are still unclear after looking through the site setup.

But hopefully we can boil this down.

If you are adding these encrypted fields to the users actual profile through the user registration add on where you as an admin could go look at their profile and you would see scrambled encrypted data , then no it will not work.

If you are creating a user with some fields on the form and just storing other fields in a gravity forms entry encrypted and will use gravity forms to pull from that entry to display for the user then yes, it should work. But you can’t use user owned fields because the user doesn’t exist until after the entry is submitted, so the fields would just be standard encrypted.

In short there’s no way to retrieve actual Wordpress user data if it’s encrypted through gravity forms. The user registration add on doesn’t work like that. But you Can store gravity forms entries associated with an already created user and display encrypted data for just that user if you have a way of pulling entry data for that user through gravity forms to the front end.

It would be clearer if we just scrapped the user registration add on from the conversation, you can’t encrypt any fields used for the users profile and get the data back unencrypted through gravity forms. But If you had users fill out a secondary form to store an entry with their data you could then programmatically pull entries for just that user and show it back to them unencrypted on the front end. This functionality to pull entries for a specific user and display in front end is not built into this plugin, but other plugins such as gravity view may be able to and should function to decrypt the data if using gravity forms API to pull the entry data. you would also need that plugin to let them update their own entries. I believe gravity view can do this as well.

Hope this helps .

If you are adding these encrypted fields to the users actual profile through the user registration add on where you as an admin could go look at their profile and you would see scrambled encrypted data , then no it will not work.

No the admin would need to be able to read the data that was entered by the user into their WP profile’s custom fields.

If you are creating a user with some fields on the form and just storing other fields in a gravity forms entry encrypted and will use gravity forms to pull from that entry to display for the user then yes, it should work. But you can’t use user owned fields because the user doesn’t exist until after the entry is submitted, so the fields would just be standard encrypted.

I’m sorry. I didn’t follow your meaning here.

In short there’s no way to retrieve actual Wordpress user data if it’s encrypted through gravity forms. The user registration add on doesn’t work like that.

So no way to display it on the front end unencrypted to the user, and no way to display it on the back end to the admin?

But you Can store gravity forms entries associated with an already created user and display encrypted data for just that user if you have a way of pulling entry data for that user through gravity forms to the front end.

Do you mean as long as the info was created/entered by the user after the user already exists? After initial user creation? Not at the time of creation?

It would be clearer if we just scrapped the user registration add on from the conversation, you can’t encrypt any fields used for the users profile and get the data back unencrypted through gravity forms.

Do you mean can’t encrypt DEFAULT user info that’s required for account creation? That’s fine. Don’t need to encrypt their Firstname, Lastname, Bio, email etc. Just the NEW/non-default fields added for users like “Twitter username” “Twitter password” “FTP username” “FTP password” etc.

But If you had users fill out a secondary form to store an entry with their data…

Yes, this is what I had set up in my staging server.

...you could then programmatically pull entries for just that user and show it back to them unencrypted on the front end.

Excellent. This sounds like exactly what I want. So long as the Admin can view it on the back end too(?)

This functionality to pull entries for a specific user and display in front end is not built into this plugin, but other plugins such as gravity view may be able to and should function to decrypt the data if using gravity forms API to pull the entry data. you would also need that plugin to let them update their own entries. I believe gravity view can do this as well.

Hmmm it sounds like I’m just going to have to buy it/try it and see if it works. How is support provided for those that purchase? Do you have a ticket system? Support here? Via email?

Encrypting user registration fields is not supported.

Readable front end display of encrypted fields has a conditional option to allow for it outside of admin, but is not supported as it relys on custom programming or third party solutions such as gravity view. Users report that gravity view works well with encrypted fields but we do not directly support extending the plugin beyond its own given capabilities.

cfu3i29

cfu3i29 Purchased

This is a fanstastic plugin. Just one question regarding notifications:

Sometimes it is desirable that data be stored in an encrypted form but that this be included in email notifications in shortened form, e.g. *1234 oder AB**234.

I see that the plugin has a function to hide encrypted fileds from notifications, but can it also achieve the above? If not, are you aware of a plugin for Graviry that can do this?

cfu3i29

cfu3i29 Purchased

Excellent. I intend to pucrchase the plugin in the next couple of days.

Following up to let you know that ver 2.5 has just been submitted for approval, and should be available within a few days.

Full feature list is on item detail page in changelog at bottom, but it DOES include custom output masking through the admin options page as well as some other new output formatting features.

Thank you. About to purchase now.

New buyer here. Thanks for the great plugin. By any chance, is it possible to still export de-encrypted excel sheets through the “Import/Export” feature of Gravity Forms?

Also, in the settings page for the plugin, the Encryption Test “DeEncrypted Data” field says ” DECRYPTION ERROR! REVIEW SYSTEM CHECK ABOVE”. However, the system check looks fine and all-green. Any suggestions? Thanks!

If you change your encryption password now and submit more test entries you’ll see you can’t access the ones under the old password. ..that’s where the override comes in :) use it to view the old test entries while submissions are still being encrypted under new password. Then just delete it to go back to viewing data under new password only again.

..side note using the override should allow you to use the ADMIN decrypt functionality on the old passworded entries, then just remove the override and change “decrypt” to “encrypt” and run the same form and entries and fields or however you select to run it) again and it should re encrypt them under the new password . Just be sure you get ALL the data on the entries, so likely don’t specify fields or some could be under old key and some under new key for same entry.

I know it’s just dummy test data, but it’s a good chance to try it out :)

THANK YOU SO MUCH! Thank you for clearing that up for me and creating an excellent plugin.

Sorry – hopefully this is my last question. The encryption and deencryption seem to be working well. Thank you for your help! Is there anyway to have the deencrypted info appear in the notification emails that get sent out after the form is submitted? Currently, the fields labelled for encryption are blank in the notification email. (I’ve deleted your login already, but let me know if I should send you a new one.)

..side note, you can designate what shows up for encrypted restricted displays by using the encrypted restricted display setting , then it will only be blank when view is restricted if they didn’t enter anything , but will show your custom xxxx or whatever if there’s encrypted data there.

For some setups you may not want to designate if there’s data there to users without view permission or in merge tags, but for other setups it can be helpful.

Also it’s strongly suggested to leave the merge tag filter ON to prevent accidental sending out of decrypted data in notifications or confirmations. But ver 2.5 should be out pretty quick to allow you to pass specific decrypted field data in merge tags for notifications and confirmations.

That would be perfect! Thank you!

Following up to let you know that ver 2.5 has just been submitted for approval, and should be available within a few days.

You can check out the full changelog specs on the plugin’s item detail page, but we DID include the ability to use ADMIN controlled custom merge tags which allow for decrypted output of specified form : field data in confrimations and notifications. This keeps all web view permissions intact, and the ADMIN must allow what merge tags will function per form and field.

We hope this feature along with the new custom masking and new full permissions bypass will help users format the output as needed!

Pre-sale question:

Any chance this would work with Formidable Forms? I’m sure a lot of other users would be interested in this plugin if it did.

Thank you.

Sorry about the late reply. Theres no chance it will function for that plugin at this time. :(

We might take a look at it though and see if it’s a possibility for the future

Will your plugin have the capability to encrypt uploaded documents such as word, pdf, or xls, files if i use the Gravity Forms File Upload field? thanks.

Thanks for the update 2.9 with user roles. It seems to work well in my limited tests so far. I have also used Gravity View to display some entries and your plugin is working with that. I have not used the enhanced permissions capability of Gravity View yet but i will forward information to you when i get to it. I have a screenshot of a GUI modification suggestion if you are interested. Perhaps you have a general e-mail box i can send to. You should have access to my email address from my purchase. thanks again.

Glad its working for you. if you’d like to just send me a link from here on the right i can check out your GUI: https://codecanyon.net/user/pluginowl

..Thanks for the GUI suggestion. We’ll definitely consider it when we work on making things a little prettier later!

Hi just bought your plugin as I want to hide a field when the user is typing it in, like with a standard password field on login that masks the password with *** characters. How do I do that with the plugin or is this not what it does?

Thank you for the purchase.

In the form editor under the fields advanced tab you can select “Enable Password Input”. That option is standard with gravity forms. Assuming the data you’re collecting there is sensitive or personal like address – phone – email – ect. , and is NOT being passed to some other plugin or add-on on submssion, you should likely turn on encryption for it in the encryption options under the advanced tab as well following the instructions in the options settings page. Settings->GF Encrypted Fields. You can likely use the “Quick Setup” instructions under the full instructions button up top.

Hop this is helpful to get you up and running!

Thanks for getting in touch. Yes saw that should’ve tested. Unfortunately this plugin won’t work for me. All the data will be behind a membership wall already and data gets passed to various other applications. Can you please refund me for the plugin?

Of course. But that is handled on your end through Envato. :)

On a side note though. Sensitive or personal data should be encrypted at rest in the database aside from just limiting view access on the front or back end. That’s what this plugin handles. It protects the customer data from data breach if your site or database was compromised, which unfortunately is very common. We think the plugin in this light is globally useful.

Glad we could be of help!

I am trying to display encrypted values in using the confirmation redirect to send encrypted strings to our ordering system. I cannot seem to get it to work. Any help would be appreciated.

Hmmm. Well, unfortunately there’s really no way to pass the actual full encrypted string data to the merge tag output currently.

-here’s an good article on the relative security of query strings in https pages: https://blog.httpwatch.com/2009/02/20/how-secure-are-query-strings-over-https/

As far as decrypting on the other end It’s not something well be able to support for you as its outside the scope of this plugins functions entirely, but there’s certainly a couple ways I can think of that we could have the merge tag output be the full encryption string for passing the data via query string like that. I’m not sure its really a feature people would use though to develop it mainline.

..after reviewing the functionality for direct merge tag output (used in query strings) it looks like to implement the feature we would have to apply the output to the main data view. the query strings are generated after the data is initially pulled from the DB. So if we added an option to display full encryption string in query strings it would have to also show full encrypted string for all other displays.

..we’ll do a little more digging to see if we can pull the variable we need inside the proper function to make it possible to only target query strings. ..if it can be done we’ll try to get it in the next version. I believe it was already looked into for other functionality though so it doesn’t look too good at this point. I will update when I have a solid answer on this.

Well, while direct query string output of encrypted values isn’t currently possible we did just add the feature to output encrypted field strings through the confirmations and notification emails. Its a developer option that you may be able to use to send data encrypted to your receiving application for decryption. Of course, developing that application is all your own.

Ver 2.9.3 (see items changelog under item details) Added Encrypted Merge Tags {gfef_encrypt_FIELD ID} for develpers to output an encrypted version of any field data in notifications and confirmations to be decrypted elsewhere by data or email recipient. Data that is unencrypted will still have an encrypted version output by this merge tag.

co50

co50 Purchased

Hello,

Just installed this – all the system checks are good. I followed the instructions but encountered some weird stuff – and upon testing, the plugin is not working….

I generated a key, entered a password…all the basics are done.

At the bottom under the settings area, the form field where you’re supposed to enter “encrypt” or “decrypt” contains the following:

<?php/* if (is_admin() && current_user_can(‘edit_users’)){echo esc_html__(get_option(‘gfe_encrypt_decrypt’));} */?>

I deleted it and entered encrypt as instructed, entered the form id to be encrypted, entered 0 for “MAX ENTRIES PER RUN” and Saved settings. The status report at the top provides no info. It just says: ENCRYPTION REPORT[green padlock] : Form ID: 2

No info on how it actually went, if it’s working, etc.

I then submitted a form, and then looked at it in PHPMyAdmin. All fields are stored in plain text. What am I doing wrong?

co50

co50 Purchased

WOW. Nice job. Now all we need is encryptable list fields and it’s perfect!

Hopefully looking into those for this version as well. We’ll see if they are ready to play nice.

..Just a report for you that lists are not gong to make it into this next version. They are stored entirely differently and will require an entire major structural addition to the current codebase to become possible. :(

We’re looking for a wordpress plugin that encrypts certain fields and it looks like yours does that. But does the encryption key work in a C sharp program that we’re sending the form mailers directly to?

Are you trying to send out the encrypted data to a custom program then decrypt on the other side? There’s currently no way to send out the actual encrypted string data in gravity forms merge tag output but we’ve been looking into it and trying to come up with a suitable solution. We believe we are close to it at this point but are not making any promises until a working solution is fully present. This plugin uses php based mcrypt encryption so whether or not custom decryption will work in your custom program in another language base one could not say but it would require more than just the keys since this plugin does more than use keys at face value during encryption.

What might be of interest to you is the plugins current ability to send out decrypted data in confirmations for fields that are encrypted in the database. ..if you send your mail via TLS/SSL and possibly encrypt the entire-e mail (there are plugins that do this) you should be relatively just as safe as when the data was first submitted over SSL to transfer data to your secondary program. the only caveat is servers mail records etc. if your not using TLS encryption to send the mail. But of course each transfer method has its own security concerns that we will leave up to you to determine the benefit vs potential risk factors

As of version 2.9.3 we’ve written in a developer feature that adds encrypted merge tag output , so you can send out encrypted field data strings in your confirmation emails now. Of course we do not support or assist in the building of decryption on the other side, but a developer could pretty easily look at the plugin source code and assimilate a simplified decryption on the receiving end of the notification emails after parsing the e-mail and pulling the strings out.

So basically it now has the ability that your looking for and what you want to do is very possible, but you are on your own to build a system that pulls the encrypted data out of the e-mails and decrypts it properly.

hope this helps you and anyone else looking to do something similar :)

Ver 2.9.3 (see items changelog under item details)
  • Added Encrypted Merge Tags {gfef_encrypt_FIELD ID} for develpers to output an encrypted version of any field data in notifications and confirmations to be decrypted elsewhere by data or email recipient. Data that is unencrypted will still have an encrypted version output by this merge tag.
co50

co50 Purchased

Any chance that list fields will be supported at some point?

co50

co50 Purchased

Great. I have two more clients I want to buy licenses for but their most sensitive info is in lists so it can’t yet be encrypted with your plugin.

..Just a report for you that lists are not gong to make it into this next version. They are stored entirely differently and will require an entire major structural addition to the current codebase to become possible. :(

We will continue to look at this into the future.

co50

co50 Purchased

No worries. We can patiently wait until you find a solution. Great plugin otherwise.

by
by
by
by
by
by