Code

Discussion on Gravity Forms Encrypted Fields

PluginOwl

PluginOwl supports this item

Supported

This author's response time can be up to 5 business days.

252 comments found.

bijan71

bijan71 Purchased

I bought a second license for my second website. I don’t know where to enter the license information. I de registered from the first license, but can’t find where to enter the new one.

Hello,

The license/purchase code is entered when you first attempt to visit the settings page for the plugin if it is not already currently active. You can see what license /purchase code is currently active and/or deactivate a license by clicking on the “licensing information” button at the top of the settings page.

Hope this helps :)

Hi, we bought 2 licenses of this. We are having issues in the notification email using {gfef_decrypt_ALL+} shortcode. We have ALL:ALL+ in the decrpyted merge tags settings.

All other fields are showing correctly in the email notifications, however the “TIME” field which has no encryption is not showing in the email.

I’ve tried to use the {all_fields} and all fields are showing.

Any thoughts?

Thanks

Re-enter the original custom website key that was originally used.

Earlier plugin versions did not attempt to auto restore a custom website key when used and required that it be re-entered immediately after update/reinstallation.

New versions attempt to preserve it but still require double checking it for accuracy after update/reinstallation.

The auto key does not need to be checked. Unless the site has been cloned/migrated. It is then a custom key on a different install.

Hi, Thanks for your quick response, Yes web key is working. We manually placed it in salt

Hi, I am helping customers set up your plugin on a couple of sites and would like to recommend to use on another but did you ever get confirmation if it was working with GravityFlow as we are looking at it for process management. Thanks

We have not yet looked into the possible scenarios with Gravity Flow, but on the surface there is no inherent reason they shouldn’t play nice. Some users seem to be up and functioning with it and others not, so it could just be configuration. The decrypted merge tags would need to be able to be used to send emails to if sending to an email address field on the form which is encrypted, this is the same as sending to an encrypted email for notifications etc. When we are able (working on feature additions and updates for plugins right now) we will look into the interplay between the two. The most common reason for some functionality not working is that users are not using decrypted merge tags for data that is needed for something to function, and instead trying to function using either the standard merge tag (which just prints in the restricted display) or the encrypted string data. for example.. you cant send an email address to an encrypted string or check if a user name is active based off a restricted display of “Encrypted Data” , you need to print in the actual decrypted data using the proper decrypted merge tag for it to work. There could be something beyond this entirely but we have yet to check into it ,and will when we can.

Hi I messed up! I don’t have Gravity Forms, I have Form Craft.

Any chance of a refund? This plugin is useless to me :(

Hello,

..Although we would shamelessly recommend you make the switch to Gravity Forms :), Authors cannot directly issue refunds. You can request a refund through Envato. When the refund is approved the plugin license will become invalid so it is best to deactivate and uninstall it first.

Hope this helps :)

drgene

drgene Purchased

You report that Gravity Forms Encrypted Fields requires “PHP 5.6+”, which is my current version. I am upgrading to PHP 7.2. However, the plugin PHP Compatibility Checker reports that there are 21 errors with your plugin. Please let me know if these errors will disable your plugin. Here is the list: FOUND 21 ERRORS AFFECTING 9 LINES 205 | ERROR | The constant “MCRYPT_RIJNDAEL_128” is deprecated since PHP 7.1 and removed since PHP 7.2 206 | ERROR | Function mcrypt_get_iv_size() is deprecated since PHP 7.1 and removed since PHP 7.2; Use OpenSSL instead 206 | ERROR | Extension ‘mcrypt’ is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or pecl/mcrypt once available instead 206 | ERROR | The constant “MCRYPT_MODE_CBC” is deprecated since PHP 7.1 and removed since PHP 7.2 208 | ERROR | Function mcrypt_create_iv() is deprecated since PHP 7.1 and removed since PHP 7.2; Use random_bytes() or OpenSSL instead 208 | ERROR | Extension ‘mcrypt’ is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or pecl/mcrypt once available instead 208 | ERROR | The constant “MCRYPT_RAND” is deprecated since PHP 7.1 and removed since PHP 7.2 209 | ERROR | Function mcrypt_encrypt() is deprecated since PHP 7.1 and removed since PHP 7.2; Use OpenSSL instead 209 | ERROR | Extension ‘mcrypt’ is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or pecl/mcrypt once available instead 209 | ERROR | The constant “MCRYPT_MODE_CBC” is deprecated since PHP 7.1 and removed since PHP 7.2 236 | ERROR | The constant “MCRYPT_RIJNDAEL_128” is deprecated since PHP 7.1 and removed since PHP 7.2 237 | ERROR | Function mcrypt_get_iv_size() is deprecated since PHP 7.1 and removed since PHP 7.2; Use OpenSSL instead 237 | ERROR | Extension ‘mcrypt’ is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or pecl/mcrypt once available instead 237 | ERROR | The constant “MCRYPT_MODE_CBC” is deprecated since PHP 7.1 and removed since PHP 7.2 241 | ERROR | Function mcrypt_decrypt() is deprecated since PHP 7.1 and removed since PHP 7.2; Use OpenSSL instead 241 | ERROR | Extension ‘mcrypt’ is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or pecl/mcrypt once available instead 241 | ERROR | The constant “MCRYPT_MODE_CBC” is deprecated since PHP 7.1 and removed since PHP 7.2 1799 | ERROR | The constant “MCRYPT_RIJNDAEL_128” is deprecated since PHP 7.1 and removed since PHP 7.2 1800 | ERROR | Function mcrypt_get_iv_size() is deprecated since PHP 7.1 and removed since PHP 7.2; Use OpenSSL instead 1800 | ERROR | Extension ‘mcrypt’ is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or pecl/mcrypt once available instead 1800 | ERROR | The constant “MCRYPT_MODE_CBC” is deprecated since PHP 7.1 and removed since PHP 7.2

Hello,

I have copied in a response to a previous identical inquiry below.

We are going to add this to the FAQ as well.

The plugin Is fully compatible with php 7.2.

The plugin provides 2 encryption types to choose from and already states that mcrypt is depricated as of php 7.1 (can still be used as optional library install) and that Open SSL is required to be used for php 7.1+

Our plugin also states that open SSL is strongly recommended when choosing an encryption type regardless of php version.

You will notice on reading the errors you’ve listed that they are all pertaining to the use of mcrypt should you try to use it in php 7.1+ (Without having it optionally installed) and then specify to use Open SSL instead. We do not plan on removing the mcrypt option as it is still a viable option for installs not intended to run on <php 7.1 and none of the functions listed are used/called if Open SSL is selected so there are no actual functional errors in reality.

It is important to be aware that many plugins have older functions available for backwards compatibility and other cases that may not be useable in newer php versions but will or can Be used with older.

Hope this helps :)

Hello,

I understand this plugin is not Multisite tested, but when activated on a per site basis for a multisite network:

Does this plugin support one license for sites on a multisite network? If one license will not work for sites on the multisite, is there a license that does cover multiple site uses on a single network?

AS

Hello,

You are correct as far as the licensing is concerned. There is no multisite licensing available. Envato offers only licensing for single sites/products. This is regardless of if the sites can be centrally controlled through a multi-site interface. By definition, “Multi-Site” is multiple end sites (each site in Multi-site is capable of being quite unique) and each will require it’s own unique license. However, concerning this and users running multisite for truly identical sites, ..there is no real use for the multi-site environment if the sites are in fact identical, and we encourage users to either just funnel the forms through a single individual site, or better yet to point the existing used domains to a single individual website.

Hope this helps :)

Hi! I am trying to secure file uploads to my website using your plugin with Gravity Forms. I’ve installed and setup the Dropbox Add-On. I tested that the uploads are going to Dropbox and they did so successfully. Then, I turned on the Delete Only File Uploads After Submission function of your plugin and tested again. This time, the uploads did not go to Dropbox. However, they were not in the entry details. Can you please assist with this ASAP? Thank you.

I checked with the website host and they said they don’t allow us to send through mail servers other than theirs, so I don’t believe that solution will work. Please let me know when you anticipate an update on this issue. Thank you.

Using the described method you could send through your hosts email, or any other email service as it uses SMTP. For example, you could use Gmail or any other mail provider and account that allows SMTP with TLS/SSL.

SMTP allows you to connect to other mail accounts securely and remotely so it is not at all tied to your web host or thier provided mail accounts/servers although you could likely use thiers as well as long as they provide SMTP with TLS/SSL. It just comes down to what address you want to send from and recieve at when you consider the emails chain.

Update:

As far as deleting the local copy if you are going to use the Dropbox add-on, you can just set the Dropbox add on to delete the local copy after it has uploaded to Dropbox. You don’t need to use our plugins deleting of files option for that specific form if the files are going to dropbox and you set it to delete the local copy.

If you are e-mailing a copy of the file as described above, you can set our plugin to delete the files after the secure emails are sent.

Hope this helps :)

Hi, I use gravity pdf with the encrypt plugin but cannot populate the pdf with a calculated field result – it always shows “0” (zero) in the pdf. The calculation on the form itself works, and the data (data source and calculated result) is stored as an entry correctly. Also the source fields are ok in the pdf. It just doesn’t populate the pdf with a calculated field result when encrypted values are a part of the calculation. I’ve tried a variety of field settings and encrypted/decrypted merge tags but only non-encrypted source fields for the calculation work, and this is the data I need encrypted. Any ideas?

I think I’ve made a mistake in my original comment. I don’t think calculations work at all. An encrypted source field is always ignored. It doesn’t matter if you use the standard merge tag or the {gfef_decrypt_n} tag. The data isn’t stored in the calculated field as an entry. Please could you do a test and see if you get the same result? Thanks.

Hello,

Yes we get the same results. The calculations do not currently allow for using encrypted source data. However, you CAN save the final calculated field data encrypted. If the source field data is also sensitive you can choose to have the source field data deleted on submission. If it must be saved, you can always auto copy it to another hidden field and save that field encrypted. Our auto formatter plugin has automatic field copying (as well as user input “click to copy”) options. If choosing a route like this you would have to update the source fields and the encrypted copy on an edit if necessary, and the unencrypted calculation sources would be deleted after update again.

Hope this helps :)

bolters

bolters Purchased

Ok thanks. A native option for encrypted source fields of calculations would be nice. Please add it to the list :-)

Hi I’m interested to buy your pluggin. I ve got some question: 1 – does it work with gravity pdf? 2 – do the mails send by GF are encrypted too? 3 – If yes, How to desencrypt them? 4 – Does the SQL is encrypted? 5 – Does the pluggin encrypt the file uploaded?

Tkx

Hello

1. Yes. Gravity PDF has custom templates and we provide a basic template for a decrypted PDF. beyond that you can create your own template or modify and existing one to suit. Our plugins decrypted merge tags must be used within the template or if programming the template the developer helper functions can be used to decrypt field data.

2. You can send your WP email by SMTP using SSL /TLS if you choose to send though encrypted mail platforms like gmail etc. plugins like wp mail SMTP or PGP mail can set this up .

3. Gmail is auto decrypted on the receiving end as most email providers do . PGP mail requires the public key.

4. ? I’m not exactly sure what you mean here. The individual field data for fields with encryption on is encrypted in the database.

Hope this helps :)

Thank you, could you tell me more about the uploaded files? Are they encrypted too? 1 – could you give me an example? If i export a pdf, the filed are encrypted like * and how to desencrypt them? 3 – what is PGP? How to install what you talk about? 4 – if a hacker download the SQL is it possible for him to read the content?

1. Files are not encrypted by our plugin currently. Gravity forms offers the Dropbox add on which transfers uploaded files to Dropbox and can delete the local server files . This results in encrypted storage for the files on Dropbox platform. You can then share the files as you wish. You can also simply attach the files to the gravity forms notification emails of choice and then have our plugin delete the files after submission.

2. Search “WP Mail SMTP” and “WP PGP mail”

3. No. The field data is encrypted in the database.

Asterios

Asterios Purchased

Hi!

How use the standard Gravity Forms modifier :label with at encrypted field?

example: {name:3:label}

Best

Asterios

Asterios Purchased

Ok thanks. It would be an interesting improvement for a future update. Use actual label text isn’t a solution when use a conditional logic and is necessary hide label and content from an unused field.

I see.

The content should be empty and print nothing if the field is unused, but the label will still print regardless. This would be true if using the modified merge tag as well, but to help us understand the use case, how are you using conditional logic to show or not show something, and what is the merge tag being used in?

Is conditional logic in the form to hide or show the field? If so I believe the label would still print from the merge tag even if the field is hidden / unused on the form. Unless you can also use conditional logic to insert the merge tag or not in its place based on your use case. This is what we are wondering.

Sorry to continue editing, but in considering the scenario above, if your use case is similar.

I’m not immediately aware of a way to use conditional logic within a specific confirmation/notification, but our solution has been to create 2 and use the suitable one based on conditional logic. So if field 3 has value then use the one with label and value for field 3 .(we just type label name in) and if field 3 has no value .. then use the one that doesn’t include field 3 or label name.

They are basically cloned and just include/exclude field 3 information.

Is this what you are looking to do?

I have applied my purchase license, I have enabled the encryption on a field, but when I look in the database, the data is not encrypted. I can still see the same data I input on the form. Am I missing something here?

Hello.

Have you followed the complete set up instructions at the top of the Settings page? Complete written instructions as well as an instructional video for setup are there. Once you have followed the complete setup instructions and Gone over the system check, if you are still experiencing that the data is not encrypted please let us know.

Hope this helps! :-)

Hi,

Is this plugin compatible with standard GF payment solutions? It seems there is an issue with a Hungarian payment system (called Simple Pay), and I suspect maybe it is caused by encryption.

When encryption for some fields (like names) are turned on, form is not redirecting the user to the payment page – even if “Process Feeds/Add-Ons before encrypting” option is turned on.

Hello,

Yes. You can use the plugin with standard gravity forms payment processors. However, you should not attempt to encrypt any fields used in Card processing information as GF does not store it anyway. We are unfamiliar with your particular Hungarian processors operations.

When using the “process before encrypting” option, the data is not encrypted until after ALL feeds and add one such as payment processing is completed. However, if you are passing other data to the processor via merge tags you must use the plugins decrypted tags.

Hope this helps :)

by
by
by
by
by
by