55 comments found.
Hi. I’m having an issue with the Encrypt/Decrypt tool and it seems to be throwing some errors directly related to the plugin (see screenshot – http://www.kubitconsulting.com/files/gf_encrypted_fields_error.png ). The error is “Notice: Undefined variable: lead in /var/www/html_dev/wp-content/plugins/gravity-forms-encrypted-fields/gravity-forms-encrypted-fields.php on line 526”.
My system check passed ok, i’m using version 3.4, and here is a screenshot of my configuration – http://kubitconsulting.com/files/system_check.png
I’ve tried this on two web servers (local WAMP and production NGINX) but the same error persists. I’ve also tried disabling all plugins except Gravity Forms and this one. Please let me know if you can help resolve this or if i’m doing something wrong.
Also – i saw the user ‘cdisend’ had a similar error message (undefined variable) but i can’t reply to that comment to see what they might have done to fix it. I don’t know if the two errors are related or not but i’ve tried everything i can think of.
Thanks.
Thank you for reporting this! It seems there is an unused line of code for future production that had snuck through there. This has been corrected and is included in version 3.5 now currently awaiting approval for release
The tool will likely still run fine for you although I noticed you do actually have encryption turned on for any fields within that form you are processing in the screenshot, so no fields will actually be encrypted unless you selected the “ALLOW ENCRYPTING FIELDS WITH ENCRYPTION CURRENTLY TURNED OFF IN FORM” option to encrypt all encryptable fields whether or not encryption is turned on for them individually. ..which is generally not the desired behavior.
Encryption is turned on for fields in their advanced tab in the form editor.
Thanks for the quick reply. You’re right, i didn’t have encryption turned on for the field i was trying to encrypt (68). I did have it setup correctly in my other environment and it still was not encrypting field 68 as expected. I just changed the setting and i’m still getting the same error and the data is not encrypted. Here’s a new screenshot – http://www.kubitconsulting.com/files/gf_encrypted_fields_error_updated.png
For the heck of it, i tried checking the setting you mentioned (ALLOW ENCRYPTING FIELDS WITH ENCRYPTION CURRENTLY TURNED OFF IN FORM) and that also did not help get the data encrypted.
Do you know how long it will be until version 3.5 is released? Could you send me the current version of 3.5 just so i could see if it makes any difference?
Absolutely.
We have tested the tool functionality with the fix and have not encountered any errors or notices and would be happy to send you an advance copy. Ver 3.5 should be released in a couple business days but in the mean time please send us an email here to receive that advance copy.
I have a client that just purchased your plugin and we are working on trying to get it all configured and set up. Our scenario is that we would like to encrypt two fields in form ID 1. The fields are IDs 30 & 32. On the form fields, we have gone into the Advanced settings and marked them as encrypt this field.
In the plugin settings under “System Check” we still have a red X for PHP version – we are working on that. But we do have all other checks green. We are using OpenSSL and we have set our Encryption Password. What else needs to be done to have this data encrypted in the database?
We are also working under the assumption that only certain accounts will be able to view the encrypted data. Can we just specifically call out certain users that we want to be able to view the data? Will they have to supply a password to view the data or when the view the form results will it simply decrypt the data and show it to them?
Thanks!
Hello!
Thank you for the purchase and we are happy to help 
If you are running PHP 5.4+ everything may work just fine at this point, but versions previous to 5.6 are not supported as future development will be looking at newer versions. It is strongly recommended that you set up the site on at least 5.6.
To get started you should read over the full instructions at the top of the settings page that expand when you click “show/hide full setup instructions”. The content there should answer a lot of the basics about how things operate.
Data encryption is performed when the form is submitted or when the entry is updated if the specific field data has been changed on update. so turning encryption on does not encrypt past entries. in order to do that you would use the “encrypt/decrypt entries” tool at the bottom of the settings page. full instructions are on that tool.
in order to view the encrypted/hidden data a user only has to have permission to do so and it is automatically viewable as normal for them in all gravity forms entry view and export options. By default when you encrypt or hide field data ALL users that can view entries or entry data will have access, but as soon as you restrict it to a user or role than only the users/roles you’ve given explicit access will have it. Other users without view permissions will see the “restricted display” for either encrypted or hidden data. By default the restricted display is blank so nothing will display. Entering something in there helps to determine (for setup purposes anyway) when a user is getting blocked/restricted to the data or when theres just no data to show.
To control which users can access specific data you can use a variety of access controls.
In order to control which users/roles can access the encrypted or hidden data there are a number of controls to do this. In the fields advanced settings there is the “User/Role View Permission” which is the most basic way to control which users/roles can view any specific field if it is hidden or encrypted. hovering over the “help” icon next to this settings will display an explanation of how the setting works and points to the other settings on the plugin settings page for further access controls.
Is it possible to have the Gravity Forms Entry search not case sensitive on encrypted fields? When I am searching an encrypted field, I do not get the result returned that do not match the exact case. If I search on an unencrypted field, I do get the results back in any case.
Example: If I search an encrypted field by “Test”, I do not get back any results like ‘test’. I would like to get these results back. Is this possible?
If I search an unencrypted field by “Test”, I do get “test” back.
What version of the plugin are you running?
The native search feature of encrypted values was expanded to include varied capitalization as of ver 3.1
- Expanded Native Search Feature to attempt finding the entered search term(s) with varying capitalization automatically.
Current plugin version is 3.5 The full change log for all versions (including any versions currently in development) is on this plugins details page at the bottom.
If you are still running 2.9 be sure to follow all update instructions to change to version 3.0 or higher in the newer versions .readme file.
I haven’t upgraded yet, but I will try the update. Thanks
I upgraded the plugin but now my entries are empty. Not sure if I am missing a setting. I replaced the entire plugin directory and updated the salt.php with the website password. When I click on an entry, the single entry page is empty and displays no fields or data. Any idea?
I rolled back to version 3.5 and they are showing again. Not sure what is new in 3.6 that is causing the missing data
You can replace all files minus the ” includes” directory folder on upgrade. There are no changes to encryption fr 3.5 to 3.6.
It is possible the website key was entered incorrectly. If you replace everything but the “includes” directory per update instructions in the .readmee file you should be back to normal on 3.6
Hello, I was having trouble getting an encrypted field to show decrypted on a PDF using the Gravity PDF plugin. My field merge tag is: {private_field_name:76}, I have tried
- {gfef_decrypt:[76]} - {gfef_decrypt_76} - {gfef_decrypt_private_field_name:76}
Any tips would greatly be appreciated. Thanks!
Hello,
You must first allow the decrypted merge tag to be used by making a comma separated entry of
FORM_ID:FIELD_ID
into the decrypted merge tag setting on the settings page. It would be like this if your form id # is 4:
4:76,
then you are able to use the {gfef_decrypt_76} merge tag ( example just given is the correct format for the merge tag) in any of form 4s notifications, confirmations, or other places standard Gravity Forms merge tags are accepted for form 4.
Assuming you are running the latest available plugin version 3.5, complete instructions for this and examples of all custom merge tag usage are on the plugin settings page under the decrypted merge tag setting if you expand the “show hide option guide” button.
Hope this helps
Hi – I want to encrpyt 3 fields on one particular form. The end user of submitted data accesses the data via a GravityView view of the data submitted. Will your plugin play well with GravityView?
Hello,
While we cannot assert 100% compatibility with Gravity View since it is independently authored from Gravity Forms core, we CAN report that all use cases of Gravity Forms Encrypted Fields with Gravity View to date have been reported as working wonderfully. This includes our custom “user permissions decrypted merge tags” which allows the merge tag to check the viewing users permissions to the hidden/encrypted field data and either show it as readable or show the restricted display within Gravity View displays.
Hi, can all fields be encrypted globally, or do i have to assign it for each individual field?
Encryption is turned on per individual field. For a list of all encryptable field types please view the plugins overview page.
However, when encrypting previous existing entries using the encryption tool. All encryptable field types can be encrypted globally.
hmm i’ve got multiple forms with hundreds of fields. It would take me ages to enable each field on an individual basis. Any plans to do this globally?
Well .. now there is.
At least we will certainly take a look to see what can be done to this regard for the next update.
In most cases all of the fields on a form really do not need to be encrypted and theres only a select few that should be, but at the moment I would think we could add a settings page feature to turn on encryption for all eligible fields on the specified form. This would at least make it quicker to set up for users with use cases like yours if all of the forms fields actually need to be encrypted on a large form.
Update: This functionality has been implemented already and will be released in the next update very soon.
Version 3.6 (in development)
* Added encrypted/hidden indicators by field labels for quick reference of encrypted/hidden fields in the form editor without having to open the field options.
* Added “Global Form Encryption Switch” to turn on/off encryption for all supported fields on a specified form to settings page.
* Updated instructions.
Update: Version 3.6 (submitted for release)
Another super responsive and excellent update to an already outstanding extension. This guy never rests.
Hi, I have purchased and installed your product, but I really need assistance customizing is properly. Could you recommend someone?
Hello,
There are instructions on the settings page. At the top of you click on the “show/hide full instructions” button.
Is there something specific you needed help setting up?
The notification emails are not being sent to people who register with us. The email field is one of the fields that we encrypted, and this email field is the one we selected for the “send to” category under the notification. Is it because we encrypted the email field? And if so, is the best thing to just unencrypt the email field or is there another workaround? Thanks!
Please have the authorized user (verified purchaser ) of the plugin contact us for support or send us an email through our author contact page with your purchase code to receive support
sending you an email through the author contact page with the purchase code
Thank you for verification.
You can check if the emails are not being sent due to encryption by turning on/off encryption for the field and filling out some test entries and checking if the emails are being delivered to your entered “customer” address.
If your setups encryption prevents delivery you can just use a “decrypted merge tag” for the field in the notification instead of the standard merge tag which is likely returning the encrypted restricted display for the email field since both : users filling out the form do not have permissions to decrypt the field, and the merge tag also responds to the merge tag filter which restricts its output either way.
Decrypted merge tags must be unlocked for use on the settings page per form/field. Follow instructions and examples on that settimg there by showing the full instructions available. Then use the provided merge tag format for that field in the forms notification email :to field :{gfef_decrypt_FEILD ID}
That tag will always return the decrypted field data regardless of what user triggers the action that generates the merge tag content.
..so in simpler terms ,it will always return the readable -email address which should bring your functionality back to normal.
Thanks for purchasing
Thanks for getting back to me. If we decided to just not have the email field encrypted, if we already have encrypted data, can I still just turn off the encryption for the email field? Or do I need look in the settings info and follow directions to decrypt our encrypted data first and then turn off the encryption for the email field? We are using version 3.5
You would use the encrypt /decrypt tool . Bottom of settings page . Follow instructionsvthere but basically it’s just entering : Form ID Field ID
decryptMax entries per run-> 200
Assuming there’s less then the last 200 entries with encrypted info for that field that’s all you should need
You can turn encryption off first and then decrypt fields in existing entries to avoid possible additional encrypted submissions while you are decrypting if the site is live
We just decided we are going to try the decrypted merge tag option since we won’t have to decrypt / encrypt all the previously submitted data. Next time we do this type of form, we will just not encrypt the email field. Reading through the info on the settings page again, but after the merge tags have been unlocked, where in the notification email does {gfef_decrypt_FIELD ID} go? Just anywhere in the body of the message? Thanks.
It can go anywhere merge tags are accepted where you want that e-mail entry data to be. Merger tags are simply placeholders that are filled in by the form entry data when the output is created.
So if you want the email to go to that email field address you would use that merge tag in the to: Address
If you want to put the email in the middle of a sentance in the email body, you put the merge tag right there in the middle of the sentance.
Hope this helps
decrypting however is very easy. Should only take 10 seconds to specify : decrypt , form Id, the email field Id , and 200 in max entries per run.
The Merge Tags look to be a success! Limited testing shows the notification emails going out successfully. Thank you!
Happy to help
As soon as I activate this, all my forms disappear on the font-end display. Nothing shows…..
Does your setup meet the system requirements as outlined on the item overview page?
Are you running other 3rd party Gravity Forms extensions?
Yes, 1, I am using
Forms: 3rd-Party Integration Send plugin Forms Submissions (Gravity, CF7, Ninja Forms, etc) to a 3rd-party URL
Version 1.7.3 | By zaus, atlanticbt, spkane
Assuming this is a development site have you tried disabling that?
Yeah I tried that, and no change….
Is it a development site where you could give us temp login to review the issue? The plugin does not change any rendering of the form on the front end and actions occur on submission so there is something odd occurring.
What plugin version are you running ?
It’s not in development, but you can quickly look. What email can I send to?
Hmm. Are you running 1.6?
I apologize that I believe we just uncovered a bug. ..a simple one that somehow slipped through submission ,but one which results in such behavior.
Please disable for now and we will submit a quick update today to fix the issue so you can continue with setup.
You can email us through the author contact form and we will send you an advance copy of the update if you’d like.
I have sent you a message…
You now have version 3.7 installed. You can activate and test at your leisure.
thank you.
Hi, does it work with internet explorer? Currently in https gravity form does not work with multi-page progress fields, it locks and refreshes the page by clearing the fields, with this plugin resolved? Because on other browsers I have no problems, but I would like to solve it on explorer. Thank you
Hello, This plugin will not affect the core Gravity Forms behavior you are reporting.
Hello, This plugin will not affect the core Gravity Forms behavior you are reporting.
Hello, first of all thank you for making this plugin. I’m having some difficulty though. I believe I have everything setup and configured correctly. However, the actual email being sent all of the form fields are encrypted and unreadable via email client. I’d like them to show up in the inbox of a specified user/email address decrypted and readable already. Is this not possible or am I simply missing something? I can login to the dashboard and see the form submissions but I would rather not need to login to the wordpress dashboard in order to actually read an form submission. Thanks for the help in advance!
Hello,
This is completely possible to keep the e-mail encrypted and send notifications to it. However , please have the authorized purchaser of the plugin contact us here for support or send us an email via the author contact form with your license/authorization code for the plugin to receive tech support.
I am trying to use your plug-in to mask output of a Social Security Number, but having issues. I would like for it to display in an admin notification, but not to the end user notification. It would be great if I could only display the last 4 digits to the end user.
I seem to only be able to turn it on or off. Could you please suggest the best way to set this up?
Thanks,
TJ
Hello TJ
Are you using the Standard “all_feilds” merge tag in both notifications?
You can use the “exclude option” to exclude the field entirely from the user all field merge tag results .
Instructions for excluding fields are on the settings page under “{all_fields} Merge Tag Exclude/Include Options”
You can exclude any fields you want from an all_feilds merge tag using that so just use it on the one in the user notification.
If you are using individual field merge tags to display the field data in your notifications just use the standard one where you want the masking and don’t include it in the user notification .
Also as a note the individual decrypted merge tags are available to use wherever you want a fully readable output.Hi,
Firstly, great plugin!
I am trying to configure the plugin in such a way that i hope is possible. I am using gravity forms and gravity flow.
I have created forms that contain encrypted fields, the forms should be viewable inc the encrypted fields, on the frontend by the creator and the assignee’s.
I have checked the option ‘User Owned Field’ which obviously allows the creator to view encrypted fields, but it does not allow the assignee’s to see the encrypted data which is also needed. Even if i add them to the User Access List
If i remove the option for ‘User Owned Field’ and keep the assignee users in User Access List that will work, but then it feels less secure.
The assignee’s are a variable so ideally some sort of option to also include an option to show encrypted fields for assignee’s would be perfect.
I only want to give assignee and from creator users visibility of encrypted fields on a per form basis, similar to what the User Owned Field does.
Can this be done?
Hello,
Currently the user owned fields restrict view permission to only the original logged in form submitter. Other access rules do not apply to user owned fields as you describe and the permissions are per individual entry for user owned fields.
For the next update we can look into the possibility of adding an option for allowing normal view permissions and also the adding original logged in submitting user as an option. This would likely be a new permissions option that would not make the field user owned since others could view it as well but would grant access to the original user submitter in addition to the standard view permission rules and options.
We will update this thread here with any status updates as to this possibility and what if any implementation takes place.
UPDATE:
Version 3.8 (submitted for release)
* Added per field view permission option “Original Submitting User View Permission”, which allows original logged in submitting users view permissions to their own individual entry field data in addition to the normal “User/Role View Permission” list users/roles.
* Subtle visual changes
Original Submitting User View Permission
If you check this box, the original logged in submitting user will also be given view permission to this field data as if their name was included in the ‘User/Role View Permission’ list. This however ONLY applies to the specific entries that the user has submitted, and does NOT grant them view permission to this field data for all entries.
This option does NOT limit view permissions to only the original submiting user like ‘User Owned Field’, but adds them in addition to the standard ‘User/Role View Permission’ list and the user is still subject to being denied view permission by higher level view permission rules such as the user being listed in the ‘User Lockout List’ or ‘lockdown’ listed in the ‘User/Role View Permission’ list above.
Please be aware that if the original logged in user ALWAYS has view permission to this field data on thier own entries, that for logged in users ALL merge tag generated data on submission for this field such as confirmations and notifications for this form will be decrypted and readable since the submitting user has view permission to the field data UNLESS the Merge Tag Restricted Display Filter is left ON (NOT bypassed). In almost ALL use cases the Merge Tag Restricted Display Filter should be left ON (NOT bypassed) to prevent this from occuring, and decrypted merge tags can be used where needed in confirmations and/or notifications to give decrypted field data on submission.
..We hope this helps your use case and others as well. You can now simply give original logged in submitting user view permission in addition to the standard user/role view permission list without restricting view permission to the original user like “user owned field” does
Hello. I installed your plugin on a development site today to run some tests.
The first form I tested only had two entries and they were encrypted as expected using the provided tool.
The second form had 211 entries. I entered 200 as max per the instructions and saved the settings page. Not long after, I was greeted with an Encryption Report but there was nothing else on the screen. The GF Encrypted Fields link returned me to another Encryption Report, this time with most of the Entry IDs not listing any Field IDs.
I repeated this process until no additional Field IDs were listed. There were still no settings fields visible as when the first form had finished encrypting entries. A SQL query shows only 157 fields from the second form were encrypted. I had assumed that I would need to change the offset after the encrypt tool ran the first time but without the settings being present all I can do is restore the DB again and start over. I’m stuck in an endless encryption loop.
I’m hoping I missed something obvious. Please advise!
It sounds like you might be running into a timeout issue from not enough Memory available to process all 200. Try running 100 at a time. If they are already encryoted it will just skip them anyway on the development site.
Decreasing the limit solved the issue. Thanks for the prompt response!
Glad to be of assistance.
You may want to look into increasing your php memory limits within your WordPress environment if you have the server memory available.
