565 comments found.
I’m trying to decrypt field on the front end (on a limited-access page).
I unlocked all gfef merge tags with this: ALL:ALL+, ALL:ALL, ALL:ANY, ALL:ALL+:U, ALL:ALL:U, ALL:ANY:U, ALL:ANY:X
I insert the following merge tag: {gfef_decrypt_5}
I still get the following error: Field Encrypted and Restricted
What else could still be keeping the content restricted?
Hello Check your “admin area only viewing” option. What method/plugin/etc are you using to insert a merge tag and display the data in the front end?
The “Admin Area Only Viewing” is not turned on. We are using Gravity View to display the data from the form.
For testing purposes can you try both checking this option and test.. then uncheck and test. Also please verify this data is visible normally in the normal gravity forms entries interface via a user with view permissions.
Is there a feature to log access to encrypted data? e.g. with someone uses the async password?
Hello, not currently but this would be easy to add. Although there are lots of user action logging plugins already to track what users do as far as page visits.
I’ll chat with devs to see about what this might look like for specific asynch pass usage and what application it might have. For example, what would be your use case?
Hello, I’m just checking whether you support encryption of uploaded file or if this is something in the pipeline?
Hello
Not currently. The Dropbox extension or piping to google drive allows for implicit encryption of files on submission. No current plans for releasing explicit encryption.
Okay, great. Thank you.
Hi, I have made a gravity forms with encrypted fields.
There are 2 questions: 1. How can I now search for entries, when all fields are encrypted. The gf-wordpress search is not working for that? 2. How can I address a first name or last name to be decrypted in a notification or other context? The other fields are working I guess.
Hello
Please read and follow setup and operation instructions fully. They cover complete setup.
1. There is a setting on settings page for allowing encrypted search and detailed instructions on operation are in that setting.
2. Setup instructions cover using the decrypted merge tags. Including a video guide. available under the video tutorials. Use a decrypted tag to show decrypted name or optionally.. individually the first or last name.
Hi,
Thanks for your fast reply: 1. the search seems now to work.
But with the merge tag I have some problems. Because my native language is german and I can’t understand what you are meaning in your help (I use a translator for that), maybe I need some more hints: For the first name I used the merge tag as follows (field ID for the name is 3):
{gfef_decrypt_3.3}
It doesn’t show the decrypted text.
But when I use: {gfef_decrypt_3} it shows me first and last name correct.
Then I’m struggling with the {gfef_decrypt_ALL+} as well. I made a preview submission page in html with this tag. But it shows me just the section titles of the form.
I have set in Decryptet Merge Tags: ALL:ALL+, ALL:ALL, ALL:ANY, ALL:ALL+:U, ALL:ALL:U, ALL:ANY:U, ALL:ANY:X
When I use it in the notification, this tag is working {gfef_decrypt_ALL+}.
So I guess, it maybe some problem with preview? You can test with this token: https://www.vfmg.ch/test/?gf_token=e6558f9cee3843438a9080d22f0ae5c7Hello
Yes it would seem the preview submission page does not utilize or work with our plug-in well. Is this from a plug in?
For the specific first name, your decrypted tag is correct, but you have to unlock the specific sub field in the merge tag unlocks for multi part fields. – in the instructions for merge tags review the multi part field portion. Click to expand the merge tag settings instructions and there is a section for the multi part fields with a guide. -In short you need to add an unlock after another comma like the following
,FORM ID:3.3
Replace “FORM ID” with the ID # of your form. This will unlock your decrypted merge tag you already have in place which shouldn’t need to change.
Yes, i use the preview submission addon from gravity perks: https://www.gravityforms.com/add-ons/preview-submission/
Thanks for the help with the multiparts field. It works now.
Hello, I am interested in your plugin, but wanted to know how I will be able to decrypt the data in another application that shares the Wordpress database? I have a hook that saves the field to another db. Does it use a key to decrypt the stored encrypted data? Thank you.
Hello
Assuming this is a custom application ..We supply developer decryption functions so you can use that to decrypt the data after pulling it. Or if you use the available gravity forms API to pull it the data it will decrypt automatically for any users with view permissions. ( unless using asynchronous mode)
This does require the gravity forms plugin to be loaded as well as ours when your custom app is processing
Great thank you. We purchased the plugin. I am assuming that these functions are part of the plugin and there is documentation for that? Do you have a quick link or where I should look first to see that information?
And yes this would be custom app that would have its’ own DB and would have access to the WP db and pull the encrypted string. We would want to maintain the encryption in the custom app DB and just decode it on that end. Trying to keep even the transfer as secure as possible. Once the records are pulled we would delete the entries from WP.
Or would you suggest that we write our function to pull the data decrypted and encrypt it again in our app?
Hello
Going through the complete setup instructions thoroughly(top if settings page) is the best route to understand everything as it functions to get started. The different auto delete functionality is on the plug-in settings as additional options.
If your custom app is on the same WP site (or even on a different website) you should just pull the data straight from the gravity forms database using the GFAPI. they have a web api too which either one would allow for you to pull the data and if on another site should be TX via SSL . You can use the developer decryption functions to decrypt it this should be before sending to another site of your custom app sites somewhere else and you would have to write your own encryption on that end or if pulled encrypted would have to write your own decryption. If you happen to use asynch mode you can just grab the public and private keys and use to decrypt along with the keys passphrase in you app so matches. The Open SSL key isn’t directly stored anywhere but you could work with a dev to get it and use it. However, If the data is never going round trip you can use whatever key you want and whatever encryption you want in your apps DB separately so you don’t need any keys or anything from our apps end. Just pull it decrypted over SSL and re encrypt on receipt in the app.
If it’s another WP site your app sits on you can install GF and our plug-in and just use the developer decryption/encryption functions.
To be very upfront, we do not assist with custom code and such, so having you or your dev go through the setup and then look over the decryption functions and any other relevant code to make decisions on how best to do it would be good. If you make use of the gfapi your app can pull data WP authenticated over SSL straight from your WP DB GF TABLES as encrypted or decrypted (. So on your apps end you can do whatever you want from there)
If your hook saves to external DB on submission just have it decrypt it with the developer decryption functions for sending via SSL before sending and then do whatever you want with the data in your apps end
Amazing, your quick responses and explanations are incredible. Thank you again and we are glad and more confident than ever in our purchase and your support! Keep up the good work.
As a note, if you are going to send your data to another db for encryption and storage on submission and just auto delete it on the WP site , you wouldn’t really need to even set up the plugin’s encryption. It has a mode for this. You can turn on the encryption bypass option and just set up whatever auto delete functionality you want so your sensitive data gets deleted on the WP site and you can just use it as you want in your app.
I didn’t want to do that just as a failsafe in case the transfer doesn’t happen or there is an error. We would want to delete it automatically after 7 days. But thanks for that suggestion for possible future implementation.
Hello, How to deactivate licenses from sites which are no longer accessible?
If the site url no longer exists you can deactivate it when you go to activate on a new site. If the site is still an accessible address url the plug-in should be deactivated from within the site. Or you can send us an email ( click our username and send via contact form) and we can deactivate if the above have been tried and additional assistance is needed to deactivate
Thank you for fast reply, I had to install the plugin again to be able to deactive licenses from old sites.
An other question. We are encrypting all fields in the form. After decrying single fields stay cryptic. How can I decrypt them ?
Sorry , could you please restate the question. I’m not sure I understand what you are asking
We encrypt the total form. After decrypting one specific field stays encrypted. Also the manual decryption of the field didn’t solve the problem – is still **
if you turn off encryption, this only applies to field data moving forward from that point. You would have to turn OFF encryption for the field and successfully manually decrypt the data and it will then read normally for users without decrypted data access. Follow the instructions for manual decryption including the ability of the user to see the data decrypted and readable before manual decryption and the data will be decrypted and noted as so on the encryption/ decryption report.
Please be very careful and READ and follow ALL instructions for manual decryption. Misuse of the manual encryption/ decryption tool can result in data loss or overwriting the data with the restricted display. It is rare and entirely avoidable if the full instructions for the tool are followed, and can always rely on the backup to restore, but most issues are from not following the plugin tool instructions properly.
Hi, it happened again – that on a field that is regular set as encrypted field, after the decrypting the field stays as ** and the information can not be made visible. nothing in the encryption setting get changed. it is now in 4 different persons the same single field that is not decrypted.
Are you trying to manually decrypt this field data with the encrypt/decrypt tool?
no. I use the decrypt login on the top of the data site
Hello So you are using asynchronous mode?
What type of field is it, and Is there anything listed in the fields view permissions in its encryption settings?
Yes – asyc mode. it is always a standard text field. No there is nothing special in the view permissions set.
Is this the only field out of other encrypted fields this is happening to? What other plugins are affecting the field?
Hi, how can I export the encrypted data table and decrypt it on an other server ?
Hello
You could do this with a direct Database export. Then set your new server keys to match the old server keys.
But Normally I would suggest you would just export your entries already decrypted from your original server ( just log in as a user with access and your GF entry exports are decrypted just like you can view them decrypted. Then import into the new server and manually encrypt them there with the new AUTO KEY and whatever password you’d like. moving data over and using a manual key override to match the old server is never suggested. Manual keys eventually run into problems regenerating on updates and users forget to check it each time to re-input after update if needed. Export decrypted then import and re-encrypt with the auto key on the new site is the way to go.
.. as a side note the data table in the DB is not encrypted. The individual data stored is
Hi I am trying to set up the forms for specific users to access the encrypted data but not the admins (including myself as the admin) But admin can always edit the forms, so it can simply change the user/role view settings I don’t find a way where user can see their own created GF yet. (Means if the GF created by other user, admin cannot see the form.) Do you have any workaround to ensure all admins have no access to the encrypted data or change the settings after the form is set up?
I don’t use Global settings because i want the encryption to be per form.
hello
there are 2 options to give the original submitting user permissions to their own data
1. original submitting user view permission
and
2. user owned fields
these are selectable per field in the advanced field options under encryption. you can read further on the differences between the two options there to determine what use case is bet for you using the help dialogs next to the options, but I would summarize by saying that :
the first essentially adds the original submitting user to the field level permissions in addition to any other permissions given to anyone else to the field at field level or globally but this permission is still subject to any other higher level permissions or restrictions.
the second “user owned fields”, actually encrypts the field differently and only allows the original submitting user to ever view the data they submitted for the field overriding ALL other field view permissions. unless the data is manually decrypted an admin wouldn’t be able to see it. lock them out of the settings page and they couldn’t manually decrypt it
as far as admins finding work arounds for non user owned fields you can to limit their back end capabilities with user role editor or similar to stop them from logging in as other users or spoofing their logins with a plugin etc, and lock them out of the encryption settings page with a password etc if you use global access settings. but for more complex use cases, at some point it always comes down to simply ONLY having trusted admins with access to edit the forms and know the pass to the encryption settings page. It would be a good idea to put their usernames in the global user lockout list if they shouldn’t ever see any encrypted data that might be encrypted differently then say a user owned field, but you would still need to be careful with decrypted merge tags and what they could edit using them and send to themselves etc.
Hi, it is not for original user who submits the field to see the view. It is like end to end encryption for the user who submits the data and the role/user who is able to access for a certain form. I might have another form that works so and is for another group of users.
I know that admin can log in as that user as well. Your suggestion to put admin in global user lockout might work. But still admin can easily edit this settings.
If it’s just for certain users to view and others to not you would use the global lockout list and just enter “lockdown” to link everyone out, and then only put in any users who should see the data in the global access list. This is NOT per form as it is global, but it would prevent from level edits for access. You can use the GFEF settings page lockout password to prevent EVERYONE without the password from accessing the admin page to change anything. it’s at the bottom of the settings page. Per instructions there, Copy the pass and safely store it so you don’t lock yourself out.
doing this per form would be at the field level in the individual field permissions but only entering the username (s) that should get access per field. To that extent , you would indeed have to control who has access to edit the forms so they could not change the field permissions.
This is really an ethics question of who is made admin access because those users can also just delete encrypted fields and replace with unencrypted ones to collect forward submitted data, or replace entire forms to also send data to themselves etc. It wouldn’t reveal previous excepted data, but simply to point out that ultimately if you give persons admin access and form editing access they should be a trusted part of the security equation. Regardless of how we control access to our encrypted fields , users with form editing access (and especially page editing on top of this) can just replace the fields or forms which is only possible if you give them access to do so.
This said, I believe we may be able to add a optional “ per form” selector to the user access list. this would allow the username to only access field data per specified forms instead of for all forms. I’ll chat with the devs and see about this possibility for a future update Adding this feature would allow a use case like yours to use global controls and only let certain users access certain specified forms data. Then locking the settings page would prevent any admin or otherwise edits.
Yes, I understand that whatever plugin design is always allowing full access for the admins. That is the part where I want to solve. It is like we build the form for our client and their customers. Our client doesn’t want us to know the encrypted information. But we might have other forms for other groups of clients. By putting admin in global user lockout might work, but if we (admin) need to access certain encrypted fields (requested by client) then this needs to be per form settings as well. Again, admin can easily edit the global user lockout list.
I think best is GF allows the form to be created by other roles (such as Editor) and the forms can only be seen/edited by the author itself. We help the client to set it up then the client can change their account password. In the end, admin has no way to access the form after it has been set up.
Hello
We’ll look into adding a per form option to the access list , but in the meantime ..just making sure you are aware of the settings page lockout option that we keep mentioning. Admins or any other user whatsoever cannot edit anything on the plug-in settings page if you set a password on it if they do not have the password.
This setting makes sure admins DO NOT always have access to everything. They can also be restricted from editing forms with a user role editor type plugin. A side advice note is that because admins by default have all access which then needs to be constrained, it’s likely best to simply not make users admins and instead create custom roles for each user that only has the access they need for thier specific position and nothing more.
If you do look into a role editing plugin,(user role editor or similar) I believe you can just make sure users do not have the “edit users” capability and they should not be able to access our plug-in settings page by default. Any users who can edit users can of course just change thier own capabilities or create another user with access so it is likely the highest granular permission you can single out by NOT giving it to users who should not have access to certain things such as our plug-in settings page.
Yes I understand, I am using User Role Editor plugin too. I am trying to block even ME myself from accessing the encrypted fields.
It seems the best solution would be using the global block and access lists and blocking yourself and anyone else as needed ( the block lists .. including the individual field lists in the form editor, can block or give access to ANY users including admins as admins do not have any special access to encrypted fields over other back end users) then having someone else (whoever will ultimately control access) set the settings screen lockout password. But someone has to have it as changed will inevitably eventually need to be made to the access lists and possibly other settings.
If we are able to eventually implement the access list per form option it would help make your specific use case much more viable from there As it would give the global access list optional form based granularity per user. But you’d still lose the individual field level access control. …normally this could be done at the field level in the form editor to control access per form and specific fields, but your back end users have even given form editing capabilities so pulling back to the lockable settings page does not afford you the normal per field/form Granular control.
Normally you could just make this so only the super admin would be able to edit the forms and the other users could view /export /edit entries/ etc but not edit the actual forms, so they can’t edit their own access, but if each of these other users actually need to be able to edit the forms themselves then your limited to using the global lists in the settings page and locking everyone out with the password.
Hi,
I’ve been struggling with the use of the decrypted merge tags in combination with the use of Async mode. I’ve added the FORM:FIELD values to the ‘decrypted merge tags’ setting, and as To: address in the notification {gfef_decrypt_FIELD} (i.e. 3:4 in the former, {gfef_decrypt_4} in the latter). This would not work, however. I’ve also tried the 3:ALL and ALL:ALL options). The email address stayed encrypted.
Which, when I think about it, might be logical but I haven’t seen this mentioned anywhere in the instructions or instruction videos.
I either have to disable Async mode (which I’d rather not do) or check the ‘Encrypt after submission is processed’ option on the E-mail field (and select Email as the ‘Send to’ field in the notification) to get the notification to be sent out to the non-encrypted value. Is this indeed correct? Or should the decrypted merge tags work with Async mode and is there something else that I need to change in my settings?
I’m using version 6.1.3 of the plugin and WordPress 6.0.2.
Hello
Use of decrypted tags with asynch mode is extensively covered in the instructions for OpenSSL Async / Strict Access Mode: under the encryption type option on the settings page.
In short, When using asynch mode there is NO auto decryption by the system. Nothing can be decrypted without a logged in asynch user performing the actions. This is the intent of the mode for strict access that the system cannot actually possibly decrypt anything without express logged in authorized permission. However, You can still send out unencrypted data on the initial submission for anonymous users by using a method detailed in the instructions section noted above. Using the “process feeds and add on before encrypting “ along with normal GF merge tags and the merge tag filter bypass. . This method is only instructed to be used in conjunction with asynch for initial anonymous submissions, and should NOT be used for any other encryption modes.
Thanks for the quick response! I’ve read a lot of the instructions and watched the videos, but I must have missed this one. I’ll dive into it.
Hi I have purchased the Gravity Forms Encrypted Fields WP Plugin. I need to install it on a development/staging copy of my website (with ‘dev’ subdomain, which is on the same domain as my production site (with ‘www’). Can this constitute as “one” installation?
Thanks, Kelvin
Hello
Yes. You can install it on both the dev sub domain and the production site
I have a use case where I need to request personal information from people that should likely be encrypted. This also includes an uploaded file. Following that I need the submitted form to be sent via the Galaxy Forms webhooks. My question is, am I still able to use this product and will the data be encrypted before or after it’s passed over the webhook. If so, how can I decrypted it?
Hello
Are you referring to gravity forms web hooks?
You can select to encrypt the submitted data in the database before or after the webhooks are processed. If encrypting before, you can use the plugins decrypted merge tags to pass decrypted data if the webhook allows for use of gravity forms merge tags. If encrypting after, you just use The webhooks normally. The web hooks (and GF webAPI) should all be being using https so the communication via them is also implicitly encrypted without any need for the user to do anything additional. To that end, it would just be on the user to be sure you are using secure webhook plugins.
Hello,
We’re trying to encrypt some additional fields within our gravity forms but notice now that the Encryption field options under the Advance tab no longer has their selection options.
The titles are still there but there’s no input field or a way to select a certain option. Seems like the encryption fields view are not compatible with the new Gravity forms layout view/style.
I have a screenshot I can show but not sure how to post it here. Any suggestion or solution? Thanks.
Hello
Our plug-in is fully compatible with the latest WP and Gravity Forms versions. It sounds like you are running a pretty old and outdated version of our plugin. Please be sure to update when available. You can select to receive email notifications for updates through your envato account for the product under your downloads section, and/or you can use the envato market plugin to help auto update your envato plugins and receive update notification.
The latest plug-in version is Version 6.1.3
Thanks so much we will do that. Sorry about that, no indication of an update was presented within our WordPress Dashboard view nor the plugins area. We will re-download, update, and turn on auto update notifications for now on. Thanks!
Hi,
With Asynch Encryption enabled, when authorized users log in to view the form entries they get a 500 error message. This only occurs with asynch enabled. authorized users can view form submissions with just open ssl encryption.
Hello
Does your system check have all required elements ok?
What version WP? What version Gravity Forms?
Have you tried disabling other plugins to check for plug-in conflict?
HI thanks for the quick reply! Most current versions of both WP Core (6.01) and Gravity Forms (2.6.5) are running (all plugins are at their current versions). I have Gravity PDF with the decrypted template assigned along with Gravity Signature and Gravity Recaptcha in terms of other gravity related plugins. I haven’t tried the plugin conflict test because it only happens with the asynch encryption enabled.
Hello
Yes. A plug-in conflict may only be occurring when using asynch. This would be the next step to take. Also making sure your server supports php sessions. Otherwise asynch is not supported
Thanks. I confirmed that PHP sessions is supported by our host server, however the documentation suggests that this introduces several security vulnerabilities. here is the documentation from WP Engine:
”....Finally, there are multiple security vulnerabilities centering around PHP Sessions. Vulnerabilities include session data being exposed, session fixation, and session hijacking.
Session Alternatives WordPress itself specifically doesn’t use PHP sessions. The correct method to store session data is to use the database. “
https://wpengine.com/support/cookies-and-php-sessions/#PHP_SessionsHello
Plug-in already addresses these potential issues in using php sessions. This is not having to do with your error 500.
If your server setup is correct you must look to examine potential plug-in conflict. Disable all other plug-in and use asynch. Then if working, enable other plug-in one at a time and test asynch
I want to PREVENT WordPress Admins from viewing certain protected (hidden) GF form field entries from the Entries UI while ALLOWING the user who submitted the form to view such entry data. I’m trying to go the easy route: i.e., not using encryption.
Here are the steps I took:
1. I enabled Encryption Bypass in settings.
2. I created a simple form in which one field (“Test”) was configured to have “User Owned Field” enabled.
3. I submitted the form from one of my admin logins.
4. I then logged into the site with a different admin login in an incognito browser window.
5. Using this different admin login (NOT the one that submitted the form in step 3), I was able to view the field that should have been hidden. Not what I was hoping for.
I also modified the above steps in a few ways:
A. I unchecked “User Owned Field”, checked “Original Submitting suer View Permission”, and selected “Hide Field Value” in the ‘Encryption’ section. RESULT: No difference.
B. I then added “lockdown” in the global ‘User Lockout List’. RESULT: Then NO ONE (including the Admin user who entered the form data) could view any hidden entry data.
Is what I’m trying to do (hide entries from WP admins who were not the users who submitted the data) possible? If so, how? What am I missing? If not, I suppose that means I need to use encryption — yes?
User owned fields only functions when encrypting field values. You cannot both bypass encryption and then try to use it.
If you just want to hide field values and not encrypt. First get rid of any other settings you’ve changed.
1. Use encryption bypass.
2. Use a non-existant username like “n0user^?&-#$!” in the fields permissions list. to restrict any users without that non-existant username
3. Select BOTH “hide field value” and “Original submitting user view permission” on each field that only submitting users should be able to see their own data.
4. Submit data and then view as submitter vs any other login.
Really you do not have to turn on the bypass, but it does prevent any encrypted field values if a field’s encryption is turned in by accident.
As a note, the issue was with using the “User Lockout List”.
That global lockout list is a higher level permission than what is assigned through “Original submitting user view permission”. the original user view permission is a field level permission, and the lockout list overrides ALL field level permissions (aside from user owned field encryption) at a global level.. then the User access list overrides that globally. please see the “UNDERSTANDING THE VIEW PERMISSIONS FLOW” section near the bottom of the setup instructions to go over how each permission affects the others and which will superseed etc. It allows for complex per field settings, but also allows for easy global settings.
Thank you for the very prompt response!
I followed your 4-step procedure.
Result: For both the submitter and the other user (both Admins), the entry value displays as “Hide Field Value Restricted”. Not working for me.
(I also tried a submission after disabling ‘encryption bypass’. Same result.)
Double check the steps. We made a correction to the response for step 2. You should not be using the lockout list.
Exellent! That worked. Thank you.
Am I understanding correctly that I cannot enter the non-existent username in the global User Lockout List — rather than entering it into the field-specific User/Role View Permission box? (If I could, that woulld certainly make things easier…)
You are Correct. The restrictions have to stay per field.
My site is using Lets Encrypt for SSL Does this satisfy the OpenSSL Encryption Enabled requirement?
Hello
It should, but is not recommended for production sites over a standard issue certificate. The system check used in the setup instructions will verify this
Thank you. Do you have a recommended standard issue certificate provider?
Hello
Your web host should have certain ones they work with, Auto install, etc
I wanted to document an issue with the most current version of WP and Elementor.
Here is what I am seeing:
“Site Health is reporting a critical issue:
An active PHP session was detected
A PHP session was created by a session_start() function call. This interferes with REST API and loopback requests. The session should be closed by session_write_close() before making any HTTP requests.”
I enabled and disabled the plugins one at a time to determine which was causing the error. The error disappeared when I disabled yours.
Hello
The latest plug-in version is : Version 6.1.3
You are likely running an old version with has this already resolved issue. Please update if this is the case
i added this onto my website and now viewing gravityview entries is painfully slow. any way to speed things up? I have a decent server on siteground. Thanks
just an update, unfortunately I dont think ill be able to use this plugin. It doesnt work with GravityView – Advanced Filter Extension which filters the view fields based on specific parameters. Pretty gutted to be honest. Any insights on how I could get it to work with this?
Hello
We’re Not familiar with the exact extension, but if it can use merge tags you can use or custom ones. If you check with their team they might have an idea for you. If it didn’t work out for you just request a refund through your envato account.
Yes I have sent an email to the team, its a pretty popular extension that you can get with gravityview on their website, maybe if you have time you can check it out sometime
another query, I tried to just use the ‘hide field’ but when viewing the data in gravity view even though I made the field says encrypted field. I thought using the hide option would hide for others on the front end but show for whoever submitted the form?
Hello
Be sure to go through the instructions in full.
Hide field value does not give any specific permissions to any users. It simply hides the field data values to users without view permissions without actually encrypting the data in the database. You have to give the original submitting user view permissions, either by “ Original Submitting User View Permission” or “user owned field”
The osuvp option gives the original submitting user view permissions IN ADDITION to any other assigned view permissions. While “user owned fields” can ONLY be viewed by the original submitting user regardless of any other view permissions settings.
This is all covered in depth in the setup instructions under the “understanding the View permissions flow “ section.
If the view you are looking at otherwise is generated by merge tags , you need to use our custom merge tags. The decrypted merge tags decrypt ALL the time with no regard for view permissions, while the user decrypted merge tags check the view permissions of the user to determine access to the merge tag generated content.
Yes I clicked user owned but it didnt work, is this because it only works on new entries i make not older ones that was made before i added that the field is hidden. I think its because the field is generated by a merge tag I wasnt aware i needed to use your merge tags for the hidden field selection. Many thanks regardless unless gravityview has a solution for there advanced filter extension i cant use your app, ill let you know if they have a solution, thanks!!
Hello
Yes.
Encryption, hide field value, and user owned field only apply to new entries after the setting. these all change the way the data is encrypted or not on submission, and changing the Settings does not retroactively change the data in the database for any previous entries. You can manually change any encryption for previously existing entries. This is covered in the setup and usage instructions.
There is also some coverage on using our merge tags with gravity view specifically as well. If you create a custom view, you can display merge tag content using our custom merge tags. You can just run your own filters in any custom view. But this requires some dev side coding using gravity views available filters etc.
Can we have emails come through but keep the info encrypted on the back end?
I could not tell how to do this from your documentation in the plugin. It’s not clear to me
https://strivecare365.com/request-an-appointmentHello
Yes you can do this The data is always encrypted in the database and is only decrypted in displays, exports , and emails unless you manually decrypt it.
To have decrypted in email only, You can just not give anyone access to decrypted views in the back end and send out decrypted emails using the decrypted merge tags.
Can you please clarify which options in the back end need to be set in order to not encrypt the emails? This doesn’t tell me how to do it. Please send screen shot of where to toggle on and off.
Thank you, Andy
Hello
There is no single setting. You use the plugins custom decrypted merge tags. Please refer to the complete setup instructions for the plugin. At the top if the settings page They cover the set-up and use of the decrypted merge tags in detail with a video guide available as well.
Can you send me some screenshots where this is effected. Or a video with the steps to turn it on and off. Your instructions are not easy to follow. PLEASE HELP
If you scroll to section 12 of the instructions there is a step by step guide on using the merge tags. Just unlock them in the settings page setting ( read the instructions There and you can unlock all with a single click there and saving the settings page if you like)
Otherwise at the top of the settings page immediately under the Setup instructions button, There is a button for video tutorials and resources. There is a full video on using the merge tags There. However, for single users, just unlocking all of them from the merge tag setting on the settings page first and then simply selecting them from gravity forms drop down menus where available is quick and easy.
As far as how each type of available tags works after they are unlocked and selectable, either go through the setup section 12 in full or refer to the video tutorial
Hi, pre-sale question. You have up to WP 5.9.x listed in ‘Software Version’. Is it in-fact up to date and working with WP 6.x and Gravity forms 2.6.x?
Hello
Yes. It works with all latest WP and Gravity Forms