Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
<?php
/*
Plugin Name: Gravity Forms Encryptorator
Plugin URI: https://github.com/humanmade/Gravity-Forms-Encryptorator
Description: Encrypt all Gravity Forms data on the way into the database using openssl public encryption, data can only be decrypted with the associated private key.
Author: Human Made Limited
Version: 1.0 Alpha
Author URI: http://www.hmn.md/
*/
// TODO - Long entry details get truncated after they are encrypted which mean the short version is nonsensical, that breaks the detail list page view .
// Show a message in the admin if the public key path isn't working
if ( ! defined ( 'HMGFE_PUBLIC_KEY' ) || ( defined( 'HMGFE_PUBLIC_KEY' ) && ! HMGFE_PUBLIC_KEY ) || ( defined( 'HMGFE_PUBLIC_KEY' ) && ! is_readable( HMGFE_PUBLIC_KEY ) ) )
add_action( 'admin_notices', function() { ?>
<div id="hmgfe-warning" class="updated fade"><p><strong><?php _e( 'Gravity Forms Encryptorator is almost ready.', 'hmgfe' ); ?></strong> <?php printf( __( 'You need to set the path to your public key file by adding %2$s to your %1$s file.', 'hmgfe' ), '<code>wp-config.php</code>', '<code>define( \'HMGFE_PUBLIC_KEY\', \'path/to/your/keyfile.pem\' );</code>' ); ?></p></div>
<?php } );
add_filter( 'gform_save_field_value', function( $value, $lead, $field, $form ) {
// Load the public key
if ( defined( 'HMGFE_PUBLIC_KEY' ) && HMGFE_PUBLIC_KEY && file_exists( HMGFE_PUBLIC_KEY ) && is_readable( HMGFE_PUBLIC_KEY ) ) {
$public_key = openssl_get_publickey( fread( $handle = fopen( HMGFE_PUBLIC_KEY, 'r' ), 8192 ) );
fclose( $handle );
// If we have a public key then encyrpt the data
if ( ! empty( $public_key ) && openssl_seal( $value, $encrypted_value, $env_keys, array( $public_key ) ) )
$value = base64_encode( $encrypted_value ) . ':::' . base64_encode( reset( $env_keys ) );
// Free the key from memory
openssl_free_key( $public_key );
}
return $value;
}, 10, 4 );
add_filter( 'gform_get_field_value', function( $value, $lead, $field ) {
// If we have a decryption key
if ( defined( 'HMGFE_PRIVATE_KEY' ) && HMGFE_PRIVATE_KEY && file_exists( HMGFE_PRIVATE_KEY ) && is_readable( HMGFE_PRIVATE_KEY ) ) {
$private_key = openssl_get_privatekey( fread( $handle = fopen( HMGFE_PRIVATE_KEY, 'r' ), 8192 ) );
fclose( $handle );
if ( is_string( $value ) ) {
$encrypted_value = base64_decode( reset( explode( ':::', $value ) ) );
$env_key = base64_decode( end( explode( ':::', $value ) ) );
// If we have a public key then encyrpt the data
if ( $env_key && openssl_open( $encrypted_value, $decrypted_value, $env_key, $private_key ) )
$value = $decrypted_value;
}
// Decrypt data in arrays
if ( is_array( $value ) )
array_walk( $value, function( &$value ) use ( $private_key ) {
$encrypted_value = base64_decode( reset( explode( ':::', $value ) ) );
$env_key = base64_decode( end( explode( ':::', $value ) ) );
// If we have a public key then encyrpt the data
if ( $env_key && openssl_open( $encrypted_value, $decrypted_value, $env_key, $private_key ) )
$value = $decrypted_value;
} );
// Free the key from memory
openssl_free_key( $private_key );
}
// If the data is encrypted and we don't have the decryption key
if ( ! defined( 'HMGFE_PRIVATE_KEY' ) && defined( 'HMGFE_PUBLIC_KEY' ) ) {
if ( is_string( $value ) && base64_decode( $value ) != $value )
$value = str_pad( '', 49, '&#9608;' );
elseif ( is_array( $value ) )
$value = array_pad( array(), count( $value ), str_pad( '', 42, '&#9608;' ) );
}
return $value;
}, 10, 3 );
@ibuilder

This comment has been minimized.

Copy link

ibuilder commented Nov 13, 2013

This is awesome, but ..
Plugin URI: https://github.com/humanmade/Gravity-Forms-Encryptorator - Doesnt exist :(

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.