Skip to content

Instantly share code, notes, and snippets.

@willmot
Created November 27, 2012 16:45
Show Gist options
  • Save willmot/4155391 to your computer and use it in GitHub Desktop.
Save willmot/4155391 to your computer and use it in GitHub Desktop.
<?php
/*
Plugin Name: Gravity Forms Encryptorator
Plugin URI: https://github.com/humanmade/Gravity-Forms-Encryptorator
Description: Encrypt all Gravity Forms data on the way into the database using openssl public encryption, data can only be decrypted with the associated private key.
Author: Human Made Limited
Version: 1.0 Alpha
Author URI: http://www.hmn.md/
*/
// TODO - Long entry details get truncated after they are encrypted which mean the short version is nonsensical, that breaks the detail list page view .
// Show a message in the admin if the public key path isn't working
if ( ! defined ( 'HMGFE_PUBLIC_KEY' ) || ( defined( 'HMGFE_PUBLIC_KEY' ) && ! HMGFE_PUBLIC_KEY ) || ( defined( 'HMGFE_PUBLIC_KEY' ) && ! is_readable( HMGFE_PUBLIC_KEY ) ) )
add_action( 'admin_notices', function() { ?>
<div id="hmgfe-warning" class="updated fade"><p><strong><?php _e( 'Gravity Forms Encryptorator is almost ready.', 'hmgfe' ); ?></strong> <?php printf( __( 'You need to set the path to your public key file by adding %2$s to your %1$s file.', 'hmgfe' ), '<code>wp-config.php</code>', '<code>define( \'HMGFE_PUBLIC_KEY\', \'path/to/your/keyfile.pem\' );</code>' ); ?></p></div>
<?php } );
add_filter( 'gform_save_field_value', function( $value, $lead, $field, $form ) {
// Load the public key
if ( defined( 'HMGFE_PUBLIC_KEY' ) && HMGFE_PUBLIC_KEY && file_exists( HMGFE_PUBLIC_KEY ) && is_readable( HMGFE_PUBLIC_KEY ) ) {
$public_key = openssl_get_publickey( fread( $handle = fopen( HMGFE_PUBLIC_KEY, 'r' ), 8192 ) );
fclose( $handle );
// If we have a public key then encyrpt the data
if ( ! empty( $public_key ) && openssl_seal( $value, $encrypted_value, $env_keys, array( $public_key ) ) )
$value = base64_encode( $encrypted_value ) . ':::' . base64_encode( reset( $env_keys ) );
// Free the key from memory
openssl_free_key( $public_key );
}
return $value;
}, 10, 4 );
add_filter( 'gform_get_field_value', function( $value, $lead, $field ) {
// If we have a decryption key
if ( defined( 'HMGFE_PRIVATE_KEY' ) && HMGFE_PRIVATE_KEY && file_exists( HMGFE_PRIVATE_KEY ) && is_readable( HMGFE_PRIVATE_KEY ) ) {
$private_key = openssl_get_privatekey( fread( $handle = fopen( HMGFE_PRIVATE_KEY, 'r' ), 8192 ) );
fclose( $handle );
if ( is_string( $value ) ) {
$encrypted_value = base64_decode( reset( explode( ':::', $value ) ) );
$env_key = base64_decode( end( explode( ':::', $value ) ) );
// If we have a public key then encyrpt the data
if ( $env_key && openssl_open( $encrypted_value, $decrypted_value, $env_key, $private_key ) )
$value = $decrypted_value;
}
// Decrypt data in arrays
if ( is_array( $value ) )
array_walk( $value, function( &$value ) use ( $private_key ) {
$encrypted_value = base64_decode( reset( explode( ':::', $value ) ) );
$env_key = base64_decode( end( explode( ':::', $value ) ) );
// If we have a public key then encyrpt the data
if ( $env_key && openssl_open( $encrypted_value, $decrypted_value, $env_key, $private_key ) )
$value = $decrypted_value;
} );
// Free the key from memory
openssl_free_key( $private_key );
}
// If the data is encrypted and we don't have the decryption key
if ( ! defined( 'HMGFE_PRIVATE_KEY' ) && defined( 'HMGFE_PUBLIC_KEY' ) ) {
if ( is_string( $value ) && base64_decode( $value ) != $value )
$value = str_pad( '', 49, '&#9608;' );
elseif ( is_array( $value ) )
$value = array_pad( array(), count( $value ), str_pad( '', 42, '&#9608;' ) );
}
return $value;
}, 10, 3 );
@ibuilder
Copy link

This is awesome, but ..
Plugin URI: https://github.com/humanmade/Gravity-Forms-Encryptorator - Doesnt exist :(

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment