Created
November 27, 2012 16:45
-
-
Save willmot/4155391 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
Plugin Name: Gravity Forms Encryptorator | |
Plugin URI: https://github.com/humanmade/Gravity-Forms-Encryptorator | |
Description: Encrypt all Gravity Forms data on the way into the database using openssl public encryption, data can only be decrypted with the associated private key. | |
Author: Human Made Limited | |
Version: 1.0 Alpha | |
Author URI: http://www.hmn.md/ | |
*/ | |
// TODO - Long entry details get truncated after they are encrypted which mean the short version is nonsensical, that breaks the detail list page view . | |
// Show a message in the admin if the public key path isn't working | |
if ( ! defined ( 'HMGFE_PUBLIC_KEY' ) || ( defined( 'HMGFE_PUBLIC_KEY' ) && ! HMGFE_PUBLIC_KEY ) || ( defined( 'HMGFE_PUBLIC_KEY' ) && ! is_readable( HMGFE_PUBLIC_KEY ) ) ) | |
add_action( 'admin_notices', function() { ?> | |
<div id="hmgfe-warning" class="updated fade"><p><strong><?php _e( 'Gravity Forms Encryptorator is almost ready.', 'hmgfe' ); ?></strong> <?php printf( __( 'You need to set the path to your public key file by adding %2$s to your %1$s file.', 'hmgfe' ), '<code>wp-config.php</code>', '<code>define( \'HMGFE_PUBLIC_KEY\', \'path/to/your/keyfile.pem\' );</code>' ); ?></p></div> | |
<?php } ); | |
add_filter( 'gform_save_field_value', function( $value, $lead, $field, $form ) { | |
// Load the public key | |
if ( defined( 'HMGFE_PUBLIC_KEY' ) && HMGFE_PUBLIC_KEY && file_exists( HMGFE_PUBLIC_KEY ) && is_readable( HMGFE_PUBLIC_KEY ) ) { | |
$public_key = openssl_get_publickey( fread( $handle = fopen( HMGFE_PUBLIC_KEY, 'r' ), 8192 ) ); | |
fclose( $handle ); | |
// If we have a public key then encyrpt the data | |
if ( ! empty( $public_key ) && openssl_seal( $value, $encrypted_value, $env_keys, array( $public_key ) ) ) | |
$value = base64_encode( $encrypted_value ) . ':::' . base64_encode( reset( $env_keys ) ); | |
// Free the key from memory | |
openssl_free_key( $public_key ); | |
} | |
return $value; | |
}, 10, 4 ); | |
add_filter( 'gform_get_field_value', function( $value, $lead, $field ) { | |
// If we have a decryption key | |
if ( defined( 'HMGFE_PRIVATE_KEY' ) && HMGFE_PRIVATE_KEY && file_exists( HMGFE_PRIVATE_KEY ) && is_readable( HMGFE_PRIVATE_KEY ) ) { | |
$private_key = openssl_get_privatekey( fread( $handle = fopen( HMGFE_PRIVATE_KEY, 'r' ), 8192 ) ); | |
fclose( $handle ); | |
if ( is_string( $value ) ) { | |
$encrypted_value = base64_decode( reset( explode( ':::', $value ) ) ); | |
$env_key = base64_decode( end( explode( ':::', $value ) ) ); | |
// If we have a public key then encyrpt the data | |
if ( $env_key && openssl_open( $encrypted_value, $decrypted_value, $env_key, $private_key ) ) | |
$value = $decrypted_value; | |
} | |
// Decrypt data in arrays | |
if ( is_array( $value ) ) | |
array_walk( $value, function( &$value ) use ( $private_key ) { | |
$encrypted_value = base64_decode( reset( explode( ':::', $value ) ) ); | |
$env_key = base64_decode( end( explode( ':::', $value ) ) ); | |
// If we have a public key then encyrpt the data | |
if ( $env_key && openssl_open( $encrypted_value, $decrypted_value, $env_key, $private_key ) ) | |
$value = $decrypted_value; | |
} ); | |
// Free the key from memory | |
openssl_free_key( $private_key ); | |
} | |
// If the data is encrypted and we don't have the decryption key | |
if ( ! defined( 'HMGFE_PRIVATE_KEY' ) && defined( 'HMGFE_PUBLIC_KEY' ) ) { | |
if ( is_string( $value ) && base64_decode( $value ) != $value ) | |
$value = str_pad( '', 49, '█' ); | |
elseif ( is_array( $value ) ) | |
$value = array_pad( array(), count( $value ), str_pad( '', 42, '█' ) ); | |
} | |
return $value; | |
}, 10, 3 ); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is awesome, but ..
Plugin URI: https://github.com/humanmade/Gravity-Forms-Encryptorator - Doesnt exist :(