PLEASE NOTE: These forums are no longer utilized and are provided as an archive for informational purposes only. All support issues will be handled via email using our support ticket system. For more detailed information on this change, please see this blog post.

Is the data encrypted in the database?

  1. Hi,

    I am considering buying this plugin, but one of the most important features I am looking for is encryption of the data in the database. is it supported?

    for example: I would like to collect information from the user like Social Security Number, I noticed it is possible to configure a text field to have SSN input mask. Is it possible to specify that the field will be sotred encrypted? Also, when I retrieve the information I need to decrypt it.

    If you can provide me some documentation / information on the encryption / decryption that is supported by the plugin that will be really helpful

    Thanks
    YL

    Posted 6 years ago on Friday April 12, 2013 | Permalink
  2. David Peralty
    Administrator

    We do not have any built-in data encryption, but using our hooks you can set up such a thing. We do have encoding, but that's not the same - http://www.gravityhelp.com/documentation/page/Gform_save_field_value
    http://www.gravityhelp.com/documentation/page/Gform_get_field_value

    You could use http://www.gravityhelp.com/documentation/page/Gform_pre_submission to encrypt it the way you want, and you would have to create your own decryption as well.

    Posted 6 years ago on Friday April 12, 2013 | Permalink
  3. Thank you for the reply, are the fields in the database big enough to stored an encrypted value? or will I need to change the field in the database too?

    Posted 6 years ago on Friday April 12, 2013 | Permalink
  4. David Peralty
    Administrator

    You'll want to check the database schema to make sure it fits however long your encrypted strings are. I don't know what encryption you are using, so I can't comment.

    Posted 6 years ago on Friday April 12, 2013 | Permalink
  5. I plan on using MCRYPT_RIJNDAEL_128 or MCRYPT_RIJNDAEL_256;

    Posted 6 years ago on Friday April 12, 2013 | Permalink
  6. There are two fields in the Gravity Forms tables which will be used to store submitted values. One is in the $wpdb->rg_lead_detail table, the value field, and it is limited to VARCHAR 200 characters, by design. This is to prevent loading extremely long values in the admin. So that field will hold a substring of the submitted value. I don't think that is going to cause you a problem.

    The other field is in the $wpdb->rg_lead_detail_long, also the value field. That is defined as LONGTEXT, which, in MySQL is something like 4GB. This is a MySQL limitation, not anything built in to Gravity Forms.

    I would test the length of the encrypted values , depending on which encryption you use, and what length key you use with your encryption. I don't think they will be anywhere near 4GB in length, so I think you are going to be fine.

    Posted 6 years ago on Sunday April 14, 2013 | Permalink