Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
We are about to release a 7.x-2.0 release of Encrypt.
It would be great to have this module work with that.
Comment | File | Size | Author |
---|---|---|---|
#29 | webform_encrypt-2325353-29.patch | 11.43 KB | nairb |
#27 | webform_encrypt-several-fixes-update.patch | 11.22 KB | k-l |
#25 | webform_encrypt-2325353-25.patch | 3.71 KB | nileshlohar |
#24 | webform_encrypt-several-fixes.patch | 9.34 KB | sam.spinoy@gmail.com |
#18 | webform_encrypt-2325353-18-reroll-webform-3x.patch | 2.15 KB | kylesmith |
Comments
Comment #1
voskuh CreditAttribution: voskuh commentedOn one of my test sites I use a modified version of webform encrypt. It seems to work properly with encrypt 7.x-2.0-rc1 and webform 7.x-4.0-rc6. Please review the attached patch. Maybe it's something to start with.
Comment #2
voskuh CreditAttribution: voskuh commentedComment #3
gregglesAwesome, thanks voskuh!
Comment #4
badrun CreditAttribution: badrun commentedI applied the patch but got an error message below.
Error message:
PDOException: in drupal_write_record() (line 7202 of /Users/test/includes/common.inc).
Config:
Drupal-7.31
Webform-7.x-4.0
Webform Encrypt 7.x-1.0+10-dev
Encrypt 7.x-2.0-rc1
Comment #5
nickholden CreditAttribution: nickholden commentedSeems to work for me.
Config:
Drupal-7.32
Webform-7.x-4.1
Webform Encrypt 7.x-1.0+10-dev
Encrypt 7.x-2.0
I'm just guessing, but I doubt I'm the only one taking an extra interest in encrypt and webform_encrypt since #drupageddon.
It would be good to get this patch integrated and a release version out that works with encrypt 2.0.
How can I help?
Comment #6
badrun CreditAttribution: badrun commentedI updated my config, applied the patch, and still got the same error message after submitting the form.
PDOException: in drupal_write_record() (line 7202 of /Users/test/includes/common.inc).
Even though the site produce the error, the form is still being saved and the encrypted field is shown blank.
Config:
Drupal-7.32
Webform-7.x-4.1
Webform Encrypt 7.x-1.0+10-dev
Encrypt 7.x-2.0
Before applying the patch, this is the error message that I got
Notice: Undefined index: value in webform_encrypt_webform_submission_presave() (line 62 of /Users/test/sites/all/modules/webform_encrypt/webform_encrypt.module).
Notice: Array to string conversion in drupal_write_record() (line 7165 of /Users/test/includes/common.inc).
Comment #7
nickholden CreditAttribution: nickholden commented@badrun When you get the PDO Exception does it give you any more information about the database error? Did you create an entirely new webform, or are you working on a form that already exists? If it exists, does it have data in it? What kinds of webform fields are you using? I'd suggest, for debugging purposes, now you've got rid of the warnings about the 'value' index (by applying this patch), creating an entirely new form, using just text field types, and seeing if you still get the PDO error.
Comment #8
nickholden CreditAttribution: nickholden commented@badrun Sorry, one more question: which type of encryption have you enabled for the webform field in question?
Comment #9
badrun CreditAttribution: badrun commented@nickholden Thank you for asking me more. You may ask me more questions anytime. I really want this module to work out for everyone.
The first and second tests above was done on a preexisting webform with no data in it. It uses many field types (textfield, email, select list, etc.). For encryption, I didn't change the encryption module configuration. So, it was using the default configuration.
Today, I tested webform encrypt module again with a clean drupal-7.33 installation. No changes in encryption configuration, using the default config. I still get the same error (picture attached), only PDO Exception error, nothing else.
Config:
Drupal-7.33
Webform-7.x-4.1
Webform Encrypt 7.x-1.0+10-dev
Encrypt 7.x-2.0
The test is using only one field with a field type of textfield.
The first scenario, I make the field as required.
The second scenario, the field is not required.
Both produce the same error.
Another interesting thing that I found.
The field result is blank, shows nothing, when the form is created by user 1 (super admin) and viewed by all users.
The field result is showing the result when the form is created by user 2 (administrator role) or user with authenticated user role, the form is being viewed by user 1 and 2.
The field result is showing "[Value Encrypted] " when the form is being viewed by user with authenticated user role.
I think this is the module design. It won't be a problem since user 1 most likely is not going to participate on using the form. But, when user 1 is editing form result, the input will be blank.
Comment #10
nickholden CreditAttribution: nickholden commented@badrun
Can you try using a different encryption method? It's fine to leave it using the 'default' method from the encrypt module, but if you change the settings in the encrypt module so that the default method uses mcrypt/AES 256 with a file key instead of the drupal key, what happens? mcrypt/AES 256 is the encryption method I use, and I haven't seen the PDO error at all.
I'm asking because there's a thread here - https://www.drupal.org/node/1479128 - that suggests that with default encryption method, the encrypted data sometimes becomes too big for MySQL to write into the column because the data column in webform_submitted_data is of type mediumtext (the webform module doesn't expect to have to write encrypted data). The solution proposed is to change the column type to BLOB, but I think changing the encryption method should work better.
You could, of course, try changing the column type, if you prefer. But this might get broken with later upgrades to the webform module. Possibly the webform_encrypt module should change the column type at install time, but changing the database schema of another module's table is probably considered rude.
Good luck
Nick
Comment #11
badrun CreditAttribution: badrun commented@nickholden Thank you, it works, no more error message.
I changed the "Encryption method settings" into "Mcrypt AES 256" and leave the rest of the configuration the same. The error message is gone. The blank result is also gone. The module works perfectly.
Thank you again for your help.
Comment #12
gregglesAnything you need help with to get this patch committed/released?
We'd like to remove support for 7.x-1.x version of encrypt.
Comment #13
heddnSee my comments at #1788042-15: Compatibility with Webform 4.x
Comment #14
geoffreyr CreditAttribution: geoffreyr commentedJust rerolled the patch in #1 against version 1.1.
Comment #15
MRPRAVIN CreditAttribution: MRPRAVIN as a volunteer commentedThanks +1 (#1patch) works for me.
Comment #16
joel_osc CreditAttribution: joel_osc commentedWorks great for me too! Thanks for the patch.
Comment #17
kylesmith CreditAttribution: kylesmith commentedMy site is using Webform-3.x, which has a slightly different $submission->data array structure. I'm re-rolling this patch so it can work with the older version of webform.
This attached patch works for me and I am using:
* Drupal-7.43
* Webform-7.x-3.24
* Encrypt 7.x-2.3
* Webform Encrypt 7.x-1.1
Thanks voskuh and geoffreyr for your patches!
Comment #18
kylesmith CreditAttribution: kylesmith commentedMy patch in #17 had an error (it made an unnecessary change to the webform_encrypt_webform_submission_presave() function).
Attaching an updated patch for Webform-3.x
Comment #19
Yuri CreditAttribution: Yuri commented@kylesmith why didn't you update your Webform to the stable version 7.x-4.x for your patch
Comment #20
ben.hamelin CreditAttribution: ben.hamelin commentedPatch in #1 worked for me.
Drupal 7.44
Webform 7.x-4.12
Encrypt 7.x-2.3
Webform Encrypt 7.x-1.0+10-dev (2013-Oct-25)
Comment #21
jasonschweb CreditAttribution: jasonschweb commentedPatch #1 is not sufficient when there's data already in the field to be encrypted. It does not encrypt the fields when enabling encryption, only on save, but always tries to decrypt them when loaded. Ideally it should encrypt on enable, but I've created a workaround, by changing
if (!empty($entry[$delta])) {
toif (!empty($entry[$delta]) && FALSE !== @unserialize($entry[$delta])) {
in the functionwebform_encrypt_webform_submission_load
Comment #22
sokru CreditAttribution: sokru at Druid commentedTested patch #1 with
Although @jasonschweb has valid point in #21 I changed status to RTBC because without this patch one cannot get encryption to work with recommended Webform+Encrypt contrib releases.
Comment #23
sam.spinoy@gmail.com CreditAttribution: sam.spinoy@gmail.com at Adapt commentedI have a problem with the use of webform_encrypt_webform_submission_load(). This will effectively decrypt or show "value encrypted" everywhere a submission is loaded. Seems great, except on the edit form: if a user doesn't have access to see the encrypted values but can edit webform results, he/she will see [Value encrypted] in the textfield. Upon saving "[Value encrypted]" will be encrypted and saved in the db as the new value.
Only using webform_encrypt_webform_submission_render_alter() makes more sense, as this gets fired in all places except the edit form. Exactly what we need. I will post a patch later.
EDIT: only using webform_encrypt_webform_submission_render_alter() is not fired for the csv and table display ... looking into a solution
Comment #24
sam.spinoy@gmail.com CreditAttribution: sam.spinoy@gmail.com at Adapt commentedWrote an extra check in the hook_submission_load where we check if we're on a submission/edit page. It's not 100% failsafe (what if people have custom own edit pages) but it's better than nothing.
This patch also incorporates the fix from issue #2370289, and includes some general code rewriting.
It also addresses an issue with sending encrypted values in emails, even though that fix is not complete.
Comment #25
nileshlohar CreditAttribution: nileshlohar commentedPatch from #1 worked for me except the case explained in #21 as when we already have data and then if we enable encrypt it breaks.
So, Updating patch #1 for current release and also incorporating #21.
As, this need to be commited to module ASAP as this module doesnt works w/o it, I feel #23 and #24 are add-ons;
as allowing to update submissions are rare and can be incorporated later.
Comment #26
sam.spinoy@gmail.com CreditAttribution: sam.spinoy@gmail.com at Adapt commented@nileshlohar: patch #1 will cause incorrect data when editing and re-saving a submission, see my comment in #23
Comment #27
k-l CreditAttribution: k-l commentedPatch #24 causes error when trying to change field order by just dragging it when webform already has submitted values.
This patch fixes it. Also tweaked submission/edit form for users that do not have access to view encrypted data, now it shows [Value Encrypted] instead of serialized text but still won't overwrite original value, so after editing submission encrypted value is untouched.
Also patches one small hole when user with permission to edit webform component but not having access to view encrypted values could just uncheck encrypt field checkbox so decrypting submitted values and then viewing them.
Comment #28
nileshlohar CreditAttribution: nileshlohar commentedPatch in #27 gives "FATAL ERROR: Uncaught crypto exception. Suppressing output."
to users having "View Encrypted Values in Webform Results" permission.
Comment #29
nairb CreditAttribution: nairb commentedI also see the error "FATAL ERROR: Uncaught crypto exception. Suppressing output." for users with access to view encrypted values, even for the admin user. After applying the patch in #27 the error goes away and users are able to view encrypted data. I had to apply it manually since there have been some updates to the module. I'm including the re-roll of #27.
I am using:
Drupal 7.54
Encrypt 7.x-2.3
Webform 7.x-4.15
Webform Encrypt 7.x-1.2
Also using these but they should not have any impact
Key 7.x-3.4
Key Encrypt 7.x-3.4 (needed for Encrypt 2.x)
Lockr 7.x-2.3
Real AES 7.x-1.2
Comment #30
th_tushar CreditAttribution: th_tushar commentedPlease use the latest release, 7.x-1.3 version