RensTillmann / super-forms

18 stars 14 forks source link

Encrypted Field(s) Option #44

Open NoellyB76 opened 3 years ago

NoellyB76 commented 3 years ago

This isn't as much of an issue, as much as it is a feature request. I came across this plugin while perusing a web site that is using it to accept credit card information. I'm assuming, since this information would just be stored in plaintext in the WP DB, that it's being stored unencrypted. That made me cringe, and so in my own work, I created a similar form - but with encrypted fields. This was a Gravity Forms plugin made by a third-party developer who put a lot into the security of the whole thing - which I appreciated.

SuperForms is pretty awesome, and I never knew about it until seeing it used rather improperly to store credit card information for later retrieval inside of WordPress's admin area. Like I said, this is pretty poor, and definitely doesn't pass for PCI standards - not even close. I think a huge step towards being somewhat secure would be to provide a means for encrypted fields.

I'd be interested in possibly working on this myself even - I've done similar things, in the past.

Looking forward to your response.

Thanks!

RensTillmann commented 3 years ago

Hi, that's right all data is processed as is, and stored as is. If you want something secure in regards to storing credit card info, I wouldn't suggest doing it on a WP installation in the first place. I wouldn't do it at all, I would rather just use a third party to do these type of things. Think of stripe or any of those options.

But I can see why you might want the need to encrypt data submission as a whole or partially. And this has been requested some times before. But there is only so much I can do. The code is open source so feel free to fork it and adjust to your liking. In the future we might add some sort of option to do this, but again it's not that user friendly to have a secure method. It involves some manual things to be totally secure such as storing a "private key" somewhere on the server securely etc. There are many things that could go wrong. But that doesn't mean it can't be done.

If you have suggestions feel free to share.