Yesterday a crucial security flaw was discovered in the Gravity Forms Directory plugin and fixed immediately. Version 3.5.4.3 was released and takes care of the issue. __Please update immediately__.
For the security of the users still running older versions, we can’t go into what the flaw was, but it had to do with viewing Gravity Form entries without permission, and was severe.
Gravity Forms Directory versions affected: 2.4.1 – 3.5.4.2. Version 3.5.4.3. fixes the problem
The flaw was discovered by Baruch Moskovits. We released a patch within one hour of the discovery.
This post is about Gravity Forms, a WordPress contact form plugin.
I know about Gravity Forms…but what are shortcodes?
Think of shortcodes as a placeholder for where other content will be displayed: instead of “Insert a Gravity Forms form here,” we use the `gravityform` shortcode. Learn more about shortcodes on WordPress.org.
The Gravity Forms `shortcode` has five pieces:
`
`
`id` (required) – The ID of the form, as displayed on the Gravity Forms Edit Forms page in the Id column
`name` (required) – The name of the form.
`title` – Show the title to users? Default is true; set to “false” to disable
`description` – Show the form’s description to users? Default is true; set to “false” to disable.
`ajax` – Submit the form without refreshing? Default is false; set to “true” to enable.
We can do this the easy way or the hard way. What’ll it be?
The WordPress form plugin Gravity Forms (if you don’t use it, you should — it’s great) comes with a stylesheet found at [plugin-directory]/plugins/gravityforms/css/forms.css. SEODenver.com’s is found here.
The Gravity Forms plugin has recently updated to Version 1.4, and it adds a bunch of features. The one I am most excited about is Ajax submission – this means that the form no longer requires a page reload to display errors and to submit. This brings the plugin in line with Contact Form 7 and cFormsII in this functionality.
Since Gravity Forms came out, it’s been transforming how WordPress can be used. It makes a contact form more than a contact form. It makes a contact form the basis for anything you can imagine.
The Gravity Forms Addons plugin has added Directory capability to Gravity Forms.
The directory shortcode
You can add a directory for any form using the directory shortcode. When you add the plugin, you’ll see a new button to the right of the Gravity Forms “Add Gravity Form” button. This pop-up has lots of configuration options. Click the “Show advanced settings” link for tons of configuration options.
Gravity Forms is Great. Let’s Make it Better.
To view one pane, the other panes close. What a pane in the ass! 🙂
I really enjoy the Gravity Forms plugin. It’s a great form generator seemingly based on making a Wufoo-style experience for a WordPress form plugin. It’s super-simple to use and set up, and I’ve set up my website request form using Gravity Forms.
Some little things make a big difference
One thing that has frustrated me about the plugin is that when selecting the type of field to add to the form, I had to click a box to show it, like the image to the right. I knew that it would be a simple thing to fix…so I did. Enter the Gravity Forms Addon plugin. Continue reading “Improve Gravity Forms – Gravity Forms Addons Plugin”