17 Comments


  1. Image uploading is a very useful new feature. That and all the other improvements in this speedy release shows that the Gravity team are responsive to their users because a few of us requested this on their forums.

    One feature that I would love to see introduced in the next version is some sort of integration with Riffly, Seesmic or Viddler, allowing form submitters to include a short webcam video of themselves – can you imagine any better way for submitters to confirm that they are who they say they are? Can you imagine how powerful that would be combined with BuddyPress?

    It might sound complicated but should be reasonably easy to implement because those services’ WordPress plugins already integrate webcam video into the comment submission process, inserting a token into the comment form which identifies the video the user has just shot. That video is then displayed in the published comment, surely it would be possible to adapt that and make the video visible when the admin checks the form entries?

    My favorite of those video comment services is Riffly because they have a very simple one-button interface, they don’t force the user to register before recording and they have an ad-free premium version. It is a pity that Automattic didn’t include some sort of video comments functionality as part of their VideoPress product, as a blog owner I wouldn’t definitely pay $60 a year for that.

  2. shawn

    @Donnacha – Couldn’t agree more with you. I have my own flash media server cluster, and feel so left out when it comes to using it with wordpress. I even looked through the ‘new’ video framework plugin and was really dismayed to see that it has no ability to hook to rtmp servers for storage and output. (Really blew me away that even wp does not do true streaming or offer recording ability, so I guess it’s gonna be a very long wait)

    @Jeffro – Obviously there are a lot of ‘trusted’ people recommending gravityforms now, so I guess it’s time I head on over and see what all the fuss is about. – I do remember looking at it awhile back, but you are right the demo left me feeling like it was no big deal and not worth spending anything on it. Obviously it does much more than what they are showing.


  3. @shawn – I think the problem with VideoPress is that guys like Matt Mullenweg and the other main Automattic guys, with their big personal followings, are now sufficiently distanced from the ordinary “blogger on the street” that they perceive the world in terms of one person broadcasting to many. For that reason, it seems natural to them that VideoPress should be a one-way street – the blog owner produces a video and his thousands of fans watch it in silent adoration.

    Much of the original success of WordPress stemmed from it’s ability to ignite conversations, the main Automattic guys have long sense moved beyond the point where comments really matter, they have a mass audience whenever they post, the comments are just a minor sideshow.

    So, when considering a video product, they naturally drew from their current blogging perspective and geared it towards the one-way pulpit communication they have become accustomed to. It is a shame, because if the same decisions were being made a few years back, before WordPress and the people behind it became so hyped, VideoPress would have more closely reflected WordPress’ two-way nature and included video comments.


  4. Sorry for taking the conversation away from Gravity Forms.

    One thing I would like to know from anyone who is actually using GF on a live site: how intrusive is whatever form of copy protection they are using? I seem to remember interviews in which they described some sort of call-home validation integrated into the upgrade process. Does this mean that you have to enter your license numbers each time you upgrade? Could temporary validation problems, such as the ones that afflict the Windows validation process, prevent a form from working? Could they even prevent the entire site from rendering?

    I haven’t head of any problems, so, that in itself suggests that the copy protection is unproblematic but I would like to hear it first-hand from anyone who is actually using GF, as opposed to people who are just members of the affiliate scheme.


  5. @donnacha | WordSkill – During the beta testing period, I didn’t have to re-enter the key each time I upgraded but I don’t know if that has changed since the official launch.


  6. @Jeffro – Thanks, yeah, I’m finding that most people discussing it only had access to the beta, so, the copy protection is a bit of a mystery.

    I’m surprised they didn’t give you a free license, seeing how often they have been mentioned here and on the podcast, I would have thought that would be a good marketing investment, to keep you engaged with their product.


  7. @donnacha | WordSkill – No one has asked me yet why I push GForms so heavily yet, I don’t use it on WPTavern. The reason for that is, Contact Form 7 fulfills my needs of having an easy form to contact me. I don’t have a need for generating more forms. But if I did, I’d snatch up a single user license in a heart beat.


  8. Yeah, there’s no point replacing something that already works well for you and, really, a contact form doesn’t require something as advanced as GF.

    What will be interesting to watch, however, is the way in which people innovate around GF’s more advanced functionality, taking WordPress to new places. For those sorts of uses, the $31 or so (after 20% discount) is easily worth it. I think the key for GF’s success will be in enabling that advanced functionality and opening up those possibilities. I’m looking forward to seeing what 1.2 will bring to the table.

  9. Carl Hancock

    @donnacha | WordSkill – The license key for Gravity Forms is entered once on the Settings page of the plugin and it is then hashed and stored in the database so that other users with admin access cannot see your license key.

    The license key then comes into play when WordPress checks for plugin updates. Automatic upgrades are only available to users who purchased the plugin. When WordPress cron job runs to check for plugin updates, it pings our update server to check if an update is available and passes your hashed license key as part of the request. If the key is valid and an upgrade is available, automatic upgrade takes place just like plugins from the repository.

    The license key is also tied to our support system. It helps identify you as a customer. When you register on the support site it knows if you are a customer because your email is tied to your license key. So it then unlocks areas of the site that only customers have access to.

    You enter your license key once, most likely the first time you activate the plugin. Not being able to reach our update server does not prevent the plugin or forms from working. It just prevents automatic upgrades from taking place if one is available.

    A valid license key also automatically removes the “Buy Gravity Forms” message that appears in the admin side of the plugin when no license key is present.

    As for the demo not fully showing what the plugin can do, unfortunately its very difficult to provide an online demo of the plugin that gives users full access without…. giving users full access. We did what we could given the security issues. If we made it wide open, a small percentage of users would end up purposely causing problems with the demo WordPress install and it’s just not worth the headache. That is why it is locked down.


  10. @Carl Hancock – Thanks for the detailed explanation. Good to hear that any validation problems will only affect the ability to upgrade and not prevent any forms from appearing.

  11. shawn

    Well I was interested up until the point I heard about the license key and checking back to the server…..I had a theme that tried to do that which really ticked me off. I’m just one of those ‘weird’ guys who refuses to run any script with encrypted code or callbacks built in.

    When I run into that, the first order of business is always to decrypt everything, remove all callbacks and then determine if the code is solid enough for my use. –Lesson was learned from the theme that was encrypted when I purchased it. The dev’s were positive that it was secure, and only after ‘opening’ the code up did I find tons of css injection points and function vunerabilities. (No it was not a warez theme, but one I purchased directly).

    I’m not saying that your code is bad, haven’t purchased it, I’m just making a point against your ‘model’ is all. It does nothing for protecting your plugin, it just causes me extra headaches by having to spend the time to decrypt and null it is all…

  12. Carl Hancock

    @shawn – I think you are misunderstanding what the plugin does, at least as far as encryption goes. The plugin isn’t encrypted.

    The ONLY thing that is encrypted is the license key when it is stored in the database. None of the PHP is encrypted. Why is the license key encrypted? Because users requested we encrypt it so that their users and clients couldn’t easily swipe it by looking at the plugin settings page. Originally we didn’t encrypt it and it was added to the most recent version at the request of our users.

    The code isn’t encrypted, the license key is just hashed in the database.

    As for “callbacks”, what do you think EVERY plugin you download from the WordPress repository does? It calls back to the WordPress repository every so many hours looking for updates. It’s how automatic upgrades work. Automatic upgrades are impossible without a callback.

    Why does Gravity Forms callback to our server and not the repository? Because it isn’t hosted in the WordPress repository so it has to ping our server looking for updates. If an update is available it gives you the option of automatic upgrade just like any other WordPress plugin.

    So do you actually remove all the plugin repository update callbacks from every plugin you download? Seems like overkill to me. Not to mention renders the convenience of automatic upgrades useless as they don’t work without a callback.

  13. Carl Hancock

    @shawn – I’d like to add that the “callback” in question isn’t a hack and is nothing more than hooking into the automatic upgrade process that WordPress makes available to plugins. It takes advantage of available hooks in WordPress that are there for that very reason.

  14. shawn

    @Carl – Thanks for the explanation, I’ve just seen some really weird stuff out there is all. You are correct, I have no problem with callbacks for upgrades, and I do not remove that functionality from wp as it’s convenient to know when an upgrade is available without having to visit the plugin site each day.

    What I was describing was a theme I purchased that every time the admin page was loaded a callback was made to the theme’s providers server, which went up n down all the time, resulting in the inability to edit the admin…. yeah some crazy stuff goes on out there.

    Getting back to gravityforms:
    One thing that is not clear to me is this…. Do the forms only work for the enduser or am I able to create forms for data input on the backend… think flutter/magic-fields/pods

    I personally don’t really have a use for enduser forms at the moment, but do have the need to create custom forms for my ‘site admins’ to use in order to create custom post content.. once again think flutter/magic-fields/pods

    Example:
    A site admin wants to create a ‘sermon’ post, so he needs input boxes for series/date/embed code/description/file uploads/etc
    On the backend, each of those boxes uses a shortcode that I apply to a custom category template…

    hope that makes sense…
    (flutter/magic-fields/pods all seem to have their own issues in a wpmu environment, so I’m still hunting for the perfect solution)

    sidenote so I don’t sound like an idiot: I meant xss not css injection in earlier post LOL, typing to fast

    btw… love the edit comment plugin

  15. Carl Hancock

    @shawn – Yea, I understand. Gravity Forms doesn’t do the callback, WordPress does when it does the callback looking for plugin updates. Gravity Forms just hooks into this process and when WordPress pings the repository it also pings our server to check for upgrades. The plugin itself doesn’t do it, nor does it tell WordPress when to do it.

    Currently Gravity Forms is primarily for front end forms. However, the more advanced it becomes the more usable it will be for back end forms. Reading your reply, you actually gave me a good idea for a future feature that would make back end forms a possibility.

    If you have any other questions, etc. Don’t hesitate to ask. Thanks!


  16. Hmm. Getting a error when trying to register on their forum to ask a pre-sales question:

    Fatal error: Cannot redeclare _recaptcha_qsencode() (previously declared in /home6/rocketg1/public_html/gravityhelp/bbpress/my-plugins/recaptcha-bbpress/recaptchalib.php:47) in /home6/rocketg1/public_html/gravityhelp/bbpress/my-plugins/nospamuser/recaptchalib.php on line 55

    Also sent two emails via their contact us page and have not heard anything back so I thought i’d give them a nudge here.

  17. Carl Hancock

    Hey Martin, responded to your email. As for the reCAPTCHA error. We are looking into it. We use a bbPress plugin for the reCAPTCHA so it has something to do with that plugin. It doesn’t happen every time someone tries to register, so it isn’t a consistent issue. We’ll get it fixed. It’s not Gravity Forms related, it’s a bbPress issue.

Comments are closed.