The WP-SpamShield plugin injects into your form submissions an additional column with random hexadecimal names. Examples:
Solution: CFDB Options page, Saving tab, Do not save fields in DB named (comma-separated list, no spaces) put this:
/.*wpcf7.*/,_wpnonce,/^[a-f0-9]{32}$/
Occasionally people find that they cannot save form submissions with upload files greater than a certain size, often 1MB.
CFDB does not limit the size of file uploads, but other things do.
First, check your form definition in whatever front-end form plugin you are using. There may be a setting to set the file size limit (such as with Contact Form 7).
Your server should much more memory than the max size of your upload. Check your WordPress memory settings.
The file binary gets stored in the database. Often it is the MySQL DB that is rejecting the insert of a large Binary Large Object (BLOB). This is fixed by changing the max_allowed_packet setting on the MySQL server. You may need to contact your hosting provider to do this for you.
Users which WordFence firewall plugin activated can experience an error in which they see a “403 Forbidden” error when they try to save a code entry in Add Shortcodes Actions and Filters (ASAF).
The solution is to whitelist ASAF in the WordFence plugin.
From the WordPress Dashboard, go to WordFence -> Firewall.
In The Whitelisted URLs section
(Since version 2.5.1)
RSS URLs do required you to login to access them by default. You can create RSS URLs to add to any RSS feed reader to show some of all of the contents of a form. But to make it work with a feed reader that doesn’t allow you to login, you have to make such URLs publicly accessible.
Go to the WordPress administration page,
This will display a URL that you can use as an RSS feed. But by default you must log into WordPress for the URL to work. Some RSS readers will not be able to use this URL because they cannot login. The URL is secure
This creates a security hole whereby a savvy person could see (but not change) all the saved form data in your database. If someone knows or can guess one of your form names, they can easily work out the RSS URL needed to show the form’s data.
If you want to make RSS URLs like this publicly accessible, then go to the WordPress administration page,
This option makes all RSS URLs that you could possibly generate publicly accessible. All form data can be viewed, it is only a matter of creating the right URL.
For Contact Form 7 Users: a recent update of the Contact Form 7 plugin seems to have added several new meta fields to form submissions. These automatically get saved by the CFDB plugin. If you look on the Database page in your administration panel, you will see extra fields associated with new submissions:
_wpcf7,_wpcf7_version,_wpcf7_unit_tag,_wpnonce,_wpcf7_is_ajax_call
You may view these fields as unwanted clutter.
To avoid saving these fields, go to the Database Options page, and paste the list of fields in the following:
Since regular expressions can now be used in this field, you can achieve the same effect but putting in this:
/.*wpcf7.*/,_wpnonce