Blog

We’re excited to announce the release of MachForm Version 27 – a new update that enhances security and makes MachForm even more enterprise-ready.

Enterprise-Grade Single Sign-On (SSO) with SAML 2.0

Version 27 introduces Single Sign-On (SSO) support using SAML 2.0 for login authentication – one of the most requested features from our enterprise customers.

With SSO enabled, your team can log in to MachForm using your existing company credentials through popular Identity Providers (IdPs) such as Microsoft Entra ID (Azure AD), Google Workspace SSO, Okta, OneLogin, and others.

Key benefits:

• Centralized User Control – Manage users and revoke access directly from your IdP.
• Enhanced Security – Reduce password fatigue and enforce your organization’s authentication policies.
• Seamless User Experience – Users log in with the same credentials they already use daily.
• Automatic User Provisioning – New accounts can be created on first login through Just-in-Time (JIT) provisioning.

This feature is available for:

• MachForm Self-Hosted – Unlimited License
• MachForm Cloud – Enterprise & Enterprise Plus plan

Read more on How to Setup MachForm with Single Sign-On.

Strengthened File Upload Security

In recent weeks, we discovered that spam bots were exploiting the file upload script to automate mass file uploads without any limitation. This not only consumed server resources but also created unnecessary storage usage for many customers.

Version 27 introduces a major improvement to file upload security:

• JWT-Based Upload Tokens – Each upload request is now validated with a secure token, making automated mass uploads much harder for spam bots.
• IP-Based Rate Limiting – Restrict the number of file uploads from a single IP within a 60-minute window to prevent abuse.
• More Accurate File Type Blocking – Improved file type validation ensures potentially harmful file types are blocked more reliably.

These changes significantly strengthen MachForm’s defense against spam and abuse, making it safer for public-facing forms that allow file uploads.

Now Available for Download

The new version of MachForm is now available for download in the Account Area.

PHP & MySQL Version Requirements

MachForm v27 requires the minimum version of PHP on your server to be at least PHP 8.0 and MySQL version at least MySQL 5.7. If you’re still using an older version, you’ll need to upgrade your PHP and/or MySQL version first.

Changelog

• Feature: SSO (Single Sign-On) support for login authentication
• Feature: Added option to throttle file uploads per IP address per hour
• Security: Improved file uploads security against spam bots submissions
• Bugfix: Grid widget can’t use relative date format for filtering
• Bugfix: Importing form doesn’t include the approval status field
• Bugfix: Languages not loaded correctly in merge tags
• Bugfix: Missing “reply to” information when resending entry using confirmation email template
• Bugfix: Smart folder using conditions from “Created Date” or “Last Entry Date” caused query error
• Update: Added Ukrainian language and currency
• Update: Added approver name into {approval_note} merge tag
• Update: Updated axios library with the latest version (1.11.0)

How to Update

This update is FREE for all users with an active support contract.
As mentioned above, you can download it in the Account Area.

Follow this upgrade instruction:
Upgrading MachForm Self-Hosted 

MachForm Cloud Users

If you’re subscribed to any of our MachForm Cloud plans, no action is required. We automatically update your MachForm version to the latest release.

We’re thrilled to share MachForm Version 26 with you! This update brings exciting improvements to payments, accessibility, and email integration, making your forms easier to use, more inclusive, and more secure.

Here’s a quick look at what’s new:

Accept More Payments with Stripe – 40+ Methods Available!

MachForm’s Stripe integration just got a huge upgrade! Now, you can accept over 40 different payment methods, including ACH bank transfers. This means you can easily collect payments from customers around the world using their favorite methods. More choices for your users, more successful transactions for your business!

WCAG 2.2 AA and European Accessibility Act Compliance

MachForm Version 26 forms are now fully compliant with WCAG 2.2 AA standards and the European Accessibility Act (EAA). Everyone, including individuals with disabilities, can effortlessly use your forms. With better readability, and full compliance, your forms become accessible to a broader audience, helping you reach more users and comply with essential international accessibility regulations.

Secure SMTP Email via Microsoft 365 OAuth

We’ve enhanced email security and reliability by adding Microsoft 365 SMTP OAuth support. This new integration ensures your emails are securely authenticated through Microsoft’s trusted infrastructure. Read more.

Now Available for Download

The new version of MachForm is now available for download in the Account Area.

PHP & MySQL Version Requirements

MachForm v26 requires the minimum version of PHP on your server to be at least PHP 7.4 and MySQL version at least MySQL 5.7. If you’re still using an older version, you’ll need to upgrade your PHP and/or MySQL version first.

Changelog

• Feature: New Stripe integration; support 40+ payment methods, including ACH bank transfer
• Feature: WCAG 2.2 AA compliance on all forms; compliance with the European Accesibility Act (EAA)
• Feature: Support for Microsoft 365 SMTP OAuth
• Update: Updated dompdf library to v3.1.0 from 0.8.5
• Bugfix: Removed duplicate javascript event handler code that caused slow operations on large forms

How to Update

This update is FREE for all users with an active support contract.
As mentioned above, you can download it in the Account Area.

Follow this upgrade instruction:
Upgrading MachForm Self-Hosted 

MachForm Cloud Users

If you’re subscribed to any of our MachForm Cloud plans, no action is required. We automatically update your MachForm version to the latest release.

Howdy folks!

PHP 8.4 was officially released to general availability on November 21, 2024. It is a major update of the PHP language and contains many new features and performance improvements.

Today, we’re happy to let you know that we’ve just released MachForm 24, which is fully compatible with PHP 8.4.

The new version of MachForm (version 24) is now available for download in the Billing Area.

PHP & MySQL Version Requirement

MachForm v24 requires the minimum version of PHP on your server to be at least PHP 7.4 and MySQL version at least MySQL 5.7. If you’re still using an older version, you’ll need to upgrade your PHP and/or MySQL version first.

This is a maintenance release and we recommend upgrading if you’re using PHP 8.4.

Changelog

• Update: PHP 8.4 Compatibility
• Update: Accessibility fixes related to email, phone field and form success message
• Update: When adding approvers to a form, non-admin users will only see approvers having permission to access the form only
• Update: Re-added the autocomplete functionality when adding form tags
• Bugfix: Error messages (signature & stripe page) when form being embedded using PHP code
• Bugfix: Can’t add email logic rules
• Bugfix: Grid entries can’t be printed completely

How to Update

This update is FREE for all users with an active support contract.
As mentioned above, you can download it in the Billing Area.

Follow this upgrade instruction:
Upgrading MachForm Self-Hosted 

We’re happy to share that MachForm 23 is here, bringing some important updates to keep your forms running smoothly and securely. In this release, we’ve upgraded the core JavaScript libraries—like jQuery, which is used across both the backend admin panel and live forms, and Kendo UI, which powers our chart generation—to their latest versions. These upgrades mean improved stability, performance, and a smoother experience for you.

 
We’ve also addressed an important security vulnerability related to PayPal’s Instant Payment Notification (IPN) to ensure your payment processing remains secure. Updating to MachForm 23 will help you stay on top of these improvements, so we recommend making the switch whenever you’re ready!

Changelog

• Update: Updated jQuery library with the latest version (v3.6.1)
• Update: Updated chart library (KendoUI) with the latest version (v2024.3.806)
• Security: Addressed potential security vulnerability related to PayPal IPN handling
• Improvement: Added search box on add/edit user permission page
• Bugfix: Index length issue on ap_session table when using MySQL 5.7
• Bugfix: Unable to connect to SMTP server using Non TLS or self-signed SSL certificate

PHP & MySQL Version Requirement

MachForm v23 requires the minimum version of PHP on your server to be at least PHP 7.4 and MySQL version at least MySQL 5.7. If you’re still using an older version, you’ll need to upgrade your PHP and/or MySQL version first.

How to Update

This update is FREE for all users with an active support contract.
As mentioned above, you can download it in the Billing Area.

Follow this upgrade instruction:
Upgrading MachForm Self-Hosted 

MachForm Cloud Users

If you’re subscribed to any of our MachForm Cloud plans, no further action is required on your part. We automatically update the MachForm version for all our cloud users with the latest version.

Howdy folks!

PHP 8.3 was officially released to general availability on November 23, 2023. It is a major update of the PHP language and contains many new features and performance improvements.

Today, we’re happy to let you know that we’ve just released MachForm 21, which is fully compatible with PHP 8.3.

The new version of MachForm (version 21) is now available for download in the Billing Area.

PHP & MySQL Version Requirement

MachForm v21 requires the minimum version of PHP on your server to be at least PHP 7.4 and MySQL version at least MySQL 5.7. If you’re still using an older version, you’ll need to upgrade your PHP and/or MySQL version first.

This is a maintenance release and we recommend upgrading if you’re using PHP 8.3.

Changelog

• Update: PHP 8.3 Compatibility
• Update: Replaced the deprecated Swiftmailer library with PHPMailer for sending emails
• Update: Now uses “UTF8MB4” as the character set for MySQL tables, to support emojis in form fields
• Bugfix: The Rating widget on the shared report doesn’t display correctly
• Bugfix: Unable to use ‘&’ on form redirect URL
• Bugfix: Approval conditions don’t work on reports and exports

How to Update

This update is FREE for all users with an active support contract.
As mentioned above, you can download it in the Billing Area.

Follow this upgrade instruction:
Upgrading MachForm Self-Hosted 

MachForm Cloud Users

If you’re subscribed to any of our MachForm Cloud plans, no further action is required on your part. We automatically update the MachForm version for all our cloud users with the latest version.

Howdy, folks! 🙂

Ever needed to create private forms that collect sensitive information and allow access only to a specific list of users? Now, you can easily do this with MachForm v20!

In addition to the existing functionality that lets you set a password for your forms, you can now specify a list of users (using their email) to restrict access to your form.

Any user attempting to access the form will be required to log in before they can view and submit it. Users will be prompted to log in using their email and a one-time password (OTP) sent to their email.

Combine this new functionality with the “Data Encryption” feature on your form, and you’ll have very secure forms built in minutes!

The new version of MachForm (version 20) is now available for download on Billing Area.

PHP & MySQL Version Requirement

MachForm v20 requires the minimum version of PHP on your server to be at least PHP 7.4 and MySQL version at least MySQL 5.7. If you’re still using older version, you’ll need to upgrade your PHP and/or MySQL version first.

We strongly recommend upgrading due to improved compatibility and bugfixes within this release.

Changelog

• Feature: Require form users to login before submitting forms
• Feature: Added option to do range limit by ‘digits’ on Single Line Text field, to accept only numbers and allow leading zeros
• Feature: Added option to set max rows per page on entries page
• Improvement: Form builder page now able to fix and cleanup malformed HTML tags
• Improvement: Added option to specify MySQL SSL Cert and custom port number
• Improvement: Automatically-enabled CAPTCHA and submission limit on form receiving high amount of bot submissions
• Improvement: Allows advanced CSS on theme editor to use @import statement
• Update: Removed ‘Javascript jQuery’ embed code
• Update: Added configuration to enforce backend tables to use MyISAM engine
• Update: On forms having CAPTCHA enabled, CAPTCHA is now enforced on every submission, not just the first one
• Bugfix: On the form manager page, the search doesn’t work properly when the form is having character ‘#’ as part of the title
• Bugfix: Syntax error on mf.js, particulary inside the try..catch block, preventing the form from being loaded on web view of windows app
• Bugfix: When success message contains any HTML tag, it won’t be enclosed with H2 tag to allow custom formatting
• Bugfix: Dompdf compatibility with PHP 8.1
• Bugfix: Export entries failure on some specific conditions when entries are sorted
• Bugfix: Digits validation on Number field can be bypassed using leading zeroes
• Bugfix: User able to submit additional multiple payments (Braintree, Authorizenet) on existing entries
• Bugfix: Major incompatibility change with new Stripe API as of version 2023-08-16. Related with payment_method_types parameter
• Bugfix: User shouldn’t be automatically logged-in after doing password reset
• Bugfix: Unable to save form edits due to ‘column already exist’ SQL error
• Bugfix: Image alignment not being set on PDF and email content
• Bugfix: Entries not being highlighted correctly when selected
• Bugfix: “X-Forwarded-For” header abused by spam bots to bypass ip address submission limit
• Bugfix: Validation to disable future dates selection on date field is not working

How to Update

This update is FREE for all users having an active support contract.
As mentioned above, you can download it on Billing Area.

Follow this upgrade instruction:
Upgrading MachForm Self-Hosted 

MachForm Cloud Users

If you’re subscribed to any of our MachForm Cloud plans, there is no further action required on your side. We automatically update MachForm version on all our cloud users with the latest version.