Details
-
Type: Bug
-
Status: Done/Fixed
-
Priority: Minor
-
Resolution: Fixed/Completed
-
Affects Version/s: 4.6.4
-
Fix Version/s: None
-
Component/s: None
-
Labels:None
-
Documentation Required?:None
-
Funding Source:Needs Funding
Description
Summary
When an anonymous user accesses a standalone profile in edit mode, the profile is blank. Filling in fields and pressing 'Save' creates a new Contact record.
Steps to recreate
- Create a new profile (standalone form) with the 'First name' and 'Last name' fields
- Visit the profile in edit mode as an anonymous user (eg: civicrm/profile/edit?reset=1&gid=x)
- Complete the fields and save
- Log in to CiviCRM and search for the name just entered: you'll find a new contact record has been created for them
Why is this a problem
The CMS permission for using profiles in edit mode needs to be enabled when using checksums to update profiles. This is because the checksum sets the 'Contact ID' in Civi, but does not log people into the CMS.
However, a bot or just a random user could stumble upon a profile edit form and complete it to add a new contact record to the database.
Proposed solution
If a user without a contact ID tries to access a profile in edit mode, they should receive an error message. By definition, edit mode should only ever 'edit' a current contact, never create a new one.