CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Using Profiles (Moderator: Dave Greenberg) »
  • Allowing anonymous users to edit their profile past 7 days?
Pages: [1]

Author Topic: Allowing anonymous users to edit their profile past 7 days?  (Read 1027 times)

anothername

  • I post occasionally
  • **
  • Posts: 64
  • Karma: 3
  • CiviCRM version: CiviCRM 4.2.6
  • CMS version: Drupal 7.19
  • MySQL version: 5.1.66-0+squeeze1-log
  • PHP version: 5.3.3-7+squeeze14
Allowing anonymous users to edit their profile past 7 days?
January 18, 2012, 02:14:14 pm
Is there any way to use the contact checksum tokens to give anonymous users the ability to view and edit their profile longer than 7 days?

If so, is there any security risks with this!

Thanks much!

Hershel

  • Forum Godess / God
  • I’m (like) Lobo ;)
  • *****
  • Posts: 4640
  • Karma: 176
    • CiviHosting
  • CiviCRM version: Latest
  • CMS version: Mostly WordPress and Drupal
Re: Allowing anonymous users to edit their profile past 7 days?
January 21, 2012, 11:19:41 am
Quote from: ians on January 18, 2012, 02:14:14 pm
Is there any way to use the contact checksum tokens to give anonymous users the ability to view and edit their profile longer than 7 days?

No built in way. I suppose you could edit the code for this.

Quote from: ians on January 18, 2012, 02:14:14 pm
If so, is there any security risks with this!

A small one, yes. The link allows access to someone's record. The longer it's active, the more chance of it becoming comprised somehow. The user's own email client (whether PC or webmail) is the weak link here.
CiviHosting and CiviOnline -- The CiviCRM hosting experts, since 2007

See here for the official: What to do if you think you've found a bug.
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Using Profiles (Moderator: Dave Greenberg) »
  • Allowing anonymous users to edit their profile past 7 days?

This forum was archived on 2017-11-26.