CiviCRM Community Forums (archive)

I kinda agree with this primarily from the security angle. We'll need to ensure that the error messages folks get are fairly clear and they know what to do if they do want to expose 'profile create' etc.

regarding why the reserved profiles are set as 'profile', the reasoning is they are good templates for 'profile create' forms and folks might just want to use a unifed 'individual create' across various forms. Also all the fields are set to 'User and User Admin' only which further tightens the potential data issues

so after typing, i'm not very sure that its a bad idea to keep the 'standalone form' checked by default

lobo

For what I've seen, the usual path for normal user is
1) having the registration that doesn't work for an event/donation page
2) adding permissions semi-randomly until it finally does

To get an online registration for an event working, you need to grant profile access (not sure about the name, not super obvious), and as too many profiles are standalone and listing, you might end up with your db exposed. It has happened in the past and now the default is better.

wondering if the permission standalone form and directory shouldn't be split in two. In my experience, it seldom happen that you use the same profile to do "end user" data entry with the profile form and directory (with the same profile at least).

Is there any logic I fail to see to have bundled the two conceptually different permissions in the profile under a common "standalone form and directory"?

and anyway, agree with tim, by default it shouldn't be open, but have to admit I use api for listing and webform for form, so I don't need it anyway. But I don't think it's a very often used feature, at least not to the point it should be on by default.

X+

I'm trying to be helpful here, not critical, and improve our defaults for the entire community.   Please understand that.   I've done a little research this morning and  I don't understand the purpose of the default profile permission setup. 

By default Civi ships with the following profile permissions (attached).

It also ships with certain reserved profiles (New Individual, etc) that have no 'settings' link and thus cannot have the 'standalone form' setting removed via the UI.  (attached).

The result concerns me.

As we all know, either the "profile listing and forms" permission OR the "profile create" permission is required to allow users (anonymous or otherwise) to access event registration or contribution pages that contain profiles.  Almost all of these pages contain at least one profile, right? Ok.

What these permissions ALSO do, is allow those same users to access any profile with the "standalone form or directory" setting, which is the default.

The result is that anonymous users (typically the ones filling out contribution forms) can also (if so inclined) access these standalone forms (New Individual, etc. ) and begin entering new contacts.   I'll mention again that the "standalone form" setting cannot be turned off on certain profiles (at least not via UI) because those are reserved profiles.   

I wonder why spammers haven't found this form or worse yet, this one, and started flooding our database with nonsense already.

I'm not the smartest guy.  Am I missing something, or is this situation a bad thing?  If it concerns others, is it being addressed in 4.4 or can it be addressed?

Stoob, I took the liberty to edit your msg (replaced civicrm by nospamcivicrm in the url).
If you are correct (and probably are) posting that link in the forum means it will be found by a spambot indeed.

I'd rather avoid having spam contacts created in any database, but even less in one I work with regularly

demo, less of an issue it's regularly reset anyway so I left it.

X+