|
|
Posted by damezumari on 11/14/07 06:36
I have a simple voting page using php and mysql and wonder how I can
prevent users from voting twice.
Here are three ways:
1. IP locking or IP locking with a time limit
The same IP address can not vote twice, or not vote twice within the
time limit.
2. Cookies, weak version.
If the user has cookies turned on they can only vote once. The cookie
may be stored on the server and last till the browser is closed, or on
the client and last till the user deletes it.
If the user has cookies turned off they can vote as many times as they
like.
3. Cookies, strong version
If the user has cookies turned on a cookie (session variable) is
stored on the server and last till the browser is closed.
If the user has cookies turned off they are told to turn it on for at
least the present site.
I exclude any options that uses usernames and/or passwords as that
would be too cumbersome for most users.
Disadvantages with each method:
1. Users behind a proxy have the same IP address. This means that if
one has cast a vote, the others can't or have to wait a certain time
to do so.
2. This allows repeated voting too easily.
3. People may decide not too vote as they do not want to take the time
to turn cookies on for the present site, or are generally sceptical
about cookies at all. They may vote again when they reopen the
browser.
Personally I like best method 3, but post my thoughts here to hear
your ideas.
Are there other ways than the 3 listed? Which one do you like the
best? Why?
Regards,
Jan Nordgreen
Navigation:
[Reply to this message]
|