SitePoint Sponsor

User Tag List

Results 1 to 14 of 14
  1. #1
    SitePoint Zealot FrequeNC's Avatar
    Join Date
    Jul 2003
    Location
    Australia
    Posts
    110
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    setting cookie with IP Address in ASP?

    I am running an .asp site, I can grab the IP address of the user, is there any way that I can set a cookie with the IP?

    Here is what I am trying to do. I am running a competition on the site, where people can vote for villains. I want to only allow one vote per villain per day to each person. I had to take the site down because people were accessing the URL directly and voting 1,000's of times.

    The way I figure it I need to set a cookie with the users IP address and then test it when they return to see if that IP address has already voted on that villain.

    The problem is that I don't know a whole lot about cookies our reading their values. If anyone can point me in the right direction I would love it. I am short on time for this.

    thanks
    -----------------
    Tabor Carlton TCID

  2. #2
    SitePoint Guru siphilp's Avatar
    Join Date
    Nov 2001
    Location
    Fife, Scotland
    Posts
    663
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well one way you could do it is:
    Check for IP cookie if non-existant Grab IP address when they are "selecting the villain" on the submit page pass the ip address in a querystring to the posting page. On the posting page create the cookie

    http://hotwired.lycos.com/webmonkey/...tw=programming




    Then redirect the user to a thanks page.


    Sorted

  3. #3
    Sultan of Ping jofa's Avatar
    Join Date
    Mar 2002
    Location
    SvÝ■jˇ­
    Posts
    4,080
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by FrequeNC
    The way I figure it I need to set a cookie with the users IP address ...
    Why the user's IP?
    Shouldn't the cookie contain an ID for the competition/voting?
    And the cookie expires at 00:00 the following day?

    Then, if the same user (using the same computer) tries to vote a 2nd time the same date, you can see that this client has a cookie set already - for this competition/voting.
    I.e. you don't have to know the client's IP, and in fact, the IP is quite useless; what will happen if the same user, using the same machine, connects from another IP?

    And another thing; the user can delete the cookie and vote again.
    Or use another computer and vote again.
    Conclusion: You can't use cookies to track persons, only track PCs.

    A better solution is to require login (users have to create usernames before they can vote), and store the votes in a database. This way it doesn't matter from which computer a user connects, and more than one user can post votes from the same machine.
    You could also make it possible for a user to review previous votes.
    And, finally, with a smart "require email confirmation" system, you can prevent that the same person creates more than one username.

  4. #4
    SitePoint Guru siphilp's Avatar
    Join Date
    Nov 2001
    Location
    Fife, Scotland
    Posts
    663
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Jofa good point. Never thought about that. Prob the best way then would be to have a login system

    How ever then again they could create multiple login accounts. So really both have cons and pros just depends on how advanced you want the system to be and how much time you have to implement it.


  5. #5
    Sultan of Ping jofa's Avatar
    Join Date
    Mar 2002
    Location
    SvÝ■jˇ­
    Posts
    4,080
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Multiple accounts: That's why you have the "require email confirmation" system
    Only problem left: People using multiple email addresses

  6. #6
    SitePoint Guru siphilp's Avatar
    Join Date
    Nov 2001
    Location
    Fife, Scotland
    Posts
    663
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    so round and round we go....LOL

    Login system is still best way to go [img]images/smilies/smile.gif[/img]

  7. #7
    SitePoint Zealot FrequeNC's Avatar
    Join Date
    Jul 2003
    Location
    Australia
    Posts
    110
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    cool. you guys are awesome. I thought that I might not need the IP because a cookie can be set to the individual computer anyways, but - and I don't know how they do it - newgrounds.com who runs a voting system won't let you vote for the same submission more than once. I tried to delete the cookie that they set and it still wouldn't let me vote. How could they have done that? any ideas?

  8. #8
    Sultan of Ping jofa's Avatar
    Join Date
    Mar 2002
    Location
    SvÝ■jˇ­
    Posts
    4,080
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by FrequeNC
    ... tried to delete the cookie that they set and it still wouldn't let me vote. How could they have done that? any ideas?
    They saved the IP in a database?

  9. #9
    SitePoint Zealot FrequeNC's Avatar
    Join Date
    Jul 2003
    Location
    Australia
    Posts
    110
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    OK, tell me if there are any flaws in this idea.

    Someone signs up with a username before voting. When they select the villain it has voting 1-10. they click on a number and the way I have it currently is that it passes that number along with the villain ID to the processing page. When the vote get accepted (for the first time) the username, vote, villain name, and date get input to the database. On the processing page, before the vote gets recorded I would have this. In pseudo code see if this sounds right -

    if (username == "username" && villain == "villain" && date == "today") {
    go to URL "sorry you have voted";
    } else {
    process vote
    }

    Does that sound correct?

  10. #10
    Sultan of Ping jofa's Avatar
    Join Date
    Mar 2002
    Location
    SvÝ■jˇ­
    Posts
    4,080
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Looks correct to me

    Maybe "sorry you have voted" could be "do you want to edit your vote"? (If it's still the same day.)

    The vote 1..10 is some kind of rating?
    (Just checking if I understood everything...)

  11. #11
    SitePoint Zealot FrequeNC's Avatar
    Join Date
    Jul 2003
    Location
    Australia
    Posts
    110
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    yeah, 1 being the lowest 10 the hightest. they are all listed visually on the screen -

    thanks for the help.

  12. #12
    SitePoint Zealot FrequeNC's Avatar
    Join Date
    Jul 2003
    Location
    Australia
    Posts
    110
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    If anyone knows ASP really well, I could use a hand on this.

    I have figured out the best way to do this (I think)
    I have set it up so that people have to register in order to vote (as talked about) - when they cast a vote, that number is passed to a processing page along with the villain they voted for. On the processing page I want to pull down a recordset using a get date function (which I am sure ASP has but I don't know it) the session variable (username) and the villain. If there is a record with those 3 elements in there (meaning that the user has voted for the villain on that day) it gets directed to a deny page. If it does not exist, the vote gets cast and that entry is added to the database (username, villain, vote, and date)

    Can anyone help me with this?

  13. #13
    SitePoint Wizard
    Join Date
    Aug 2002
    Location
    N.Ireland
    Posts
    1,046
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'm looking to do the same thing and in a hurry! Did you ever resolve this or does anyone know of a ready made script I could easily implement?

  14. #14
    SitePoint Zealot FrequeNC's Avatar
    Join Date
    Jul 2003
    Location
    Australia
    Posts
    110
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi Daz,

    this should help.


    Declare your variable, then assign it a value - The third line is just a way to ensure that you get an IP address returned if "("HTTP_X_FORWARDED_FOR")" does not return a value
    PHP Code:
    <%
    Dim sIPAddress
    sIpAddress 
    Request.ServerVariables("HTTP_X_FORWARDED_FOR")
    If 
    sIPAddress "" Then sIPAddress Request.ServerVariables("REMOTE_ADDR")
    %> 
    I hope that helps. I just wrapped the above code in php tags so it would be color coded - don't mind the little 'PHP' text above the code block.
    -----------------
    Tabor Carlton TCID


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •