SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    SitePoint Member OhSqueezy's Avatar
    Join Date
    Jul 2001
    Posts
    6
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Rating System: Preventing Cheaters

    I have a simple ratings system setup on my site which I use to let users rate an article on a certain scale. I've also got a members database setup, and voting is restricted to members only.

    I've been reading some threads on this forum about preventing cheaters from voting more than once and all of them seem to mention that this can be done by requiring users to login before voting (which as I mentioned, I already require). I'm just wondering how this works? I guess I would have to store the ID of the member someplace, but where?

    The way I see it is, I can't store it in the 'Ratings' table that I have setup, because if I had a column called 'Voters', it would have multiple entries. And if I had a colmun called 'Articles_Rated' in my 'Members' table, the same problem would occur.

    Is it necessary to setup a new table to make this work? I think that would work... but it would end up being a huge table once I get a lot of voters. Or is there something that I'm missing?

  2. #2
    SitePoint Wizard Defender1's Avatar
    Join Date
    Apr 2001
    Location
    My Computer
    Posts
    2,808
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    i suggest you read Kevin Yanks tutorial on setting up a member system.
    http://www.webmasterbase.com/article/319

    also, if you want to make it so that members can only vote once, when they submit a poll, just have it put a 1 in a column in the users table called like has_voted or whatever.
    then when they go to the vote again, have it check this and if it equals one, have it display the results and say you have voted or whatever.
    Defender's Designs
    I'm Getting Married!

    Not-so-patiently awaiting Harry Potter Book 7 *sigh*

  3. #3
    SitePoint Member Ramses's Avatar
    Join Date
    Jul 2001
    Location
    Montréal, Canada
    Posts
    15
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    One tricky way I favor is to to use a combination of sessions/user table and cookies. Once the user has voted (rated, whatever), place the id of the rated article in the session and alternatively in the user table. This was, one visitor will find it hard to vote twice for the same article during the same session. Since you require people to login, I'd use a char(255) field in the user table bearing the list of previously rated article ids separated by commas. When the user has logged-in and if he tries to vote again, pull back the list, explode the list into an array and search the array for the article_id. If found, he must therefore have voted before and you present an error message or rating results.

    That's the way I do it and it takes care of the common cases. I also set a cookie with the same info for redundancy and in the case you decide to allow un-logged users to rate articles.

    As a last recommendation, I would suggest not going the easy way many people seem to favoir, being to track past voters solely on their IP address. Many people (office workers as well as AOL users) behind firewalls or proxies show the same IP address. Blocking rating using the IP address would indeed cause some conflict for users behind proxies.
    SciFlicks.com -- Science Fiction Cinema
    No, I'm not as old as Professor Farnsworth.

  4. #4
    SitePoint Wizard Defender1's Avatar
    Join Date
    Apr 2001
    Location
    My Computer
    Posts
    2,808
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally posted by Ramses
    As a last recommendation, I would suggest not going the easy way many people seem to favoir, being to track past voters solely on their IP address. Many people (office workers as well as AOL users) behind firewalls or proxies show the same IP address. Blocking rating using the IP address would indeed cause some conflict for users behind proxies.
    Not only that, but normal modem users' ip's change everytime they login, so that would allow them to vote the next time they connected to the internet.
    Defender's Designs
    I'm Getting Married!

    Not-so-patiently awaiting Harry Potter Book 7 *sigh*

  5. #5
    ALT.NET - because we need it silver trophybronze trophy dhtmlgod's Avatar
    Join Date
    Jul 2001
    Location
    Scotland
    Posts
    4,836
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You could have a column in the vote table where it keeps all the ID numbers of all the users that have voted in it in a CSV style and when the visitor comes to it, break it down adn comapare, if it matches, dont let them vote again. But that would only work if it was a member system.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •