SitePoint Sponsor

User Tag List

Results 1 to 8 of 8
  1. #1
    SitePoint Member
    Join Date
    Feb 2003
    Location
    New York City
    Posts
    13
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Poll: Preventing Multiple Votes

    Hi, I've setup a simple poll script that goes inside by signature, it works fine. The only problem is that it doesn't prevent the same user(s) from voting more than once.

    My question is, how would I prevent this from happening? I've thought about setting up cookies, but that would be ineffective because many people use a sort of cookie blocker. My other idea was to keep track of the IPs of the people that voted; If they vote again, the script will check if the IP is already in the list and not increment the vote counter.

    I'm fairly new in PHP, so I don't know how it's done. Any hints or suggestions would be appreciated.

    Here is my quick poll:

    [Quick Poll] Which winamp do you prefer (2.81/3.x)?

    .. and here are the current results:



    P.S: How come [IMG] tags aren't working? it's not displaying the images.
    Last edited by BxBoy; Feb 20, 2003 at 16:44.

  2. #2
    SitePoint Addict mr tinkles's Avatar
    Join Date
    Jan 2003
    Posts
    262
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I actually use version winamp2.65, works great.

    you really can't stop multiple voting, but you can make it harder.

    some things to think about:

    do all described, plus...

    have em give email address, though this makes form annoying, and they can still fake...

    when you load the poll, before user votes, pass a hidden field with some unique value. when user votes, track by that value. This is session dependent. If already tracking user by some other form, that user just voted, not session dependent. Probably best case, also...

    it's a poll about what version of winamp one prefers? how sensitive is this info? may not be worth the effort

  3. #3
    ********* Member website's Avatar
    Join Date
    Oct 2002
    Location
    Iceland
    Posts
    1,238
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    well, you can save a cookie on the user, although that is very easy to crack, you could save a session so he always has to shutdown the browser, that is really annoying, also you could save is ip in a db and ban it, temporarily or permanently, so he can't vote again for the same poll, the best thing is ofcourse if you have some kind of community just to allow each user to vote once...
    - website

  4. #4
    SitePoint Member
    Join Date
    Feb 2003
    Location
    New York City
    Posts
    13
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    oh, it's a simple quick poll, with the subject changing weekly.. i'm not too concerned about accurancy, as that's almost impossible to achieve. But what I would like to do is prevent causual multi-voting from the same IP.

    No need for excess stuff like FORMS and EMAIL verification, as the voting takes place in my sig with a simple click of one or choice (or the other).

    What I thought about is keeping track of the IP (the first time they vote) and then store it in a file. The next time they attempt to vote again, the script would check the current IP against the list and won't advance the counter if that IP has already voted.

    The problem is implementing this.. any suggestions or other ideas?

    Thanks.

  5. #5
    ********* Member website's Avatar
    Join Date
    Oct 2002
    Location
    Iceland
    Posts
    1,238
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It really is not so hard. You simply register the ip to the database, and the date&time and then you do a quick query where you search for this ip (and perhaps where to_days something) and if you get result, you don't allow the counter to rise.
    - website

  6. #6
    SitePoint Member
    Join Date
    Feb 2003
    Location
    New York City
    Posts
    13
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally posted by website
    It really is not so hard. You simply register the ip to the database, and the date&time and then you do a quick query where you search for this ip (and perhaps where to_days something) and if you get result, you don't allow the counter to rise.
    It wouldn't be for someone who is experienced with PHP, but I'm just a beginner.. I could use any help I can get..

  7. #7
    SitePoint Zealot
    Join Date
    Oct 2002
    Posts
    158
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    For info about cookies and server vars check out
    http://www.php.net/manual/en/languag...predefined.php

    a combination of techniques would work best

    just logging the ip address alone may ban other people who actually havent voted (dynamic ip).. so what i would do is
    apply a timelimit to the ip address and also send out a cookie.

    For instance.. when someone votes... send them a cookie for that poll.. and also log their ip address with a timestamp.

    Decide the appropriate amount of time to disallow this ip address to vote again (I would suggest at least 24 hours).

    This will prevent someone from deleting the cookie you send them and then voting over and over again, and they will not be able to vote again for another 24 hours.. this will deter anyone from trying to tamper with you polls, but will also allow for someone else to vote if they happen to get the same ip address as someone else who has already voted (very common with dial-up internet access especially).

    so basically, here is the flow..

    1. someone clicks to vote..

    2. Check to see if they have a cookie from you for that particular poll.

    3. If they do, then do not allow them to vote.

    4. If they do not have a cookie, obtain their ip address with $_SERVER['REMOTE_ADDR'] and check it against your collection of ip address to see if theirs exists...

    4. if it does not exist, record the vote, save their ip address along with a timestamp (see mktime()) to your database, and also send them a cookie.

    5. if the ip does exist check the time on it and compare it to the current time..

    6. if the time difference is not acceptable, do not allow them to vote, update their timestamp entry, and send them a cookie.

    7. if the time difference passes, then record the vote and update the timestamp in the database, as well as send them a cookie
    Last edited by shoebox; Feb 22, 2003 at 03:32.

  8. #8
    lean mean coding machine cosmo's Avatar
    Join Date
    Aug 2001
    Location
    the cosmos
    Posts
    463
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Since any user can delete their cookies and many different users can have the same ip address, the best way to prevent multiple votes is to use a combination of both.

    Also, if the poll is setup in some sort of member area, then all you have to do is register the members who have voted and prevent them from voting again.
    Luthfur R. - Web Developer
    PHP Lite.com - Professional PHP Scripts and Web Applications
    Calendar Express 2 - Web Based Calendar and Event Publishing System


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •