You could take it further and only allow one vote per user and then log their IP address as well.
There won't be many people who are determined to sway the vote by going through the hassle of creating a new user and then voting again. But there may be some. You can weed these out by looking through all the votes, usernames and ip addresses and then disregard votes which come from the same IP address from users who've only signed up minutes before voting. While they might think that they've beaten the system, you can clearly see from your table of users, registration dates, IP address and Voting Times that they're bogus. But it's a bit laborious to do this. Alternatively, once you've stored the first vote from a user in your database, let them vote again, give them the 'Thank you for your vote' message but disregard it from the server side. They'll think they're getting somewhere when in fact they're wasting their time (like those morons you see at pedestrian crossings who stab the button repeatedly, with the belief that it might make the lights change faster). And they probably won't try anything else which saves you having to delete a whole pile of junk user accounts. Just make sure you only show your users the poll result as a percentage without the 'x number of people have voted' or you'll be sussed. Would anyone really want to frig a forum poll anyway? Surely nobody's that sad! C -----Original Message----- From: CPT John W. Holmes [mailto:[EMAIL PROTECTED] Sent: 24 September 2003 17:54 To: Ryan A; [EMAIL PROTECTED] Subject: Re: [PHP] 3 mins of your time please...logic problem From: "Ryan A" <[EMAIL PROTECTED]> > Basically trying to limit the "vote" to just 1 per person, first am checking > if the the person with username has voted, if that comes back as false then > am checking his ip (because i dont know if the person changed his username > and is trying to vote again) now its allowing me to vote twice and on the > third time its restricting me. Just get rid of the check for IP address. All you're going to do is restrict a bunch of people that actually haven't voted just because they have the same IP address as someone else. Some ISPs have it so that all requests look like they are coming from the same IP address while it's actually different people. If your "poll" is really so important that you need to limit people from voting twice, then make them log in and only allow one vote per username. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php If you are not the intended recipient of this e-mail, please preserve the confidentiality of it and advise the sender immediately of any error in transmission. Any disclosure, copying, distribution or action taken, or omitted to be taken, by an unauthorised recipient in reliance upon the contents of this e-mail is prohibited. Somerfield cannot accept liability for any damage which you may sustain as a result of software viruses so please carry out your own virus checks before opening an attachment. In replying to this e-mail you are granting the right for that reply to be forwarded to any other individual within the business and also to be read by others. Any views expressed by an individual within this message do not necessarily reflect the views of Somerfield. Somerfield reserves the right to intercept, monitor and record communications for lawful business purposes. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php