You could take it further and only allow one vote per user and then log
their IP address as well.

There won't be many people who are determined to sway the vote by going
through the hassle of creating a new user and then voting again. But there
may be some. You can weed these out by looking through all the votes,
usernames and ip addresses and then disregard votes which come from the same
IP address from users who've only signed up minutes before voting. While
they might think that they've beaten the system, you can clearly see from
your table of users, registration dates, IP address and Voting Times that
they're bogus. But it's a bit laborious to do this.

Alternatively, once you've stored the first vote from a user in your
database, let them vote again, give them the 'Thank you for your vote'
message but disregard it from the server side. They'll think they're getting
somewhere when in fact they're wasting their time (like those morons you see
at pedestrian crossings who stab the button repeatedly, with the belief that
it might make the lights change faster). And they probably won't try
anything else which saves you having to delete a whole pile of junk user
accounts. Just make sure you only show your users the poll result as a
percentage without the 'x number of people have voted' or you'll be sussed.

Would anyone really want to frig a forum poll anyway? Surely nobody's that
sad!

C

-----Original Message-----
From: CPT John W. Holmes [mailto:[EMAIL PROTECTED]
Sent: 24 September 2003 17:54
To: Ryan A; [EMAIL PROTECTED]
Subject: Re: [PHP] 3 mins of your time please...logic problem


From: "Ryan A" <[EMAIL PROTECTED]>

> Basically trying to limit the "vote" to just 1 per person, first am
checking
> if the the person with username has voted, if that comes back as false
then
> am checking his ip (because i dont know if  the person changed his
username
> and is trying to vote again) now its allowing me to vote twice and on the
> third time its restricting me.

Just get rid of the check for IP address. All you're going to do is restrict
a bunch of people that actually haven't voted just because they have the
same IP address as someone else. Some ISPs have it so that all requests look
like they are coming from the same IP address while it's actually different
people.

If your "poll" is really so important that you need to limit people from
voting twice, then make them log in and only allow one vote per username.

---John Holmes...

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
 
If you are not the intended recipient of this e-mail, please preserve the
confidentiality of it and advise the sender immediately of any error in
transmission. Any disclosure, copying, distribution or action taken, or
omitted to be taken, by an unauthorised recipient in reliance upon the
contents of this e-mail is prohibited. Somerfield cannot accept liability
for any damage which you may sustain as a result of software viruses so
please carry out your own virus checks before opening an attachment. In
replying to this e-mail you are granting the right for that reply to be
forwarded to any other individual within the business and also to be read by
others. Any views expressed by an individual within this message do not
necessarily reflect the views of Somerfield.  Somerfield reserves the right
to intercept, monitor and record communications for lawful business
purposes.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to