Forgot to send to list.

---------- Forwarded message ----------
From: Ian <>
Date: Wed, Feb 18, 2009 at 11:12 AM
Subject: Re: [PHP] Re: Unique User Hashes
To: Colin Guthrie <>

'Twas brillig, and Ian at 18/02/09 07:09 did gyre and gimble:
>> We dont have registration - its a once off vote anonymously using the hash
>> in the original email. We dont want registration otherwise it would be
>> much
>> easier - but this was the best way I could think of without user
>> registration :/
> Do you have to invite people to vote or can anyone come along and cast?
> If the former you could email a UUID token to them or similar as part of
> the link. Once that UUID was "spent" it wouldn't allow voting again.
> I say UUID as a regular auto-incrementing id would be fairly easy to guess
> ;)
> Of course this may not be appropriate in this circumstance.
> Col
> Unfortunately its anyone can come along and vote - no email inviting :/

If you've already sent them an email with a hash in it, can you do something
> like:
> - require the hash be pasted into a field in your voting form
> - save the hash to a cookie
> - if the cookie doesn't exist, prompt for the hash again along with a link
> to resend the hash
> It's sort of 'login lite' in a way, but might be less oppressive than a
> full login process.

Same as above - wouldnt work because we arent recording that info...

Reply via email to