And this is why I'm not an expert! I have a counter script on my page now that uses a flatfile to store IP's, but it also stores a timestamp. When someone visits the page, the current time is compared to the stored timestamp for that IP + whatever timeout period I set. If it's less, then that IP is not counted again. If it's more, than the previous entry is deleted and a new one written with a new timestamp. I have it set for 15 minutes just to keep people from sitting and hitting 'reload' to run up my counter.
Anyway, I figured the same type of thing could be used here, I just didn't explain it. Seems that someone else came up with a simpler solution anyhow! Thanks for pointing out my idea's flaws... I'm a little biased, so I don't always see them myself. Jason Soza ----- Original Message ----- From: Miguel Cruz <[EMAIL PROTECTED]> Date: Wednesday, May 22, 2002 9:45 am Subject: Re: [PHP] voting using text files > On Wed, 22 May 2002, Jason Soza wrote: > > Using file locking, if two people tried to use the script at the > same > > time, wouldn't there be an error for one of them? > > The second session would just have to wait for the first to finish > (which > should be an infinitessimal amount of time). > > > My first guess at defeating this is having the script write a > file named > > after the voter's IP. Have the file written to a different > directory for > > whatever choices they have, then use readdir() to count the > files in > > each directory, i.e. the number of votes for each choice. Then > if that > > same IP tries to vote again, check it against votes already > received and > > approve/deny it. > > Using IPs is a pretty lousy way of uniquely identifying users, > especially > for a purpose like this: > > 1. If I dial in with a modem, I probably get a new IP each time I > connect, > so I can vote as often as I like. > > 2. Many companies, ISPs, and even countries use proxy servers that > aggregate thousands or millions of users behind a handful of IP > addresses. > One vote from China, Saudi Arabia or New Zealand and that could be > it for > the country. Likewise AOL. > > Try cookies or something. Still can be defeated by the determined > ballot-box stuffer, but so can everything else that doesn't > require human > verification of identity. > > miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php