RE: [PHP] basic voting
Justin, you've just asked for a way to restrict the possible number of votes from any one person to 1, however, you don't want to find out anything about that person! Although I certainly understand your position, you either have to get from them some information specific to the person, like, name, email, DL, SSN, and only allow one vote entry per id, or you have track based on cookie, ip address, etc. A simple non-obtrusive way would be to track by IP, but then you've got the problem of users behind proxies, or multiple users at one computer, or You pretty much have to ask for something like email or name, or be willing to accept multiple votes from the same person. Sorry. -Original Message- From: Justin French [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 11, 2002 7:34 AM To: php Subject: [PHP] basic voting Hi, I'm looking to implement very basic like it | hate it voting for a product on a site, but I'd like to implement some simple (or not so simple) ways of ensuring people don't vote over and over and over. 1. I could set a cookie. Sure, they could delete the cookie and re-vote though, and those without cookies will be able to repeat vote. 2. To prevent automated voting, I can make sure that the votes are POSTed, not done through GET, but if people really wanted, they could still get around it. 3. I can restrict voting to logged in members, but I don't think I want to be that restrictive. Am I missing something obvious? Or do you just use a combo of 1 + 2??? Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] basic voting
on 12/09/02 12:12 AM, David Buerer ([EMAIL PROTECTED]) wrote: Justin, you've just asked for a way to restrict the possible number of votes from any one person to 1, however, you don't want to find out anything about that person! I'd consider that a restriction to getting lots of votes in a quick manner... :) Although I certainly understand your position, you either have to get from them some information specific to the person, like, name, email, DL, SSN, and only allow one vote entry per id, or you have track based on cookie, ip address, etc. A simple non-obtrusive way would be to track by IP, but then you've got the problem of users behind proxies, or multiple users at one computer, or IP address' aren't an option. You pretty much have to ask for something like email or name, or be willing to accept multiple votes from the same person. There's NOTHING to stop me from entering 24 different names or email address', so I don't consider these options either. Sorry. It's not your fault :) Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] basic voting
Most sites log by IP but if its the IP of a firewall, it would only be one vote from everyone behind the firewall. Adam On Thu, 12 Sep 2002, Justin French wrote: Hi, I'm looking to implement very basic like it | hate it voting for a product on a site, but I'd like to implement some simple (or not so simple) ways of ensuring people don't vote over and over and over. 1. I could set a cookie. Sure, they could delete the cookie and re-vote though, and those without cookies will be able to repeat vote. 2. To prevent automated voting, I can make sure that the votes are POSTed, not done through GET, but if people really wanted, they could still get around it. 3. I can restrict voting to logged in members, but I don't think I want to be that restrictive. Am I missing something obvious? Or do you just use a combo of 1 + 2??? Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] basic voting
How bout this for just a little better than IP logging.
?
if (getenv(HTTP_X_FORWARDED_FOR)){
$internalip=getenv(HTTP_X_FORWARDED_FOR);
}
if (getenv(REMOTE_ADDR)){
$externalip=getenv(REMOTE_ADDR);
}
echo $externalip.-.$internalip;
?
-Original Message-
From: Adam Williams [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 11, 2002 11:24 AM
To: Justin French
Cc: php
Subject: Re: [PHP] basic voting
Most sites log by IP but if its the IP of a firewall, it would only be one
vote from everyone behind the firewall.
Adam
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] basic voting
Since you haven't divulged your task, I'm guessing from comments that receving 24 votes from faked emails is a really bad thing. In that case you have no choice but to thoroughly authenticate your users! Hey, at least it's not a complicated thing to do, just kind of pain on everyones end. -Original Message- From: Justin French [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 11, 2002 8:10 AM To: David Buerer; '[EMAIL PROTECTED]' Subject: Re: [PHP] basic voting on 12/09/02 12:12 AM, David Buerer ([EMAIL PROTECTED]) wrote: Justin, you've just asked for a way to restrict the possible number of votes from any one person to 1, however, you don't want to find out anything about that person! I'd consider that a restriction to getting lots of votes in a quick manner... :) Although I certainly understand your position, you either have to get from them some information specific to the person, like, name, email, DL, SSN, and only allow one vote entry per id, or you have track based on cookie, ip address, etc. A simple non-obtrusive way would be to track by IP, but then you've got the problem of users behind proxies, or multiple users at one computer, or IP address' aren't an option. You pretty much have to ask for something like email or name, or be willing to accept multiple votes from the same person. There's NOTHING to stop me from entering 24 different names or email address', so I don't consider these options either. Sorry. It's not your fault :) Justin French
