Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

voting script question

Posted on 2002-07-04
8
Medium Priority
?
337 Views
Last Modified: 2013-12-25
I am using a simple voting script for a school project which sets a cookie on each user's machine to prevent multiple votes. My problem is that I suspect some of the users are "cheating" so to speak by setting their browsers to not accept cookies. So my 2 questions are: Is there a way to see who is doing this, particularly if a less than scrupulous user logs on at a public place such as a library and votes many times (this is what I expect is happening). The other question is what can be done to stop this. I am a web develloper and not a programmer so I have only a marginal understanding of cgi.
0
Comment
Question by:kim4815
8 Comments
 
LVL 2

Expert Comment

by:VEngineer
ID: 7132584
Can I ask what kind of voting system this is?  Is this something to vote in a survey, or elect a candidate, etc?

One way to prevent multiple votes is to assign every eligible voter a login and password to the voting section of your website.  That way, you know exactly who voted.  Granted since you aren't a programmer, this isn't an easy task, but we can start somewhere and see how we can help you out.

I rarely rely on cookies to do anything, and I can see why you think people are cheating on the vote.  Some things we might need to know:

- Do you want one vote per person or one vote per machine?  Is there a difference?

- About how many voters will you have?

- What kind of server side technologies do you have available to you (ASP, Perl/CGI, etc..)?

0
 

Author Comment

by:kim4815
ID: 7132602
The system is suppose to pick the winner of various contests; and the problem I think is multiple voting by the contestants. Since people who don't attend the school are encouraged to vote, I think asking for a login and password is probably too much too ask. That being said, I would assume one vote per machine would be the simplest option. Usually the total number of votes is well under 1000. The source of my suspicion is when a sizeable block of votes come in for one particular participant all within a short period of time, like 5-10 minutes.
0
 
LVL 12

Expert Comment

by:lexxwern
ID: 7133500
if all machies have fixed ip;s, then what you should do is maintain a db/list of all the ip;s that have already voted.
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 12

Expert Comment

by:lexxwern
ID: 7133508
ip can be tracked by the environment variable like this...


$userIP = $ENV{'REMOTE_ADDR'};
0
 

Author Comment

by:kim4815
ID: 7133960
I did think about having a database to record ip's but don't most people have dynamic ips? If a person can vote; log off; then log back on with a fresh ip number, how does the database help?
0
 
LVL 11

Accepted Solution

by:
mouatts earned 400 total points
ID: 7134104
There is no fool proof way unless you go down the road of logins or certificates.

But how about this approach using two basic pages.
When they request pageA check and record a cookie (or its absense)
When you send out pageA also send a cookie varying the value based on whether one was recieve or not.
On PageA there will be a link to PageB were they actually vote.
When the request for PageB is recieved again check and record the cookie value.
Now finally when they vote record the cookie value, the time, there IP address and their user agent.
Send a thnks for voting page and adjust the cookies value again.

Having done all this you can determine if a cookie is actually receive at the voting stage whether they are attempting to undertake multiple votes without changing their cookies and can discard the vote.

Where you can't tell from the cookies if they have cheated you can now compare the time, ip address and user agent to see if it looks likely that they have cheated. IE if multiple votes are received within a particular time span for the same time period then discount them if the IP address is the same or the user agent.

HTH
Steve
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently I have been answering a lot of questions like this in IT forums that I frequent. The question posed is usually something along the lines of "We have software X installed and need to uninstall it for reason Y" or some other variant of the sa…
I hope you'll find this tutorial useful and interesting. So let's try to extend Tcl with a new package.  For anyone more deeply interested please check out the book "Practical Programming in Tcl and Tk". It's really one of the best written books abo…
The viewer will learn how to dynamically set the form action using jQuery.
In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question