Managing Polls, and not allowing duplicate votes

Forum Moderators: coopster

Message Too Old, No Replies

Managing Polls, and not allowing duplicate votes

What is the best method? IP? Cookie? Combo of the 2?

ryan_b83

3:49 pm on Feb 4, 2007 (gmt 0)

Hello, I am trying to write a simple php/mysql poll application. However i want to try to limit duplicate voting from the same computer as much as possible. I know it can't really be perfect but what is the best known way to do this?

IP address? (but people in the same building could have the same IP address, and the whole building would only get 1 vote, which isn't right)

Clint side Cookie? refers to a single comptuer, but they can remove/block them?

any ideas?

thanks.
Ryan

darrengeorge

9:02 pm on Feb 4, 2007 (gmt 0)

I dont think there is any perfect solution.

You have options though:

Make users register;
Make users provide an email address which is then validated and stored in a db.

Both options arent infalible, however they both make it enough of a faff to vote multiple times, yet not so much of a hassle that the user is deterred from voting at all.

ericjust

2:22 am on Feb 5, 2007 (gmt 0)

I agree with darrengeorg. I don't think that there is a perfect solution. Short of user registering or something like that - I think there are only a couple (but NOT perfect) solutions.

1. Use cookies.
2. User IP
2. Use IP + User Agent.

You could write that application to check for a cookie first, and then compare a hash of the IP + User Agent.

Unfortunately I don't believe that there is a foolproof way of doing this.

ryan_b83

1:05 am on Feb 7, 2007 (gmt 0)

yea what i ended up doing is

store the cookie
log the IP + User Agent hash,
log the time();

cookie works as first level of detection
IP + User Agent Hash works as second level
and every time a submition is attempted, it checks to see if the IP + User Agent Hash was used more than 5 times in the last hour, if so, its flagged and stopped from being aloud to submit.

thanks guys.