General PHP logic help

Forum Moderators: coopster

Message Too Old, No Replies

General PHP logic help

andrewsmd

4:36 pm on Sep 10, 2008 (gmt 0)

Ok so I have a website with a poll on it. You can look at it here if you want. the poll is unimportant, what I just needed something up because we are trying to test how to hack/secure these kinds of online polls. What I mean is, we want to design some programs to automatically run on these to skew results one way or another, we also want to figure out ways to make these more secure (meaning the same user can't vote over and over again). I was just wondering if anyone has any good ideas? I am a PHP programmer so I posted here, but I am open to anything. I was thinking along the lines of storing the vote with an IP address and timestamp to check how often an IP address has been voting. Any suggestions? Thanks,

[edited by: dreamcatcher at 6:15 pm (utc) on Sep. 10, 2008]
[edit reason] No urls please! [/edit]

MattAU

9:05 pm on Sep 10, 2008 (gmt 0)

Using the IP address is your best bet. You could also:

Use cookies - perhaps only accept votes from people that have cookies on. That would get rid of some bots. You could also set a cookie with a 24 hour expiration, anyone with the cookie doesn't get to vote.

Check user-agents - see if you get multiple votes from the same unusual agents.

There's a few other things you could do. I guess it depends whether you're trying to stop a user clicking a few times, a bot trying to vote 1000s of times, or both.