I'm coding a sweepstakes entry form in php where the User submits some information in a form and it is stored in a database.
I would like to find a way to restrict this form to one submission per person. Either dropping a cookie or by IP address. What would be the best way to approach this?
I'm building it on code igniter, if that makes any difference.
Simple answer, log the IP in the same row with the information store. If you do a cookie a bot or user can easily remove the cookie destroying your protection scheme. So simply log the IP address and then query each entry for uniqueness before accepting the submission.
They both have their own downsides tbh. Cookies are easy to forge and easy to remove which will allow multiple votes. Restricting by IP is better but IP addresses can be shared within networks and can also be proxied to avoid detection. Best bet is rely on something like email address and force the user to click an emailed link to confirm a vote, admittedly though this isn't great.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With