Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Form Input - Restricting to one submit per IP / Computer

I'm coding a sweepstakes entry form in php where the User submits some information in a form and it is stored in a database.

I would like to find a way to restrict this form to one submission per person. Either dropping a cookie or by IP address. What would be the best way to approach this?

I'm building it on code igniter, if that makes any difference.

like image 322
wesbos Avatar asked Apr 26 '10 20:04

wesbos


2 Answers

Simple answer, log the IP in the same row with the information store. If you do a cookie a bot or user can easily remove the cookie destroying your protection scheme. So simply log the IP address and then query each entry for uniqueness before accepting the submission.

like image 65
Jeremy B. Avatar answered Sep 20 '22 01:09

Jeremy B.


They both have their own downsides tbh. Cookies are easy to forge and easy to remove which will allow multiple votes. Restricting by IP is better but IP addresses can be shared within networks and can also be proxied to avoid detection. Best bet is rely on something like email address and force the user to click an emailed link to confirm a vote, admittedly though this isn't great.

like image 45
robjmills Avatar answered Sep 21 '22 01:09

robjmills