Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Prevent double voting

Tags:

php

double

voting-system

vote

I'm creating a web application where users will vote for some candidates by clicking thumbs up or thumbs down, and these users won't have any account on the site.

What is the best technique to use? Is it necessary to use captcha for more protection from spam?

Vote counts are expected to be millions, and the subject is not very critical as long as I get 95% accuracy that would be fine. Thanks.

like image 976
Kamel Labiad Avatar asked Jan 22 '12 16:01

Kamel Labiad

4 Answers

You can combine these two methods:

  • Add a cookie to prevent multiple votes from the same machine
  • Log IP addresses and prevent voting more than a set number of times from the same address (for example, 5 times the same hour).

This will make it possible for multiple persons to vote from the same network but still prevent excessive cheating.

You may also make it harder to build a voting bot by adding some hidden form field with a token that must be included in the vote, and/or use Ajax for the voting. I know it's relatively easy to build a bot anyway but most cheaters aren't that smart.

like image 85
Emil Vikström Avatar answered Nov 19 '22 03:11

Emil Vikström

Cookies and Session Ids will help, although both can be lost when the browser is closed (if the user has it enabled to delete them). Still, they will give you some degree of accuracy (ex. the lazy voters won't bother to close and reopen their browsers).

Using IP Addresses would also work, but as @Michael Dillon said people on the same IP address (same router) will not be able to vote.

like image 26
dgund Avatar answered Nov 19 '22 02:11

dgund

You have several options, some or all of which you can use.

You can record IP and then check against IP, but then this isn't indicative of a specific person just a computer and sometimes not just a single computer.

You can also write a cookie to a user's browser but a user can use a different browser, machine etc.

Within a user's session you could create a session variable, although if you are expecting very high traffic this may not be the best option, and also only prevents re-voting within the same session.

If you are contemplating a captcha, you may as well ask the user to supply an email address and then you are assured of at least one vote per email address. However, even then you cannot be guaranteed valid email addresses.

like image 1
Digbyswift Avatar answered Nov 19 '22 03:11

Digbyswift

You can ask their phone numbers when they want to vote and send to them one time password and use that as verification. Some my also vote from another numbers but i think this is the most accurate way.

like image 1
Sam Omer Avatar answered Nov 19 '22 03:11

Sam Omer
Sign in to Comment

Related questions

Load file from mysql with PHP
PHP: global variable alternatives?
download the text file instead of opening in the browser
PHP Websocket Server hybi10
IMDB to MySQL: Insert IMDB data into MySQL database
What is the recommended approach for encrypting/decrypting large text data in MySQL?
Can a upload form upload files to another server?
How to get multiple parameters sent via drupal hook_menu
How can I run curl as shell command line in PHP
What's the best way to integrate an event-dispatcher in a PHP library?
opencart how to display all categories with images on home page opencart 1.5.1.3
PHP library for word clustering/NLP?
spl_object_hash matches, objects not identical
Split Paypal payment into two accounts
Troubleshooting file upload error code 4
Compare benchmarks of CodeIgniter vs Yii
What exactly is the PHP function session_module_name for?
ZF2: Dependency Injection, MVC, Configurations and Bootstrap
PHP SOAP HTTP Request
Increment behavior on strings - PHP easter egg?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!