Hi, I'm building a rating app, so people can rate any kind of object (e.g. a video, a news entry, etc.). The rating is done anonymously (there's no user account on that site) and via an Ajax query. The view currently only takes one parameter, the rating value (a float), so I don't think I can use something like Akismet.
To prevent multiple ratings by the same person, a flag is set in the session. Obviously it means that the person can rate again if she uses a different browser or if the session expires, but that's not a big issue. Now, what worries me is potential spam attacks. How can I identify if the request is from a genuine person or a bot? I started implementing a system which records IP addresses and prevents anybody to rate twice from the same IP within a given short time. But if genuine persons are behind a proxy, IP uniqueness cannot be guaranteed and they may be all mistaken for a bot. Are there some algorithms in Django to cope with this kind of situations? Maybe passing some kind of key protection in the URL? Thanks a lot, Julien --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
