why not assign your user a unique id when they first visit you site and this is registered in a database. The unique id is then passed from page to page in the URL (i.e. get method) when they submit their vote, the PHP page: 1: check to see if that Unique ID is stored in the database (checks it hasn't just been made up) 2: checks to see if the "Voted" field is set to false if either of the above return as FALSE reject the vote because either the user has already voted or they modified the unique id to try and cheat the system. Now, the only way for them to make multiple votes is to keep getting to the voting page by going back to your homepage and following the links to your vote page or to make up a unique id and hope it's already been created by someone else. Every time you change the poll, you should empty the database as there could be a few unique ids that were created but the visitor didn't vote.
It's a bit overkill for a web poll though!!! "Bruce Karstedt" <[EMAIL PROTECTED]> wrote in message 000401c22047$925f4840$768c3841@c3">news:000401c22047$925f4840$768c3841@c3... > Why not create a cookie for that poll. When the vote check for the cookie. > Unless a user clears the cookie himself, you basically limit votes to one > per computer or one per computer per user. > > Bruce Karstedt > President > Technology Consulting Associates, Ltd. > Tel: 847-735-9488 > Fax: 847-735-9474 > > > -----Original Message----- > From: Rasmus Lerdorf [mailto:[EMAIL PROTECTED]] > Sent: Saturday, June 29, 2002 10:34 PM > To: JJ Harrison > Cc: [EMAIL PROTECTED] > Subject: Re: [PHP] Getting IP from behind proxies > Importance: Low > > > You need to assign each person a unique identifier of some sort. ie. > assign them a login and password and verify that information by sending a > message to their email address. Then only people with multiple email > addresses can spam your system with votes. > > Beyond that it comes down to verifying each voter manually. Get a phone > number and call each one up. Even that is not quite foolproof. > > Personal certificates might be an option here, but that is rather > cumbersome for everyone involved. > > Basically there is no good solution for this problem. Until everyone in > the world has a unique and non-spoofable, easily verifiable id number, > what you are trying to do is impossible. > > Basically live with the fact that your voting system will be inaccurate > and spoofable. > > -Rasmus > > On Sun, 30 Jun 2002, JJ Harrison wrote: > > > what esle could i use? > > "Rasmus Lerdorf" <[EMAIL PROTECTED]> wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > You can only get it if the proxy provides you with this data. Most > don't, > > > so this is not a reliable approach. > > > > > > -Rasmus > > > > > > On Sat, 29 Jun 2002, JJ Harrison wrote: > > > > > > > I want to check to see if people have voted yet for a poll. > > > > > > > > How can I get the ip of a user from both behind a proxy and the > proxies > > ip? > > > > > > > > is this simple? > > > > > > > > will i have trouble with firewalls etc? > > > > > > > > > > > > -- > > > > JJ Harrison > > > > [EMAIL PROTECTED] > > > > www.tececo.com > > > > > > > > > > > > > > > > -- > > > > PHP General Mailing List (http://www.php.net/) > > > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
