Let's say I want to open a simple, simple poll which could be hand-made via PHP. There are only two options. Option A or Option B. Without telling people to register, what is the most secure way to deter cheating?
If possible, I would like to use MySQL to store the data such as the votes. I am not asking for code, I am asking for ways on what I should do.
I say no registering because it puts people off just for a simple vote...
Thank you and have a good day.
分享 Defence in depth. Store as much identifying information as you can.
Store IP address, browser agent, host address, host name ... everything you like the look of, in your MySQL table. If ALL of these match, then it's someone trying to dupe.
Set a cookie to stop them voting. If this exists, they're trying to dupe.
Set a flash cookie to stop them voting (entirely different to normal cookies, get Googling :P) If this exists, they're trying to dupe.
Plus anything else you can think of. There will always be ways to get around it, of course, as it's always extremely hard to say "yes, that almost untraceable request came from that person", but it's more about making it a MASSIVE pain in the ass to beat the system with something like this.
分享
