dspows0637 2015-03-11 18:37
浏览 52

针对未登录的用户存储数据?

On my website users do not log in, yet they can interact with the site. For example, they can vote on categories.

What would be the best way to prevent a user (even though they are not logged in) from voting for the same category more than once.

My initial thought was to store a user's IP address, when they vote, their IP along with the category voted for is stored in my database. Voting again for the same category will not have any effect.

I know proxies etc can circumnavigate this, but it's only meant to be a casual system to fool basic users.

Is there a better way to do this?

  • 写回答

4条回答 默认 最新

  • douzhi1937 2015-03-11 18:44
    关注

    You can start a session with session_start() and use AJAX to store vote information in the session. Similarly you can use AJAX call to your PHP script to see if a user can vote or not.

    One downside to that is that if user removes his PHPSESSID cookie your session_start() will create new session, to avoid that you should use your own session control, any way you like, though it would have to store more unique information such as user-agent and the IP address as well as PHPSESSID.

    Note, without any heavy counter-measures this can be fooled, one way or another, but you said yourself it's only meant to be a casual system to fool basic users.

    评论

报告相同问题?

悬赏问题

  • ¥20 软件测试决策法疑问求解答
  • ¥15 win11 23H2删除推荐的项目,支持注册表等
  • ¥15 matlab 用yalmip搭建模型,cplex求解,线性化处理的方法
  • ¥15 qt6.6.3 基于百度云的语音识别 不会改
  • ¥15 关于#目标检测#的问题:大概就是类似后台自动检测某下架商品的库存,在他监测到该商品上架并且可以购买的瞬间点击立即购买下单
  • ¥15 神经网络怎么把隐含层变量融合到损失函数中?
  • ¥15 lingo18勾选global solver求解使用的算法
  • ¥15 全部备份安卓app数据包括密码,可以复制到另一手机上运行
  • ¥20 测距传感器数据手册i2c
  • ¥15 RPA正常跑,cmd输入cookies跑不出来