PHP Poll, stop double voting

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
thesimon
Forum Commoner
Posts: 40
Joined: Sun Mar 13, 2005 9:44 pm

PHP Poll, stop double voting

Post by thesimon »

I have managed to script a poll with PHP and mySQL. Currently on the page i have the table in which the choices can be made and a second table with the results.

I would like for those who havnt voted to see the first table, and for those who have voted to see results, and not be able to vote again (i know there is no foolproof way, but if you could show me the most used way that would be great).

So if you could help me that would me most appreciated.
pilau
Forum Regular
Posts: 594
Joined: Sat Jul 09, 2005 10:22 am
Location: Israel

Post by pilau »

You might want to look at the source code oh phpBB or at a DB table called "poll". Maybe it'll help (I just don't know how to do it) :P
Sander
Forum Commoner
Posts: 38
Joined: Sat Aug 06, 2005 12:43 pm

Post by Sander »

Well, as far as I know there are 2 things you can do to prevent someone for double voting.

The first option is to save his IP adress. This of course won't work if the user has a dynamic IP, or if he just goes to another computer.

The other option is to store a cookie on the user's computer. Again, this won't work if the user simply goes to another computer, and he can also just delete the cookie from his computer. There is also the possibility that the cookie will never get stored because of the user's security settings.

The 'best' way would probably be to do both; save the IP and set a cookie.
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

I agree a cookie would be the best way.

However if you have a login system, you could log who voted by username, and not allow them to vote again.
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Post by josh »

Probably the most straight forward way is require a user to signup with an account at your web site before he can vote, only let each member vote once, I take it your web site already has some sort of system in place to restrict accounts to one per person?

Well it's been discussed here but I'll go over the basics:
Require email verification for a signup, no two accounts can have the same email.
Code some sort of a system that logs IP addresses, and flags suspicious accounts (accounts that have logged in from the same IP addresses)
Also flag groups of accounts if their email addresses follow any kind of noticeable pattern ('user1@example.com', 'user2@example.com', etc...)
This way you can login in to your web site, go to the admin panel and see accounts that have been flagged as account sharing, this won't prevent anything but it will definitely help you locate accounts that are sharing and delete them manually.
thesimon
Forum Commoner
Posts: 40
Joined: Sun Mar 13, 2005 9:44 pm

Post by thesimon »

How would i go about using cookies to achieve that? Its not that important that they cant go about voting again, it will just be better if they have to delete cookies before doing so.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

if the only people that can see these polls are logged in, then use database.. otherwise.. use cookie/ip recording ... the problem with the latter ones is you can't entirely rely on them to work. IP records should not deny someone from voting again.. there are too many instances where a different person/machine could get the same IP, but be perfectly valid to vote as they have not voted before..

To make things easier, it's just best to only allow voting on registered users. However, a nonregistered user should be able to view the poll and results.. just not vote.
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

thesimon wrote:How would i go about using cookies to achieve that? Its not that important that they cant go about voting again, it will just be better if they have to delete cookies before doing so.
When you process their voting data

Code: Select all

setcookie("poll","1",time()+86400*30); // persist for 30 days
Then on the page that displays the voting form

Code: Select all

if($_COOKIE['poll'] == 1)
{
    die("you've already voted in this poll");
} ELSE
{
    // show poll
}
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
Post Reply