How to hold data about a visitor for 6 hours?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
brammen
Forum Newbie
Posts: 1
Joined: Fri Apr 28, 2006 8:04 am

How to hold data about a visitor for 6 hours?

Post by brammen »

Hi,

I'm working on a site where a visitor (not logged in) can give points to different kind of Posts.
I want to build a security that a visitor can only vote for a single post every 6 hours, since otherwise people with bad intensions can bring a post down by voting 0 hundreds of times.

I thaught about several ways to solve this but everyway I could come up with seemed to have a bad side, can anyone help me to find a solution so a visitor can only vote 1 time every 6 hours? is it actually possible if a user is not logged in?

My best thaught was to work with sessions, but since they got destroyed when a window close, it's still possible to cheat the 6hour limit

Friendly greetings
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

There's no reliable way to block that behaviour considering your constraints.
EricS
Forum Contributor
Posts: 183
Joined: Thu Jul 11, 2002 12:02 am
Location: Atlanta, Ga

Post by EricS »

It's impossible to implement this feature with absolute certainty.

1. You could set a cookie with a 6 hour expiration date then check that cookie before applying votes. This will stop anyone who allows cookies and does not clear them often.

2. You could use sessions but then you are subject to being beaten by anyone closing their browser.

3. You could log IPs but then you would be stopping the voting of many users who are forced to share IPs because their ISP is using NAT for their customers.

4. Even requiring logging in will not stop people who set up multiple accounts.

The truth is there is no absolute solution. Just pick the option above that has the most pros vs. cons for your particular application.

- ERic
Post Reply