Simple User Tracking

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
anoxymous
Forum Newbie
Posts: 2
Joined: Sun Aug 29, 2010 8:50 pm

Simple User Tracking

Post by anoxymous »

Hi All.

I am looking for a solution for my new website i am developing. The site involves users registering their votes on polls. I want the system to be as easy to use as possible to encourage people to participate. For this I was hoping to come up with a solution which would require users to not have to create a new account just to vote. I would like some suggestions of how I could implement it whilst still restricting the ability of people/programs to spam votes (which could unfairly change the result of polls).
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Re: Simple User Tracking

Post by Mordred »

http://www.google.com/recaptcha, cookies, flash cookies
anoxymous
Forum Newbie
Posts: 2
Joined: Sun Aug 29, 2010 8:50 pm

Re: Simple User Tracking

Post by anoxymous »

well the recaptcha things seems like a good idea to stop programs, but what about users? what will stop them from clearing there cache or changing IP's? also I may like to have the option for users to be able to change their choices later. Is there anyway which i could use pre existing accounts for users (facebook/twitter,etc) so they don't have to register for a new account?
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Re: Simple User Tracking

Post by Mordred »

what will stop them from clearing there cache or changing IP's?
Nothing. You can't have a fair voting system without user ID. Your second best bet is having your own persistent user ID by using cookies and/or flash cookies and/or whatever persistent storage you can think of.
Is there anyway which i could use pre existing accounts for users (facebook/twitter,etc) so they don't have to register for a new account?
Yup, check their APIs.
Post Reply