tags:

views:

145

answers:

3
+2  Q: 

Ruby on Rails - Restricting click by IP...

I am new to rails so go easy. I have created a blog with the ability to "vote" on a post by using a feature much like Facebook's "like". I am not using any authentication but would like to restrict voting on a particular post by IP. That is, once someone votes for a post, they cannot vote again (unless they reset their router of course).

I feel like this should be something I affect by modifying the votes or posts Model, but I fear it has to do with Sessions, which...I don't have any experience yet.

Let me know if you need me to post any code. Here is the votes controller.

class VotesController < ApplicationController

  def create
    @post = Post.find(params[:post_id])
    @vote = @post.votes.create!(params[:vote])

       respond_to do |format|
       format.html { redirect_to @post}
       format.js
     end
  end
end
A: 

You could add an ip_address attribute to your votes table and validates_uniqueness_of :ip_address to ensure that only one vote can come from an IP.

bensie  2009-11-20 16:08:26
+6  A: 

Two ways of doing it come to mind right away, there are probably others. Both require storing an IP in the database.

  1. Block the vote from being created with a uniqueness validation.

    class Vote < ActiveRecord::Base
  validates_uniqueness_of :ip_address
  ...
end

  2. Block the vote from being created in the controller

    class VotesConroller < ApplicationController
  ...
  def create
    unless Vote.find_by_post_id_and_ip_address(params[:post_id],request.remote_ip)
       posts.votes.create!(params[:vote].update({:ip_address => request.remote_ip}))
    end
  end
end
EmFi  2009-11-20 16:11:35
This is great...how do I pass the ip address to the table from the form. I created the column ip_address.
bgadoci  2009-11-20 16:21:53
I tried: <%= f.hidden_field :ip_address => request.remote_ip but didn't work.
bgadoci  2009-11-20 16:22:50
You don't even need to collect the ip address in the form. Just have the controller pass it. See the Vote.create line in the 2nd method for how to do that. (Assumes column name is ip_address
EmFi  2009-11-20 16:25:47
I have posted my votes controller code above. I am having trouble perhaps because of the collection of post_id.
bgadoci  2009-11-20 16:47:57
Adjusted solution to match your code.
EmFi  2009-11-20 16:54:19
FYI - the reason you don't want to go the <%= f.hidden_field :ip_address, request.remote_ip %> route is because that's easily modifiable by the user. You need to force it in your controller as EmFi posted above.
bensie  2009-11-20 17:27:17
+1  A: 

I would do both EmFi and bensie said and store the IP address with the vote but you might also want to look into creating a blacklist of IPs which you want to block because the represent popular proxy servers (for example, the many proxies in the http://proxy.org/ list).

As you add to the list it will make it at least a little bit harder for users to cheat.

John Munsch  2009-11-20 16:22:40
This is great thanks. See my comments on EmFi, need a little help with how to pass to table. I am new.
bgadoci  2009-11-20 16:23:50
Good catch, remote_ip is supposed to get the IP behind the proxy using the HTTP\_CLIENT\_IP or HTTP\_X\_FORWARDED\_FOR headers.However, it's probably not flawless.
EmFi  2009-11-20 16:31:53

related questions

Best place to get Ruby on Vista up and running as dev environment
How can I encode xml files to xfdl (base64-gzip)?
What is the best way to learn Ruby?
Learning Ruby on Rails any good for Grails?
How to sell Python to a client/boss/person with lots of cash
How do I create a Class using the Singleton Design Pattern in Ruby?
How do I update Ruby Gems from behind a Proxy (ISA-NTLM)
Why Should I Learn Ruby?
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
How do I rake tasks within a ruby script?
Ruby On Rails with Windows Vista - Best Setup?
Mapping values from two array in Ruby
Reverse DNS in Ruby?
Text Editor For Linux (Besides Vi)?
What is good forum software to add to an existing Rails application?
Calling Bash Commands From Ruby
How can I modify .xfdl files? (Update #1)
How do I use (n)curses in Ruby?
Open Source Ruby Projects
How do I fix 'Unprocessed view path found' error with ExceptionNotifier plugin in rails 2.1?
When to use lambda, when to use Proc.new?
Frequent SystemExit in Ruby when making HTTP calls
Implementation of "Remember me" in a Rails application.
.NET Migrations Engine
How do I add existing comments to RDoc in Ruby?