tags:

views:

106

answers:

4

Hello,

I'm building a PHP/MySQL poll system and I was wondering if there's any more secure method than setting a cookie + saving user IP address and checking them later.

Thank you.

A: 

No, only thing you could do to secure a polling system is to require registration or valid email address.

dfilkovi
Anyone else have hundreds of e-mail addresses?
Dominic Rodger
Valid means that a user will have to confirm every vote within email, I don't think anyone will go to that extent.
dfilkovi
You just have to create a mail accepting everything. Then add some plugin to your mailserver (or make an app which poll your mail server) to parse the confirmation url and initiate a connexion there.
Arkh
A: 

Unless you're prepared to force people to create a user account (and then lock votes to an account) this is pretty much all you can do in my experience.

middaparka
+1  A: 

The problem with poll systems is that you want to be sure users can only vote once. This problem has no solution unless you ask for personal information which cannot be forged.

Arkh
A: 

Yep, user/pass is the only way. If you want to keep it really simple while using user authentication, use Facebook Connect. Nowadays almost everyone has FB and in a few minutes you could have it running.

Sergi
BTW, the IP address could change. With my ADSL that happens almost every day.
Sergi