Hello,
I'm building a PHP/MySQL poll system and I was wondering if there's any more secure method than setting a cookie + saving user IP address and checking them later.
Thank you.
A:
No, only thing you could do to secure a polling system is to require registration or valid email address.
dfilkovi
2009-11-26 11:18:49
Anyone else have hundreds of e-mail addresses?
Dominic Rodger
2009-11-26 11:48:22
Valid means that a user will have to confirm every vote within email, I don't think anyone will go to that extent.
dfilkovi
2009-11-26 12:13:27
You just have to create a mail accepting everything. Then add some plugin to your mailserver (or make an app which poll your mail server) to parse the confirmation url and initiate a connexion there.
Arkh
2009-11-26 12:43:25
A:
Unless you're prepared to force people to create a user account (and then lock votes to an account) this is pretty much all you can do in my experience.
middaparka
2009-11-26 11:19:00
+1
A:
The problem with poll systems is that you want to be sure users can only vote once. This problem has no solution unless you ask for personal information which cannot be forged.
Arkh
2009-11-26 11:22:36
A:
Yep, user/pass is the only way. If you want to keep it really simple while using user authentication, use Facebook Connect. Nowadays almost everyone has FB and in a few minutes you could have it running.
Sergi
2009-11-26 12:02:20
BTW, the IP address could change. With my ADSL that happens almost every day.
Sergi
2009-11-26 12:04:13