tags:

views:

79

answers:

7
+3  Q: 

How save ip of user, who use random generated ip?

in my project i need to allow rating system for users only once. i have a table in my database, where i store all ip addresses, and i check, if the user's ip is not in database, i allow rating.

But now i met a problem.

There are providers, that generate random ip addresses every time user restart computer.

So when i call $ip=$_SERVER['REMOTE_ADDR'];, every time it returns different result from the same computer.

I also tried something like 

if (!empty($_SERVER['HTTP_CLIENT_IP']))   //check ip from share internet
    {
        $ip=$_SERVER['HTTP_CLIENT_IP'];
    }
    elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))   //to check ip is pass from proxy
    {
        $ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
    }
    else
    {
        $ip=$_SERVER['REMOTE_ADDR'];
    }

But it doesn't help.

How can i solve this problem?

Thanks much

+2  A: 

The only way to effectively combat this is to use a unique login system, but even then, users can create multiple accounts.

Delan Azabani  2010-09-19 11:58:55
+1  A: 

In addition to the ip check you can implement a cookie, it is not a perfect solution but, if user don't erase it you can leverage on this second check to find duplicate voting attempts

Eineki  2010-09-19 11:59:40
+5  A: 

You have to accept that some users will have changing IP's.

If your voting system is important, consider adding registration, email verification along with IP checks to filter out primitive cheats.

Again though it's always quite easy to cheat on those sorts of systems (web proxies for example)

Tom Gullen  2010-09-19 11:59:57
A: 

There is no way of getting the users old IP from the server superglobal.

Cookies could also work, but not really feasible for a sinple rating system.

pyBite42  2010-09-19 12:00:07
A: 

You could use setcookie to write a cookie to a user's hard drive following a vote. Of course it would be easy for savvy users to remove this and vote twice.

Robin  2010-09-19 12:00:34
+1  A: 

Best option would be to force them to register, in order to rate/vote.

There is no absolute way you'll be able to keep track of them otherwise.

xil3  2010-09-19 12:01:08
A: 

You can use combination of both setting a cookie on client and storing IP address, you can also get a copy of public proxies and blacklist the ip address, plus email verification.

thats the maximum extent, its not full proof if the person cleans the cache and has a dynamic IP but you can slow down the spammer.

Sandy  2010-09-19 12:19:41

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases