What's the general technique used in web languages to allow non-registered users to vote?
https://stackoverflow.com/questions/8284752
-
09-03-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am seeking to understand the general mechanism used by certain websites to allow non-registered users or simply guests to vote for something (e.g. reviews, videos, images..etc). How do they keep track of that? As in such sites, the same guest can't vote twice from the same terminal. Do they store their IP addresses? or they save the computer ID/name?
Any ideas are greatly appreciated.
P.S: (mywot.com) is an example of such sites.
Solution
They use cookies or sessions to identify the computer, that has already voted. If you understand Javascript or PHP a bit, I can give you some examples.
EDIT: OK, so here's an example:
<button value="VOTE" onClick="vote();">
<script>
var votes = 9654; //Some vote counter - only for test purposes - practically, this wouldn't work, the votes would have to be stored somewhere, this number is only stored in the browser and won't actually change for everyone, who sees the page!
function vote()
{
var cookies = document.cookie.split(";"); //Make an array from the string
var alreadyVoted = false;
for (var i = 0; i < cookies.length; i++) //Iterate through the array
{
temp = cookies[i].split("=");
if (temp[0] == "voted" && temp[1] == "true") //The cookie is there and it is "true", he voted already
alreadyVoted = true;
}
if (alreadyVoted)
{
alert("You can't vote twice, sorry.");
}
else
{
var date = new Date();
date.setTime(date.getTime()+(5*24*60*60*1000)); //Cookie will last for five days (*hours*mins*secs*milisecs)
var strDate = date.toGMTString(); //Convert to cookie-valid string
document.cookie = 'voted=true; expires=' + strDate + '; path=/'; //Creating the cookie
votes++; //Here would be probably some ajax function to increase the votes number
alert("Thanks for voting!\nVotes: "+votes);
}
}
</script>
Hope this helps, but it's only a very simple cookie demnostration code and actually wouldn't work for voting! You would have to use some PHP or something similar to actually store the vote values...
OTHER TIPS
The usual technique is to use cookies. IP addresses is not enough because a lot of places these days use NAT (offices, cybercafes, most homes with DSL routers).
The cookies should ideally be processed in the back end but can also be processed in javascript in the browser.
Cookies are indeed the solution. Here's a system that would work:
Have a votes table in the database remembering the votes for each visitor ID. When a visitor enter your site, check if the request contains a visitor_id cookie. If not, then generate a unique visitor_id (using a uuid generator), and put a visitor_id cookie in the response, with the generated id as value. This cookie should be made persistent.
Each time a vote is triggered (and/or each time you generate a vote link), check if the current visitor, identified by his visitor_id cookie, has already voted or not thanks to the votes table. When a vote is done, store it in the votes table.
Of course, nothing stops any visitor to clear its cookies, or to use another browser or machine to vote several times. But without authentication, that's the best you can do.
