voting / polling system

Re: voting / polling system

On Sat, 03 Sep 2005 12:35:30 +1200, windandwaves wrote:
[color=blue]
> I thought about using the session ID as a unique identifier, what do you
> think?[/color]

You should either allow voting only to the registered users or create a
cookie with setcookie() and refuse to allow voting if the corresponding
$_COOKIE is set. Of course, nothing will prevent the user from cleaning
the cookies in his browser or voting by LWP, which will give the user
the full control over his cookies and cream.
That is the benefit of allowing only registered users to vote. I have to
confess that I once rigged a poll like that using Perl and LWP and that
the winning option won with 100 times as many votes as there were possible
voters. Of course, the poll was cookie based. If your goal is to discover
hidden Perl programming talents, cookie-based polls are the way to go. If,
on the other hand, you want a realistic poll, then you can allow voting
only to the registered users and insert the voting record into a database
table with username as the primary key. Primary key disallows duplicates,
so an attempt to vote early and vote often will inevitably fail. That
means that everything is server controlled and nothing is left for
practicing scripting skills on the client side. That type of polls is
boring and realistic.

--

Re: voting / polling system

Mladen Gogala wrote:[color=blue]
> On Sat, 03 Sep 2005 12:35:30 +1200, windandwaves wrote:
>[color=green]
>> I thought about using the session ID as a unique identifier, what do
>> you think?[/color]
>
> You should either allow voting only to the registered users or create
> a cookie with setcookie() and refuse to allow voting if the
> corresponding $_COOKIE is set. Of course, nothing will prevent the
> user from cleaning the cookies in his browser or voting by LWP, which
> will give the user
> the full control over his cookies and cream.
> That is the benefit of allowing only registered users to vote. I have
> to confess that I once rigged a poll like that using Perl and LWP and
> that the winning option won with 100 times as many votes as there
> were possible voters. Of course, the poll was cookie based. If your
> goal is to discover hidden Perl programming talents, cookie-based
> polls are the way to go. If, on the other hand, you want a realistic
> poll, then you can allow voting only to the registered users and
> insert the voting record into a database table with username as the
> primary key. Primary key disallows duplicates, so an attempt to vote
> early and vote often will inevitably fail. That means that everything
> is server controlled and nothing is left for practicing scripting
> skills on the client side. hat type of polls is boring and realistic.[/color]

Classic. Yes, I dont think the clients will be interested in a registered
poll.... I am using Session_IDs as the primary key, but I wonder if there
are any other methods that can be employed.... In principle, the sessionID
thing seems a good thing, but I am wondering how you can set it up in such a
way that the person can not change it.

I was thinking about some sort of double-check. Where, when a person comes
to the site, we register their session ID somewhere semi-hidden. Then when
we use this original session ID and check it against the session ID that is
present in the cookie / URL. If it does not match then we know there is
trouble........

Thanks again. That was funny to read!

Re: voting / polling system

I noticed that Message-ID: <R8cSe.8230$iM2 .818019@news.xt ra.co.nz> from
windandwaves contained the following:
[color=blue]
>I was thinking about some sort of double-check. Where, when a person comes
>to the site, we register their session ID somewhere semi-hidden. Then when
>we use this original session ID and check it against the session ID that is
>present in the cookie / URL. If it does not match then we know there is
>trouble....... .[/color]

If all you are doing is trying to prevent people voting twice in the
same session then you don't need cookies or databases for that. Simply
change a session variable from true to false and check for it when
recording the vote.


--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/

Re: voting / polling system

You could do something like what Google is doing with GMail
registrations: require your users to register to vote. Then, send their
confirmation numbers via SMS to their mobile phones. Don't allow the
same mobile phone number to be used to register more than one account.

Re: voting / polling system

On Sat, 03 Sep 2005 02:18:24 -0700, Anthony P. wrote:
[color=blue]
> You could do something like what Google is doing with GMail
> registrations: require your users to register to vote. Then, send their
> confirmation numbers via SMS to their mobile phones. Don't allow the
> same mobile phone number to be used to register more than one account.[/color]

You probably work for SBC or Cingular?
--

Re: voting / polling system

>> On Sat, 03 Sep 2005 12:35:30 +1200, windandwaves wrote:[color=blue][color=green]
>>[color=darkred]
>>> I thought about using the session ID as a unique identifier, what do
>>> you think?[/color][/color][/color]

This is more of a practical than technical solution. You might wan to consider
using Sephiroth's Flash MX Poll. It uses Flash's shared objects (Macromedia's
version of cookies) to "make sure" that users only vote once. The benefit is
that, as far as I know, cookie blockers don't intercept shared objects, and few
civilians know where they are stored to be deleted.




[Sorry for the short quote -- I already deleted the original msg when reading
replies.]

Re: voting / polling system

On Sat, 03 Sep 2005 17:17:38 +0000, usenet wrote:
[color=blue]
> This is more of a practical than technical solution. You might wan to consider
> using Sephiroth's Flash MX Poll. It uses Flash's shared objects (Macromedia's
> version of cookies) to "make sure" that users only vote once. The benefit is
> that, as far as I know, cookie blockers don't intercept shared objects, and few
> civilians know where they are stored to be deleted.[/color]

Can that run on Firefox under Linux or is it a MS-only solution?

--

Re: voting / polling system

On Sat, 03 Sep 2005 18:37:30 GMT, Mladen Gogala <gogala@sbcglob al.net> wrote:
[color=blue]
>On Sat, 03 Sep 2005 17:17:38 +0000, usenet wrote:
>[color=green]
>> This is more of a practical than technical solution. You might wan to consider
>> using Sephiroth's Flash MX Poll. It uses Flash's shared objects (Macromedia's
>> version of cookies) to "make sure" that users only vote once. The benefit is
>> that, as far as I know, cookie blockers don't intercept shared objects, and few
>> civilians know where they are stored to be deleted.[/color]
>
>Can that run on Firefox under Linux or is it a MS-only solution?[/color]

It's Flash + PHP + MySQL. I've used it only on LAMP platforms, and it works in
any browser where the Flash plugin is installed (which is almost 100% of the web
audience at this point).

BTW, you do not need to edit the Flash. There's an admin SWF that let's you
config the questions and answers. Just make sure you drop it in a
password-protected directory as advised in the documentation.

Re: voting / polling system

On Sat, 03 Sep 2005 19:28:20 +0000, usenet wrote:
[color=blue]
> BTW, you do not need to edit the Flash. There's an admin SWF that let's you
> config the questions and answers. Just make sure you drop it in a
> password-protected directory as advised in the documentation.[/color]

Thanks, I've never ever written a single line of code with the flash.
It looks increasingly popular, though.

--

Re: voting / polling system

windandwaves wrote:[color=blue]
> Hi Folk
>
> I am developing a voting / polling system.
>
> Eg.
>
> Who is your favourite sport star:
> a. mike
> b. sara
> c. frank
>
> and I want to make sure that one person can not vote more than one time.[/color]
Why?
Let them vote as often as they want, last vote gets counted.
As for how, can you get the MAC address of the voter?

Btw, is you are serious you've got to put a lot more effort into
that thing, like having a separate voter registration, blind signatures
and all that stuff to guarantee anonymity and fairness.

Lots of Greetings!
Volker