how to limit the number of times an action can be made.

[Pacopag]

Hi.

I'm running a photo contest where viewers vote on the photos.  Right now I'm limiting the number of votes to 2 per ip address, per day.  But I'm worried that some people will know how to change their ip address and vote many more than twice per day.

 

Does anyone know of a good way to do something like this?  I want each unique visitor to be able to vote on each picture only twice per day.

 

Thanks,

[AyKay47]

set a unique id for each user, store the count for each user in a db and increment each time

[Pacopag]

The voters are not necessarily registered users.  I suppose I could create a session variable for each visitor, but wouldn't that get destroyed if they just reset their computer?

 

I was thinking maybe writing their ip and machine name to a db to use as a unique id, but I'm not sure how to get the machine name.  I think that gethostbyaddr() might work, but I read that it only works on Windows.

 

Is there any other info about the visitor that I could retrieve that would identify them as unique?

[TeNDoLLA]

One option for anonymous users is to gather user information and use COOKIE, but this is not very consistent either since cookies can be manipulated or emptied. Another option could be to gather data from anonymous users like user_agent, ip etc. and create profile for them based on this information to database, but its not even close to bullet proof either.

 

If you use sessions, the session will be destroyed when the user closes his browser, unless you again save it somewhere (file/db). And the same problem comes again: how to separate anonymous users from each other.

[AyKay47]

$_SERVER['REMOTE_HOST'] might also be an option here

[Pacopag]

What is the difference between

 

$_SERVER['REMOTE_HOST']

 

and

 

gethostbyaddr($_SERVER['REMOTE_ADDR']);

 

???

[TeNDoLLA]

http://php.net/manual/en/reserved.variables.server.php so according to the manual they are pretty much the same thing.

[Pacopag]

Is there any way to get the users' MAC addresses?

[TeNDoLLA]

No there is not. You would need access to local network or router that this user is connected to. And probably even then you could not get it using php.

[AyKay47]

there is no reason you would ever need a persons mac address..

[Pacopag]

Wouldn't mac address be a good way to identify unique visitors?  Can it be done client side, say javascript, and ajaxed to server?

[AyKay47]

no. why can't you use session id's for this..?

[Pacopag]

wouldn session ids get destroyed by system restart, or by using a different browser? 

[AyKay47]

cookies

[Pacopag]

But even cookies could be easily deleted.

[Pacopag]

When I do

 

echo(gethostbyaddr($_SERVER['REMOTE_ADDR']));

 

I get some kind of key followed by what looks like a domain related to my isp.  What exactly is this, and how uniquely does this identify the client?  Can this be easily changed by the client user?

 

Also, how would I use session ids to do what I'm trying to do?

[AyKay47]

im curious, havn't used this function yet.. can you post your results.

[Pacopag]

CPE0015e96c1a35-CM001ac35df5b0.cpe.net.cable.rogers.com