Save ip? Or how should i do? [Voting system]

[_cornex_]

Hello again!

 

I gonna create a simple voting system.

How should i save in database to avoid dubble votings. Save their ip-adress?

 

It feels like they just can change ip and vote again..

Bring me some light into this!

 

Thanks on advance,

Cornex

[brentman]

Ideally you only let "Registered users" vote. Then you block that account from voting again. This assumes you have already established security on peoples accounts to avoid duplicates.

 

If that does not apply to you, it really depends on how secure you need this to be.

 

You could block by IP, that would probably be the best solution. You can double up security by also placing a cookie that says they had voted already (helps if people try to change their IP).

 

If you want to get crazy, you can fingerprint their system, or install zombie cookies. But those are pretty intense operations for a simple voting system.

[DavidAM]

In general, everyone in the same house or the same office will have the same public IP so, blocking by IP only allows one vote per gateway.

 

Cookies can be removed by the user, so that is not dependable. Besides, i could vote with Firefox, then with I.E., then safari, ... every browser has its own cookie jar.

 

Requiring a login is the only way to restrrict -- and that's only by login, if users can register with different credentials, then they can vote multiple times.

 

The only sure way to restrict is to have an ironclad registration and login system.