07-25-2002, 02:14 PM
Im making a poll for my site, but i dont want someone to be able to click the button and submit their answer twice. I thought i should kepp an IP adress log, and check their ip to see if its in the list before it updates the poll. Could someone please help me with this, and if their is a better way I would be glad for any suggestions.
07-25-2002, 02:28 PM
If you were expecting a large number, a database would be your
only option. But this isn't very useful anyway, because most of
the world still accesses the internet via ISPs who dispense
dynamic IP addresses. A better way is to combine IP with Email
address, but even that can be gotten around if someone wants
to submit more than once.
07-25-2002, 04:07 PM
Cookies would be a better option. When the user submits your form, check if they have the cookie. If they do, cancel the submission, (by returning false in the forms onSubmit event), and if they don't, then set the cookie and return true.
07-26-2002, 07:41 AM
If you want to maximize the validity of the poll results, do a three fold check.
1) Only allow users to vote in the poll if they have cookies enabled
2) Store a unique key in a cookie on the user's machine. Also store this key in a database record
3) Within the same database record mentioned above, save the user's IP address
Checking for previous votes
When the user comes back to visit the site, attempt to read the cookie from their machine. You should be successful in doing this with the vast majority of users. It will only fail if the user has cookies disabled or has deleted all of the browser's cookies.
If the reading of the cookie fails, then you must fall back on the IP address of the user. Here, you'd want to compare the IP address in the database with the one the user is currently at. Many users will be on static IP addresses, but even if it's dynamic you should be able to compare the first three parts of the IP.
Additionally, if you're extremely worried, you could take a "signature" of the person's system (screen resolution, OS, Browser, etc). Store all of these things with the IP address and you could develop a scheme to see if it's the same user. For example, the user wouldn't have to exactly match every item -- a certain threshold could be utilized. But, like I said, you'll be able to verify the majority of users via the cookie -- just make sure you set an adequate expiration date for it.
07-26-2002, 07:42 AM
' to view the cookie
' to set the cookie
document.cookie = "key=value";
When setting cookies, you should also set an "expires" attribute, and this tells the browser when the cookie should be removed.
var nextYear = new Date();
nextYear.setFullYear(nextYear.getFullYear() + 1);
document.cookie = "key=value; expires=" + nextYear.toGMTString();
To remove a cookie, simply set the "expires" date to yesterday - the browser will then delete it.
You can read more about cookies on the www.w3schools.com site.
09-08-2002, 06:11 PM
Originally posted by Mushroom Realm
How do i do cookies
For ASP to put cookies:
Where the first field is the cookie name while 2nd file is cookie value.
To check for cookies:
Then to check whether he has visited your site:
If Request.Cookies("Did.u.come")="" Then
Response.Write "Hi, this is your first visit"
Response.Write "Welcome back"
Something like that. :)
Hope it helps.