Voting System (?)

Anon

I'm looking for a tutorial on how to make a voting system in PHP. Basically I have 3 sites on a page, and I want users to be able to rank them out of 10, and the top ranked site is displayed highest, then the next, and so on.
I imagine this wouldn't be too hard but I don't know how to start.
Any guidance would be great.

Cheers

Jesse

Anon

First and foremost, given the current events in the US, you have to decide if your system will allow for hand recounts! :-)

But seriously, all you have to do is accumulate a total of the ranking (0-10) each time someone votes, along with a count of the votes so you can scale the raw total score. If you want to prevent ballot-box stuffing, then you also need to remember each vote in a separate table, so you can prevent a given user from voting more than once for the same item (unless you're from Chicago, Miami, or the Univ. of Wisconsin, of course.)

Anon

First of all, great one Kirk!

Then about voting systems, to prevent someone from voting twice, I set a cookie on the user side and log his/her IP address in the voting table.

I got this script from a site (and I don't remember which one actually) and simply modified it to my liking. This means a certain amount of moderators on a given site can create polls for their site and close them after a certain time.

Ofcourse a cookie can be deleted and an IP address is usually dynamically different on each call. So it's not solid.

I suggest you just do the same, get some script from sites like www.hotscripts.com and adapt it to your likings.

Anon

Ofcourse a cookie can be deleted and an IP address is usually
dynamically different on each call. So it's not solid.

That's putting it mildly. There is not now (nor has there ever been, for that matter) a one-to-one correspondence between users and IP addresses. There are so many shortcomings in an ip-address-based system that it's hardly worth doing. Beside the large number of dialup customers (where not only does the user get a different IP each time so they aren't prevented from repeat voting, but also someone else is going to get the original ip address that "voted" and be wrongly prevented from voting), you also have a large number of users behind NAT routers/firewalls and proxy servers, plus any number of users on multiuser machines (yes, those still exist, even if most people reach them now via telnet on a pc of their own rather than a serial terminal.) There are so many holes in the system that it does little to raise the credibility of the vote.

Anon

I agree, completely.

It's just that if someone asks how to prevent someone from voting twice, that's about as much as you can do to prevent that. However if the question is if this is wise that's when your reply comes in.. It's not wise, but it all depends on the severity of the poll I guess.

A poll "What's your favorite colour" or "How do you rate this website".

Someone who thinks your site sucks, would gladly re-vote his opinion more than once. However, if it would require him to log off and try again it's less likely he would do that more than once, or your site REALLY sucks of course ;-)

As long as people are able to hack their way into any secured system as long as they really really want, the safest security would be to turn off your webserver. You can however make it as less appealing as possible, but always have to bear in mind if your system is still attractive to the "normal" visitor.

A bit too high scaled perhaps for a voting system, but you could limit the number of votes you receive within XX minutes. Just like your average nuke-prevention for forums. Let's say you get 100 votes in one minute on your average 100 user a day website that would justify to ignore voting for a amount of time and log the IP-address. You could send the webmaster a message saying this particular IP address submitted 100 votes in less than one minute. You could then simply execute a query to delete votes placed on that day, from that ip-address.

Anon

but you could limit the number of votes you receive within XX minutes.
Just like your average nuke-prevention for forums.

Yes, that would mitigate lots of the disadvantages!