restricting users

Anon

Hi all

I've created a way for people to vote for things on my site but I only want people to be able to vote once.

I'm very new to this so I need some guidence. Can I use a cookie (if so how)?
Also, I have an IP field in my mysql database that records peoples IP. If I make this a 'unique' field how do I get my php code to tell the user they have already voted? (ie the database regets a suplicate IP so returns an error of 'Sorry you have already voted')

I will be most greatful for any help on this!

Many thanks

Woza

sp0rk

Just some ideas...

The client can't be trusted, so cookies are right out, imo. The logic for checking ip's agains a database is pretty trivial.

if(ip is in database) {
tell the user he's been bad
}
else {
add ip to database
register vote
}

The most tamper-proof thing to do is to require some sort of login before the users can vote. This gives a bonus of being able to store voting statistics, which might be intresting.

siteworkspro

use both cookies and ip, as people on dial up have dynamic ips.

Kill Textboxes Forever!
http://www.tools2code.com/editworkspro_php