phpbb question

  • Vladdrac
  • Mastermind
  • Mastermind
  • User avatar
  • Posts: 2136
  • Loc: Louisville, Ky

Post 3+ Months Ago

I am not exactly sure where to put this topic, so I am just going to throw it in here.

My freind has a phpBB forum and he is trying to run a competition. The problem is that people are signing up new accounts and revoting for themselves.

I would like to know any ideas you all may have on how to stop this from happening. He already knows about tracing the ip, but there is a problem with maybe relatives or freinds that do not have a computer using this.

Thanks for the input.
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Axe
  • Genius
  • Genius
  • User avatar
  • Posts: 5739
  • Loc: Sub-level 28

Post 3+ Months Ago

Does he have user authentication turned on for new registrants? (so that they have to click the URL in an E-Mail to activate their account?)

If not, turning that on would be a start and deter some users. Using a script that uses cookies to store the vote, rather than whether or not a particular username has voted would be another way.
  • Vladdrac
  • Mastermind
  • Mastermind
  • User avatar
  • Posts: 2136
  • Loc: Louisville, Ky

Post 3+ Months Ago

so if the computer has a cookie the script would not let it vote eh?

that is a good idea
  • Axe
  • Genius
  • Genius
  • User avatar
  • Posts: 5739
  • Loc: Sub-level 28

Post 3+ Months Ago

Well, if it stores whether somebody at that PC has voted before, unless they go in and delete the cookie (which can take a while to locate in the first place if they have 10,000 cookies on their system - as many people do, heh), then even if they login as 50 different people, the script will register that they have voted.

Another alternative could be to store both the username and IP address in the database for voting. That way, if they attempted to vote with the same username from several PCs, or attempting to vote with 50 different usernames from a single IP address, it would make it very difficult for them to get around - this combined with the client-side cookies, and making sure users authenticate via E-Mail after registering would make it very difficult for people to get around it :)

Post Information

  • Total Posts in this topic: 4 posts
  • Users browsing this forum: No registered users and 107 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.