How to accurately identify the user in PHP?
Hello. There is a form where the user can vote. The problem is this: when a user voted, more than the opportunity to do more was impossible. You can just vote when you voted to keep the IP, but it's too unreliable, because IP changes myself, and if desired, it is - a matter of 10 seconds. Are there any more reliable methods of identifying the user?
4 answers
If you expect that a user will vote only in the browser and do not send the request, e.g. curl-ohms, I would gather as much information about the browser using JS:
1. UserAgent
2. The width and height of the window (maybe stupid)
3. Locale
And so on.
cookies, IP, HTTP, User-agent
When I studied the issue, took the stage:
1. ip it is changing, and some providers give one external ip for the whole network. Bad option.
2. Cookies/session. Around not too difficult, reset cookies/restart browser.
3. To force the user to log into the system. Ie need to register on your website.
4. That's not just username/password, and intricate, the type of confirmation via email.
5. Or even further with binding by phone number. This, at least, complicate the lives of "criminals".
But (!) all this corruption. Had an experience a few years ago when we did the vote via likes social.networking was not yet common practice the purchase of likes, but then passed over the crowd with daca and stupidly voted for the right person. To ensure objective public opinion cannot, accept and use as all cookies[+session][+ip].
To create a table that will be used to enroll user IDs that have already voted. And re-mapping of the survey, do a check and then have to output the results of the vote.
We once had 3 tables.
poll_questions - stored questions
poll_answer - stored answers
poll_users - chronica user ID, question ID and answer ID.
something like that
Find more questions by tags PHP
- Kameron_Hilpert34 commented on July 8th 19 at 15:43
Of course, if it is considered as a unit of the set of parameters, it is possible that only the more parameters these composite units, the easier it is to circumvent the protection, it is enough to change any of the settings. - winfield_Keeling commented on July 8th 19 at 15:49