{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Lonely孤独者° 的问题《Public votes and avoiding mutliple vote: using coo》','https://www.manongdao.com/q-586997.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
How do you handle public vote (anyone can "like or dislike" an article) and to restrict him to vote only one time?
Have I to use cookies? (with the problem that he can remove the cookie and vote x999 times) or I store his IP in database?
相关问题
- Is there a limit to how many levels you can nest i
- How to toggle on Order in ReactJS
- void before promise syntax
- Keeping track of variable instances
- Can php detect if javascript is on or not?
Instead of cookies could use evercookie, which is much harder (but still possible) to bypass.
I'd say do both so that if there are people with dynamic IP they will have to change IP and delete cookies at the exact same time.
If the user authenticates, ie they vote as themselves, throw a record in the database saying the user has already voted. For anonymous voters you are limited to cookies, local storage, ect.
The solution has three parts:
Using only the IP is not appropriate as it can leave tons of people out of the voting system.
Use the IP.
While you may cause a bunch of people from only voting once from behind one IP, the alternative is trivial to bypass (don't store cookies).