2
I set up a simple polling system in which it is possible to vote only once per IP. However, it records the network IP and not the user’s computer, making it impossible for other equipment on the same network to vote. I have already searched on Google and found no alternative to remedy this problem. I would like your suggestion.
2
It is impossible differentiate two equipments that use the same network using only your website, regardless of the programming language you use on your server, there are still some alternatives, such as cookies, which however can be easily circumvented if the user wants to clean the browsing data, follow suggestions:
The most you can do is create a cookie, or "maybe" localStorage Javascript, but it does not mean that you will have guarantees against vote fraud, because the user can simply delete cookies or the localStorage and that is it, he can vote again.
Another solution is to create an app, which will use another type of identification, such as the person’s mobile number, of course the votes could only be made by the app, so no website, only webservice and a token for identification between client and server, this way it would be much more difficult for the user to circumvent.
If you really want via the web a way to ensure that the vote is real is by validating via other means, such as email, for example:
This same technique could be used with validation via SMS, of course this will depend on a service that sends and receives SMS.
A few years ago some big websites were accused of using a technique called zombie cookie or evercookie or persistent cookie (had other names for this, if I remember I will edit), is a technique fairly variant, which usually consists of creating the cookie and using other aspects such as:
In other words, it recorded in several ways a simple reference that would serve as identification to regenerate the cookie if the user cleaned all navigation data, so as long as the page was open, even cleaning the data they were regenerated, still more advanced users knew well how to bypass it.
Understand that I am not talking to make use of this and I will not even provide a code for this, I am just commenting because the subject seems appropriate here, since the technique was created with a similar purpose.
This technique although bringing a reasonable efficiency still has controversies and maybe in Brazil do not cause anything as a process, yet the technique has been accused of violating the user’s privacy, including Microsoft itself went through something like this by using a "cookie" to identify users, which later after the polemics was disabled.
Browser other questions tagged php mysql
You are not signed in. Login or sign up in order to post.
https://stackoverflow.com/questions/13646690/how-to-get-real-ip-visitor Reply here at stackoverflow
– Wees Smith
It is impossible to identify the language-independent "user machine" running on your server.
– Guilherme Nascimento
@Weessmith this ai is to try to solve problems with PROXY and not with equipment.
– Guilherme Nascimento
What is your suggestion then to allow a poll to be voted only once per computer.
– Eduardo
@Guilhermenascimento did not know it was impossible, so the most appropriate solution would be to use an identifier, such as a DDD phone number
– Wees Smith
@Eduardo could use a long-term cookie, but if the user clears the cookies then he can bypass the system, there is no guaranteed solution.
– Guilherme Nascimento
um, I got William, I’ll take a look at what I do then.... thank you all.
– Eduardo
Not to mention that the user can use another browser. Then that cookie will not be used. It is better to use an identifier (phone, rg, Cpf). Because even if the user does not have the cookie in that browser he will not be able to vote twice.
– Andrei Coelho
with php vc can make use of some information obtained through
$_SERVER['HTTP_USER_AGENT']such as browser, browser version. Also with$_SERVER['HTTP_ACCEPT_LANGUAGE'], in addition to Guilherme Nascimento’s tips. The more information you get, the closer you get to the desired.– user60252