The main problem with this, and others below that only
use the IP address, is that proxies mess everything up.
Glancing through my access_log, I seem to have an awful lot
of people from cache-rc09.proxy.aol.com and similar hosts.
You need to either specify a timeout, use cookies, or
use the HTTP_USER_AGENT value. Better yet, use all three.
Start by checking for a cookie. If it is found, stop (don't
allow the vote). If not, check the IP. If it has not been
seen before, go (allow the vote, save the IP). Otherwise, check the
user agent. If it's new, go. If not, check the timeout.
If it's over a certain time (say, 2 days) you might allow
it anyway. Some pseudo-code:
$ip=$ENV{'REMOTE_HOST'};
$br=$ENV{'HTTP_USER_AGENT'};
$timeout = 60*60*24*2; ## sec x min x hours x 2 days = seconds in 2 da
+ys
$cookie_found and &NoVote; ## NoVote exits
## Load data file, check for a match
open (IP, "< $ipfile") or &SeriousError;
$found=0;
while(<IP>) {
m/^$ip/ or next;
$found=1;
## IP matches - does the browser?
(undef,$brow, $time) = split(/##/,$_);
if ($br eq $brow) {
## Browser matches too - allow a timeout?
$^T-$time>$timeout and &Vote; ## exits
}
}
&Vote if !$found; ## This is a new IP
&NoVote;
sub Vote {
## Voting code here
## Set a cookie
print "Set-cookie: etc...";
##..and in case that doesn't work or they delete it:
if (open(IP, ">>$ipfile")) {
print "$ip##$br##$^T\n";
close(IP);
}
exit;
}
A final trick to slow down ballot-stuffing (someone
*could* write a perl script that changes the user agent
every time, in theory) is to limit the rate of voting by
sticking a sleep(15) in there, or by allowing the same
IP but different user agents to vote only after a timeout
of 30 seconds.
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.