Re: simple voting script

An important question is; what happens if two people hit submit at the same time? Do you have any locking scheme to prevent two instances from overwriting or corrupting the data files?

What about using a database, such that you can make a single transaction out of "delete name from pending votes, and increment vote tally for candidate A, B, C". Then you don't need to record how they voted, you're protected from simultaneous access, and they can't lose their vote or vote twice.

Comment on Re: simple voting script

Replies are listed 'Best First'.
Re^2: simple voting script by friar tux (Novice) on Apr 27, 2011 at 22:13 UTC
technicalities like two people hitting the submit button at the same time aren't my biggest concern. I just really want the functionality to work and I will confront any problems when I have them. my main problem is making a script that lets only members vote, vote only once and displays the current leaders\winners.	[reply]
Re^3: simple voting script by ww (Archbishop) on Apr 27, 2011 at 22:42 UTC
"I just really want the functionality to work" You may wish to reconsider your definition of "technicalities" and of "to work" as -- to me -- a working script/package is one which does what's expected, pretty much regardless of "technicalities (aka "unexpected events") and without opening yawning security holes. Then you should probably review html standards (4.01 assumed, as it will be much easier to find help on that than on 5.) and read (in Tutorials) about CGI; about SQLite, and other basics for the voting operation you're trying to set up. This is a case where there are "simple" answers and "safe" answers... and -- IMO --the two sets have very few intersections. You may want to consider running this year's election on dead trees or by fone or... and postpone realization of your ambitions until you have enough information (knowledge) to accomplish them.	[reply]
Re^3: simple voting script by JavaFan (Canon) on Apr 28, 2011 at 10:52 UTC
my main problem is making a script that lets only members vote, vote only once Then the first problem you need to solve (and the problem is only partial solvable by coding) is "how do I recognize a user", and "how much I'm willing to spend on it". There are all kinds of solutions, from just asking who the user is (easily forged) to encrypted connections, one-time-only paths, RSA dongles, etc. Things to consider (but the list isn't exhaustive): How anonymous must the voting process be? Tracking who voted gives up some of the anonymity. Do you need to exclude man-in-the-middle attacks? Do the voters themselves need to know they're talking to your voting system? That is, does authentication need to be both ways? The more complicated it gets, the more people won't bother to vote. Where's the trade-off when balancing "security" vs "voter count"?	[reply]
Re^3: simple voting script by Anonymous Monk on Apr 28, 2011 at 13:39 UTC
If corrupting all your vote data is a mere "technicality", then you should just stick with paper voting.	[reply]