Good point. Fortunately, this system will not have to reply on any such
thing. The votes are not critical either (ie its just gonna be used for
the ability for players to change or rarther vote to change certrain
aspects of the game). My resolution for this is that the minute they
connect to the server the server assigns them a userid. It is sequentially
given out but once a player leaves that userid can not be used again until
the server is reset. The chance that a player (I monitor by IP address)
gets the same userid within the same 30 minute or 1 hour game is very unlikely.
Thanks guys.
- Jim
At 10:57 AM 07.20.2001 -0500, Eric J. Wisti wrote:The one question that comes to mind:
What about AOL users, where there could be hundreds coming from the 'same
ip' (cache server)? Libraries and cyber cafes??
It may not be an issue for Jim, but it is still something to remember.
Many large companies and isps use cache servers, so ALL users appear to
come from one ip. Like Randal mentions, the isn't really a GOOD, SAFE
way to insure that someone doesn't vote twice, unless it is a secure site
with logins required or other unique information is used.
Some surveys that I have participated in, send out a unique 'password' that
is then logged and cannot be used to vote again. But these surveys are
from companies that have customer information for me and will only send me
one password.
On 20 Jul 2001, Randal L. Schwartz wrote:Date: 20 Jul 2001 08:36:44 -0700
From: Randal L. Schwartz <
[email protected]>
To:
[email protected]Subject: Re: hash comparisons...
Jim> I am building a voting script. This is particularly tough because of
Jim> the things I need to pay attention to such as disallowing corrupt
Jim> votes by someone voting multiple times. What I want to do is allow
Jim> players to revote. Their new vote will simply overwrite the first
Jim> vote. There is a list of other things I want to do but these things
Jim> all pivot around how I am going to do comparisons.
The "someone" part is hard. How do you tell if two uncorrelated hits
are from the same person?
Hint: you lose if you mention
cookies
IP address
browser signature
javascript
:-)
But I did cheat a bit, and use "same IP address within an hour" for
my unscientific polling mechanism for a recent WT column, at
http://www.stonehenge.com/merlyn/WebTechniques/col59.html--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<
[email protected]> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
--
To unsubscribe, e-mail:
[email protected]For additional commands, e-mail:
[email protected] Eric Wisti
Kinetic, Inc.
(651) 848-0477
- Jim
-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-
http://www.perlmonks.org/index.pl?node_id=67861&lastnode_id=67861-----BEGIN PERL GEEK CODE BLOCK----- ------BEGIN GEEK CODE BLOCK------
Version: 0.01 Version: 3.12
P++>*@$c?P6?R+++>++++@$M GIT/CM/J d++(--) s++:++ a-
++++$O!MA->++++E!> PU-->+++BD C++++(+) UB++++$L++++$S++++$
$
[email protected]!>++++(-)$S++++@$X?WP+>++++MO!>+++ P++(+)>+++++ L+++(++++)>+++++$ !E*
+PP+++>++++n-CO?PO!o >++++G W++(+++) N+ o !K w--- PS---(-)@ PE
*(!)$A-->++++@$Ee---(-)Ev++uL++>*@$uB+ Y+>+++ PGP t+(+++)>+++@ 5- X++ R@
*@$uS+>*@$uH+uo+w-@$m! tv+ b? DI-(+++) D+++(++) G(++++)
------END PERL GEEK CODE BLOCK------ ------END GEEK CODE BLOCK------
