FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


[php/cookies] poll on two sites





jasperlevink
Hello folks!
I made a poll for a friend. He has two sites and he wants to have the poll on both sites. I use cookies to check wheter someone allready has voted. I know that's not really a solid security. But it's enough.

I've got two questions:
Can I at site 1 change and read the cookie belonging to a site 2?
Can I log in to more then one database (not necessairily at the same time)? (of which one is external?)

Grtz.
Jasper
holadola
jasperlevink wrote:
Hello folks!
I made a poll for a friend. He has two sites and he wants to have the poll on both sites. I use cookies to check wheter someone allready has voted. I know that's not really a solid security. But it's enough.

I've got two questions:
Can I at site 1 change and read the cookie belonging to a site 2?
Can I log in to more then one database (not necessairily at the same time)? (of which one is external?)

Grtz.
Jasper


Hi Jasper.

You can not read or change a cookie belonging to another site unless both sites are subdomains to the same domain in which case I think it is possible.

Yes, it is possible to login to multiple databases.

/hd
jasperlevink
Then I think I have a problem.
Maybe anyone knows a solution!
Right now I check the cookies to check wheter someone allready casted a vote. I know this is not secure at all. The only problem is that people get redirected from site 2 to site 1 to see results from earlier polls. It looks rather strange and unprofessional if these people can vote again at site 1...

Grtz.
Jasper
holadola
jasperlevink wrote:
Then I think I have a problem.
Maybe anyone knows a solution!
Right now I check the cookies to check wheter someone allready casted a vote. I know this is not secure at all. The only problem is that people get redirected from site 2 to site 1 to see results from earlier polls. It looks rather strange and unprofessional if these people can vote again at site 1...

Grtz.
Jasper


One solution is to save the IP of the voter in the database, and only let each IP vote once. Ofcourse some problems occur when multiple users are behind the same firewall or when they recieve a new dynamic IP from their ISP, but it will solve the immidiate problem.

/hd
Rhysige
Loggin the IP have the IP get deleted from the DB every 24 hours or so is about the only option I can suggest.
jasperlevink
Maybe it's a good idea to temporarily save the IP. I didn't choose for IP identification because the main target are companies. Where very often everybody has the same IP. But by registering the IP for let's say 30 mins after voting.
When the user goes to site 1 for other results I can delete the IP and make a cookie.

Is it possible to automatically delete a cookie after 30 mins?

Grtz!
holadola
jasperlevink wrote:
Maybe it's a good idea to temporarily save the IP. I didn't choose for IP identification because the main target are companies. Where very often everybody has the same IP. But by registering the IP for let's say 30 mins after voting.
When the user goes to site 1 for other results I can delete the IP and make a cookie.

Is it possible to automatically delete a cookie after 30 mins?

Grtz!


A cookie is always set with an expire time. How to set the time depends on the scripting language used. The most usual way it that the expire time is an argument to the function that set the cooike.

As I understand this you want to save the IP from the user and when he is redirected to the other site you delete the IP from the database and replaces it woth a cookie.

If this is the kind of solution you are looking for maybe you want to set the cookie for all users redirected from the other site instead, then you wont need to save the IP at all.

/hd
jasperlevink
Thanks for your reactions!

People are able to vote on both sites. (which would be two cookies practically I understeand). I don't understeand what you mean with "for all users redirected from the other site instead".

I want the registered IP (in a db) to be deleted automatically in 30mins! is that possible?

Or does anyone know a better solution?
holadola
jasperlevink wrote:
Thanks for your reactions!

People are able to vote on both sites. (which would be two cookies practically I understeand). I don't understeand what you mean with "for all users redirected from the other site instead".

I want the registered IP (in a db) to be deleted automatically in 30mins! is that possible?

Or does anyone know a better solution?


When the user has voted on site A he is redirected to site B, right? If you first set a cookie on site A saying that the user has voted and then redirect him to site B he can not vote at site A any more. When the page is loaded at site B it cout either look ar (in PHP) $_SERVER["HTTP_REFERER"] or if you send some information with the redirect (eg. redirect to http://siteb.com/script.php?voted=1) a cookie can be set at site B.

If you use an advance database jobs that clear old entries in the database can be used. Otherwise just ignore old entries in your SQL select (or delete them when accessing the database).

/hd
jasperlevink
I think I'll send some information along with the redirection as you said!
Thanks for your reactions!
Grtz.
Related topics
Reply to topic    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.