i have competition scripted in php, vote based. 1 ip, 1 person can vote 1 time. have log of ip addresses voted, see strange. ip addresses appear for="ip_address:port", while others ip_address, , see 1 ip address, formatted for="..." appear there multiple times, different ports. can please explain me? how users this, should ban them competition this?
i use function user ip address:
function get_client_ip_env() { if (getenv('http_client_ip')) $ipaddress = getenv('http_client_ip'); else if(getenv('http_x_forwarded_for')) $ipaddress = getenv('http_x_forwarded_for'); else if(getenv('http_x_forwarded')) $ipaddress = getenv('http_x_forwarded'); else if(getenv('http_forwarded_for')) $ipaddress = getenv('http_forwarded_for'); else if(getenv('http_forwarded')) $ipaddress = getenv('http_forwarded'); else if(getenv('remote_addr')) $ipaddress = getenv('remote_addr'); else $ipaddress = 'unknown'; return $ipaddress; } also, if know reference , manual predefined variables in php, please share me.
ip addresses http headers can spoofed , lot of users (mainly mobile users on example wifi connection) have lease times on ip addresses short, enabling them vote again.
that said can combine options, example check ip address and set cookie make harder around.
if set port ip address not match database records/list of ip addresses. should ban them that? can't answer that.
most of checking method based on request says ip address, http headers, spoofed. don't trust them or accept poll not going accurate results.
if want fair voting system allows 1 vote per person need use else ip address identify user.
Comments
Post a Comment