Snitz Forums 2000 - Poll mod authentication?

Snitz Forums 2000

Snitz Forums 2000

Home | Profile | Register | Active Topics | Members | Search | FAQ

Username:	Password:
Save Password
Forgot your Password?

All Forums

Snitz Forums 2000 MOD-Group

MOD Add-On Forum (W/O Code)

Poll mod authentication?

New Topic

Reply to Topic

Printer Friendly

Author

Topic

Zenfor
Junior Member

372 Posts

Posted - 28 December 2015 : 11:57:54

For non registered users, does the poll mod block anonymous IP's, proxy servers, or does it do anything to prevent duplicate voting by non registered members other than allow one vote per IP?

I have a feeling some non-registered folks are voting multiple times on my site.

Thank you!

Carefree
Advanced Member

Philippines
4207 Posts

Posted - 28 December 2015 : 19:36:43

No. Cookies, anonymous IPs, proxy servers, etc.; can all be manipulated. There is no way to prevent someone who isn't signed in from voting multiple times, unless you restrict voting to members only. That's an easy fix.

"post.asp"


Look for the following lines (appx: 817-832), and delete the lines in red.

if Request.QueryString("poll") = "1" and (strRqMethod = "Topic" or strRqMethod = "EditTopic") then
	Response.Write "	<tr>" & vbNewline & _
			"        <td bgColor=""" & strPopUpTableColor & """ noWrap vAlign=""top"" align=""right""><font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """><b>Who Votes:</b></font></td>" & vbNewline & _
			"        <td bgColor=""" & strPopUpTableColor & """>" & vbNewline & _
			"		<select name=""WhoVotes"" size=""1"">" & vbNewline & _
			"			<option value=""everyone"""
	if strWhoVotes = "everyone" or strRqMethod = "Topic" then Response.Write(" selected") 
	Response.Write ">Everyone</option>" & vbNewline & _
			"			<option value=""members"""
	if strWhoVotes = "members" then Response.Write(" selected") 
	Response.Write ">Members Only</option>" & vbNewline & _
			"		</select></td>" & vbNewline & _
			"    </tr>" & vbNewline
end if

Now, if you simply want to eliminate the bulk of anonymous/proxy users (it won't stop the really determined), you could do something like this. This does not set a cookie to indicate non-members have voted. That's another step.

"topic.asp"


Look for the following lines (appx 429-430):

'################################## Poll Mod #####################################
Select Case Request.Form("Method_Type")


Change those to say:

'################################## Poll Mod #####################################
strPollType = Request.Form("Method_Type")
ua = Request.ServerVariables("HTTP_USER_AGENT")
rp = Request.ServerVariables("REMOTE_PORT")
If rp > 9000 And rp < 9100 Then strPollType = "Proxy"
If InStr(ua, "Forwarded") Or InStr(ua, "Via") Or InStr(ua, "Proxy") Or InStr(ua, "forwarded") Or InStr(ua, "via") Or InStr(ua, "proxy") Then strPollType = "Proxy"
Select Case strPollType
	Case "Proxy"
		Response.Write "<p align=""center""><font face=""" & strDefaultFontFace & """ size=""" & strHeaderFontSize & """> </font></p>" & vbNewLine & _
			"<table align=""center"" border=""0"">" & vbNewLine & _
			"	<tr>" & vbNewLine & _
			"		<td align=""center""><font face=""" & strDefaultFontFace & """ size=""" & strHeaderFontSize & """>Voting not allowed for proxy or anonymous connections!</font></td>" & vbNewLine & _
			"	</tr>" & vbNewLine & _
			"</table>" & vbNewLine & _
			"<p align=""center""><font face=""" & strDefaultFontFace & """ size=""" & strHeaderFontSize & """> </font></p>" & vbNewLine
		WriteFooter
		Response.End

Edited by - Carefree on 28 December 2015 20:14:16

Zenfor
Junior Member

372 Posts

Posted - 28 December 2015 : 19:43:56

quote:
Originally posted by Carefree

No. Cookies, anonymous IPs, proxy servers, etc.; can all be manipulated. There is no way to prevent someone who isn't signed in from voting multiple times, unless you restrict voting to members only. That's an easy fix...

That's what I thought. Thank you!

Carefree
Advanced Member

Philippines
4207 Posts

Posted - 28 December 2015 : 20:16:03

You're welcome. If you opt to go with writing/reading a cookie, we can add that; but a savvy user determined to vote multiple times will simply delete the cookie.

Davio
Development Team Member

Jamaica
12217 Posts

Posted - 28 December 2015 : 20:16:03

Yeah, only way to prevent multiple users from voting is to set the poll as members only.
The only way non-members who voted are tracked is via cookies, which can easily be by-passed by deleting your cookies.

Support Snitz Forums

Davio
Development Team Member

Jamaica
12217 Posts

Posted - 28 December 2015 : 20:17:11

quote:
Originally posted by Carefree

You're welcome. If you opt to go with writing/reading a cookie, we can add that; but a savvy user determined to vote multiple times will simply delete the cookie.

Isn't that what it currently does Carefree? I'm pretty sure I didn't leave the non-members voting without some basic tracking of who voted.

Support Snitz Forums

Carefree
Advanced Member

Philippines
4207 Posts

Posted - 29 December 2015 : 00:51:46

quote:
Originally posted by Davio

quote:
Originally posted by Carefree

You're welcome. If you opt to go with writing/reading a cookie, we can add that; but a savvy user determined to vote multiple times will simply delete the cookie.
Isn't that what it currently does Carefree? I'm pretty sure I didn't leave the non-members voting without some basic tracking of who voted.

Yes, it does. It's in a "inc_func_common.asp" routine. So, if the anonymous people are voting multiple times, they are deleting the cookie and there's nothing that can be done about it.

Topic

New Topic

Reply to Topic

Printer Friendly

Jump To:

Snitz Forums 2000

© 2000-2021 Snitz™ Communications

This page was generated in 0.11 seconds.

Powered By: Snitz Forums 2000 Version 3.4.07