How to get IP address 4

[Herminio]

i building a site for polls and i want to prevent double votes based on IP address, how can i do that?

Thanks in advance

Herminio, Portugal

 

[spazman]

request.ServerVariables("REMOTE_ADDR&quot will give you the IP of the visitor.

 

[Herminio]

and what should be the code for prevent the double votes form that IP?

Should i put the IP on the DB for future comparison?

 

[spazman]

write the ip to a table, possible the survery results table, and query the table before you post.

I.E.

strSQL = "SELECT * FROM survey WHERE ipaddr='" & request.ServerVariables("REMOTE_ADDR&quot & "'"
Set IP_RS = dbconn.Execute(strSQl)
If Not IP_RS.EOF Then 'you have a duplicate
your code to tell them no double posting
Else 'first time poster
your code to added the survey results here
End If 'checking for duplicate entries

 

[lottastuff]

Hate to rain on your parade, but IP addresses are a poor means of identifying a voter for two reasons; proxies and Dynamic Host Configuration Protocol (DHCP).

Proxies:
All the folks on an Intranet that access the Internet via a proxy server, or a small number of proxy servers, will look like the same individual, i.e. they will all have the IP address of the proxy server.

That would translate to one employee of ABC Corp. voting and then every other employee of the same company not having their vote count.

DHCP
Unless they have a fixed IP address (uncommon umong the general public; fixed IPs generally used by folks that have a server running services accessed via a DNS), each time a user starts their machine, they get a new IP address.

Alternatively, why not cookie the user when they vote? Set the cookie's expiration date to after the voting no longer matters. Unlike a session cookie that dissapears when they close their browser, the cookie will be present anytime that user your site after visiting the page that issues the cookie.

see

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/iisref60/htm/ref_vbom_resoccook.asp

for how to set the cookie.

see

http://msdn.microsoft.com/library/d...y/en-us/iisref60/htm/ref_vbom_reqoccookie.asp

for how to detect it.

Granted, a determined user could clear all cookies, or vote from different machines. But no solution is going to be perfect.

 

[Falcon99]

Another solution would be to require the voter to Login.

Having them create a "free" login account will insure they only vote once.

HTH

 

[Herminio]

To lottastuff

if i use cookies to prevent double voting the only thing the user needs to do is to delete the cookies(or only the cookie of the site) and he/she can vote again without any problem, am i wright?

 

[Falcon99]

Hermino,
That is correct. Also the user could have the browser set not to accept cookies. Also the cookies pertain to that particular machine. The user could have 3 machines enabling him to vote 3 times.

HTH

 

[Tarwn]

There is no perfect solution to this, you have to choose the one with the least negative impact, based on the importance of your polling.

IPAddress:
Positive: Very easy to code, simply add to a table in the db after getting it from ServerVariables collection
Negative: User with DHCP could vote multiple times, User behind proxy will send proxy address, not allowing anyone else behind that proxy to vote

Login:
Positive: Users will only be able to vote once
Negative: Longer coding time as you have to have the login page and a verification script. Users will be forced to log in, causing them extra work.

Cookie:
Positive: No login, small amount of work for you, simply write the cookie after someone votes and check for it's existence before someone votes
Negative: You are placing a long term cookie on someones machine, possibly one cookie per poll which would be excessive. People might have cookies disabled or erase a cookie once you give it to them.

You'll need to look at the importance of the poll vs the amount of work you want to do vs the amount of work your going to expect the client to want to do in order to answer the poll. In most cases IP number is assumed to be adequate despite it's failings because the majority of people are not going to take advantage of DHCP IP changes.

Just thought I would bring all the info together into one place for to look at,

-Tarwn ________________________________________________________________________________
Want to get great answers to your Tek-Tips questions? Have a look at faq333-2924

 

[Herminio]

Thanks guys, the objective of the site is to just get the opinions of the people for those issues in my country, i think i'm going to use IP,but there are some things i'd like to ask.

1 - do i have to create a new record in the DB for every IP?

2 - Should i create a table that have a relation with the ID of the Poll and just add a record to that table?

Please help me out on this, you're much more experient that me and can give your experts opinion.

thanks in advance

Herminio, Portugal

 

[Herminio]

hei guys, help me on this please

 

[frosty7700]

Answer to #1 - Yeah, a new record for each IP.
Answer to #2 - If there's only 1 poll, then all you need is an IP table with one column/field in it that records each IP address. If there will be multiple polls, there are several ways to go about it:

-If you won't be storing any info about the poll other than an ID # in the database, just use a single table like above, but with an additional field for the ID of the poll in question.
-If you'll be storing other info about the polls (e.g. title, etc.) you'll want a separate Poll table with an ID field and fields for any other desired data. Then, create the IP table with a field for the Poll ID and one for the IP address. You should also create some sort of autonumbered Row ID field as a key (just because...even if you don't use it right away, later you may be glad you did). Create a new row any time a poll response is submitted.