0

I'm developing a web application with Django which involves some different polls. I display a question followed by some links, and the user clicks on the link which he/she prefers. For example:

<p>Which one do you prefer?</p>
<a href="http://domain.com/polls/15/vote/1" >Option 1</a>
<a href="http://domain.com/polls/15/vote/2" >Option 2</a>
<a href="http://domain.com/polls/15/vote/3" >Option 3</a>
<a href="http://domain.com/polls/15/vote/4" >Option 4</a>

Each link takes the two numbers 15 which represents the poll number 15 and increases by a vote the option selected, for example 1.

The problem comes that probably some users would start refreshing the webpage like crazies selecting their option, entering the link http://domain.com/polls/15/vote/1 in their browser to vote for it a lot of times.

Is there a way to avoid this problem? Should I store the IPs of the voters to the database for x time to avoid them voting more than once in x time? Wouldn't this be a problem for a lot of users?

Thanks!

Moe Far
  • 2,742
  • 2
  • 23
  • 41
lpares12
  • 3,504
  • 4
  • 24
  • 45

1 Answers1

1

Depends on how far you want to take it:

  • Submit the votes through ajax using POST method so there is no url to access directly from a browser
  • Add cookies for those who voted
  • Add captcha
  • Store IPs (here are some suggestions on how to store them efficiently, can also utilize something like Redis if performance is critical, but unless you are building a national voting system you probably would be just fine with a regular table)
  • Require registration to vote (registration with email confirmation, registration with facebook account, registration with sms confirmation, and so on)

Also whenever you detected a user has already voted, it could be a smart move to just silently ignore their further votes and pretend that they were accepted, this way they won't try nearly as hard to cheat.

Community
  • 1
  • 1
serg
  • 109,619
  • 77
  • 317
  • 330