0

I am building a website for a guy. I'm not an experienced developer at all but he's kind enough to let me give it a shot. I want to build a user-less voting system where people don't have to create an account and login to vote and comment on blog articles on his RSS feed. I'm trying to create validations to prevent multiple voting from the same person. Don't know how I would go about doing that. Any ideas are welcome!

Here's my votings controller: 

def upvote
    @voting = HomeBlog.find(params[:home_blog_id])
    @voting.votings.build( :upvote => true, :downvote => false)
    @voting.save!
    redirect_to request.referrer, notice: "Thanks for the vote!"
  end

  def downvote
    @voting = HomeBlog.find(params[:home_blog_id])
    @voting.votings.build( :downvote => true, :upvote => false)
    @voting.save!
    redirect_to request.referrer, notice: "Thanks for the vote!"
  end

The page view: 

p id="notice"><%= notice %></p>

<div id="blog-post-show">
  <div id="voting-count">
    <%= link_to(home_blog_upvote_path(@home_blog.id), {method: :post}, html_options = {})do %>
    <%= @home_blog.votings.select { |v| v.upvote == true}.count %><%= image_tag "if_icon-ios7-arrow-up_211690.png" %>
    <% end %><br>
    <%= link_to(home_blog_downvote_path(@home_blog.id), {method: :post}, id: "downvote") do %>
    <%= @home_blog.votings.select { |v| v.downvote == true}.count %><%= image_tag "if_down_1303877.png" %>
    <% end %>
  </div>
  <h3 id="blog-post-show-title">
    <b><%= @home_blog.name %> | <%= @home_blog.created_at.to_date %></b>
  </h3>
  <%= @home_blog.entry.html_safe %>

</div>
dmberko11
  • 427
  • 7
  • 17
  • only option looks like cookies, where you may store in the browser, that vote has been cast from this computer, or you may suggest social plugins for voting, they let user allow login via their social networking sites user before voting or commenting on blog post. – Sudipta Mondal Aug 31 '18 at 03:19
  • I agree. It probably comes down to either or. Thanks for the quick comment! Maybe I'll incorporate a facebook social plugin for comments and the voting system – dmberko11 Aug 31 '18 at 03:30
  • Try to get one, which also gives stats on users, just an added advantage for your client :) – Sudipta Mondal Aug 31 '18 at 03:35
  • Wouldn't that be nice. I could include that data on users along with Google analytics in the admin panel of the website. The client would love that lol – dmberko11 Aug 31 '18 at 03:40
  • If you're not looking for login at all, you can do it in 2 ways, 1. Use the ip address and tie that to the session, 2. Use a unique ID and tie the same to sessions, however the 2nd approach is a faulty system. You already have a [gem](https://github.com/ryanto/acts_as_votable#the-voter) – Kedarnag Mukanahallipatna Aug 31 '18 at 03:56
  • I don't know if I can get the IP of the site visitor or not. I researched that because I thought that'd be a brilliant way to use that as the user_id variable for a session. In my research people make it sound like obtaining site visitors' IPs can't be done with accuracy, blah blah blah. I don't know enough to say that's BS or not haha – dmberko11 Aug 31 '18 at 04:14
  • That is true, it is hard to fetch the exact IP address in a real world scenario, as your application will be behind a proxy and at that time it's more of a guess work for the libraries. – Kedarnag Mukanahallipatna Aug 31 '18 at 07:23

1 Answers1

0

You can choose between three possible solutions to this problem:

  • Store a cookie in the users' browsers. But the problem is that technically skilled users can overcome this protection. They can switch to different browsers or delete the particular cookie in their browsers and vote again.

  • Store the votes in the database with the users IPs. But the problem with this solution is that users and IP addresses are not mapped one to one. Many people share the same IP.

  • Allow only signed-in users to vote and store a flag in the database. Which in my opinion is the best solution if you want to prevent multiple voting from the same person.

John Baker
  • 2,315
  • 13
  • 12
  • I believe I'm going to make people sign up and log in to comment or vote, as much as I didn't want to do that. I see little choice. Thanks for the answers everyone – dmberko11 Aug 31 '18 at 16:58