Good point. Fortunately, this system will not have to reply on any such
thing. The votes are not critical either (ie its just gonna be used for
the ability for players to change or rarther vote to change certrain
aspects of the game). My resolution for this is that the minute they
connect to the server the server assigns them a userid. It is sequentially
given out but once a player leaves that userid can not be used again until
the server is reset. The chance that a player (I monitor by IP address)
gets the same userid within the same 30 minute or 1 hour game is very unlikely.
Thanks guys.
- Jim
At 10:57 AM 07.20.2001 -0500, Eric J. Wisti wrote:
>The one question that comes to mind:
>
>What about AOL users, where there could be hundreds coming from the 'same
>ip' (cache server)? Libraries and cyber cafes??
>
>It may not be an issue for Jim, but it is still something to remember.
>Many large companies and isps use cache servers, so ALL users appear to
>come from one ip. Like Randal mentions, the isn't really a GOOD, SAFE
>way to insure that someone doesn't vote twice, unless it is a secure site
>with logins required or other unique information is used.
>
>Some surveys that I have participated in, send out a unique 'password' that
>is then logged and cannot be used to vote again. But these surveys are
>from companies that have customer information for me and will only send me
>one password.
>
>On 20 Jul 2001, Randal L. Schwartz wrote:
>
> > Date: 20 Jul 2001 08:36:44 -0700
> > From: Randal L. Schwartz <[EMAIL PROTECTED]>
> > To: [EMAIL PROTECTED]
> > Subject: Re: hash comparisons...
> >
> > >>>>> "Jim" == Jim Conner <[EMAIL PROTECTED]> writes:
> >
> > Jim> I am building a voting script. This is particularly tough because of
> > Jim> the things I need to pay attention to such as disallowing corrupt
> > Jim> votes by someone voting multiple times. What I want to do is allow
> > Jim> players to revote. Their new vote will simply overwrite the first
> > Jim> vote. There is a list of other things I want to do but these things
> > Jim> all pivot around how I am going to do comparisons.
> >
> > The "someone" part is hard. How do you tell if two uncorrelated hits
> > are from the same person?
> >
> > Hint: you lose if you mention
> >
> > cookies
> > IP address
> > browser signature
> > javascript
> >
> > :-)
> >
> > But I did cheat a bit, and use "same IP address within an hour" for
> > my unscientific polling mechanism for a recent WT column, at
> >
> > http://www.stonehenge.com/merlyn/WebTechniques/col59.html
> >
> > --
> > Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
> > <[EMAIL PROTECTED]> <URL:http://www.stonehenge.com/merlyn/>
> > Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
> > See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl
> training!
> >
> > --
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
> >
>
> Eric Wisti
> Kinetic, Inc.
> (651) 848-0477
- Jim
-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-
http://www.perlmonks.org/index.pl?node_id=67861&lastnode_id=67861
-----BEGIN PERL GEEK CODE BLOCK----- ------BEGIN GEEK CODE BLOCK------
Version: 0.01 Version: 3.12
P++>*@$c?P6?R+++>++++@$M GIT/CM/J d++(--) s++:++ a-
>++++$O!MA->++++E!> PU-->+++BD C++++(+) UB++++$L++++$S++++$
$C-@D!>++++(-)$S++++@$X?WP+>++++MO!>+++ P++(+)>+++++ L+++(++++)>+++++$ !E*
+PP+++>++++n-CO?PO!o >++++G W++(+++) N+ o !K w--- PS---(-)@ PE
>*(!)$A-->++++@$Ee---(-)Ev++uL++>*@$uB+ Y+>+++ PGP t+(+++)>+++@ 5- X++ R@
>*@$uS+>*@$uH+uo+w-@$m! tv+ b? DI-(+++) D+++(++) G(++++)
------END PERL GEEK CODE BLOCK------ ------END GEEK CODE BLOCK------
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
