There is no infallible way to stop this. You can only track someone by the information that is available to you, i.e. a cookie or an IP address. But cookies can be deleted and IP's can change, so then you no longer have a way to know that person has visited the site before. The best you can do is validate peoples email addresses, i.e. email them and get them to click a link before you activate their account. But that doesn't stop them signing up multiple times with multiple emails. Being able to track someone's activity without them being able to stop you would be an invasion of privacy, and I am certainly glad it is not possible.
Russ -----Original Message----- From: Webmaster at FastTrack On Line [mailto:[EMAIL PROTECTED] Sent: 09 October 2005 13:54 To: CF-Talk Subject: Re: CFID Hi Martin, Thanks for letting me know all this, omg indeed! Trouble is, I was really hoping to use the cfid:cftoken as a way to spot a user trying to create a second user record from the same pc. Some sneaky individuals like to create fake profiles and that's not nice. So could I write a variable to the cookie with the users sql table id and use that to spot someone trying to create a fake profile? Or is there some other work around I can use? Jenny ----- Original Message ----- From: "Martin Parry" <[EMAIL PROTECTED]> To: "CF-Talk" <cf-talk@houseoffusion.com> Sent: Sunday, October 09, 2005 10:06 AM Subject: RE: CFID > Absolutely - A very similair thing also happened on an Intranet project > I was working on. We couldn't figure out why users sessions were > expiring so quikly - sometime not at all and sometime every few minutes. > > The user would then log back in which would then cause another user to > be logged out (or so it would appear) - What we found by displaying the > current user id in the page was that they were then miraculously > becoming the other user. > > How did this happen ? The person who sent out the link to all the users > sent something like http://theintranet/index.cfm?cfid=9999&cftoken=9999 > > So, everyone became each other. OMG ! With a bit of fiddling around, we > held an IP address as a client variable, then if the user looking at the > page didn't match the IP address we would clear their cookies and > redirect them back to the homepage with a BRAND NEW CFID mixture. Thus > overwriting the cookie in the browser. However, they also had to remove > and recreate the favourites link to the intranet as the next time they > visited the same would have happened. > > Now, there's a handy function URLSessionFormat which intelligently > maintains state for user with cookies disabled. However, as spiders > don't allow cookies the function will ultimately give the spider a url > with cfid or a j2ee format string e.g. > http://mywebsite.com/index.cfm;jsessionid=1230be920b90$B7h$298?page=/ind > ex.cfm . J2EE variables are a much better option. > > I don't know if anyone's poste this link for you but it works like a > charm, creating per session cookies which most users will allow as they > expire once the browser has closed > > http://www.macromedia.com/cfusion/knowledgebase/index.cfm?id=tn_17915 > > Good luck > > Martin > > > -----Original Message----- > From: Webmaster at FastTrack On Line > [mailto:[EMAIL PROTECTED] > Sent: 09 October 2005 05:39 > To: CF-Talk > Subject: Re: CFID > > Hi Martin, > > Thanks for your input. > > Oh my, wouldn't this be bit of a security issue? > > Jenny > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:220503 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
