Probably best thing would be to have accounts...

On Nov 29, 12:27 am, Julien Phalip <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I'm building a rating app, so people can rate any kind of object (e.g.
> a video, a news entry, etc.). The rating is done anonymously (there's
> no user account on that site) and via an Ajax query. The view
> currently only takes one parameter, the rating value (a float), so I
> don't think I can use something like Akismet.
>
> To prevent multiple ratings by the same person, a flag is set in the
> session. Obviously it means that the person can rate again if she uses
> a different browser or if the session expires, but that's not a big
> issue.
>
> Now, what worries me is potential spam attacks. How can I identify if
> the request is from a genuine person or a bot? I started implementing
> a system which records IP addresses and prevents anybody to rate twice
> from the same IP within a given short time. But if genuine persons are
> behind a proxy, IP uniqueness cannot be guaranteed and they may be all
> mistaken for a bot.
>
> Are there some algorithms in Django to cope with this kind of
> situations? Maybe passing some kind of key protection in the URL?
>
> Thanks a lot,
>
> Julien

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to