I have a page, it randomly displays 2 news, and the user chooses the one that is better. Only 10 news.
After the vote, the data is sent by a POST request to the handle page, where +1 for the best news is entered into the database, then a redirect again to 2, already other news.
Question: how to protect the news rating from cheating.
POST request for the same news can be repeated a bunch of times…
I will add: the user can vote infinitely. But the news comes randomly.
I need to protect only repeating the same POST request.
Note: You need to do without registration on the site
Answer 1, authority 100%
Implement user registration, it will be easier to work there, you write about the voter in the database
Answer 2, authority 67%
Sorry, but I’m very interested:
md5(date(‘H:i:s’)) and pass it as a post, and compare this value in handle.
What do you compare it to? The time will be different each time, therefore, the request will pass each time. And what will encryption of time give in general? How does this help not to repeat the 2 3 4 5 etc request?
Answer 3, authority 33%
SELECT * FROM `news_table` WHERE NOT IN ( SELECT news_id FROM `voted_table` WHERE sesID=$SESID ) LIMIT 0,2
news_table contains news, in the voted_table table we push the id of the news for which this user has already voted.
$SESID is taken from the cookie. $SESID is unique for each visitor. I think the easiest way. Again, if the cookies are deleted, this method will fail. I think to somehow go in this direction.