How to ensure that a user can vote only once in an ASP.NET poll

Question

How to ensure that a user can vote only once in an ASP.NET poll

I am trying to do an ASP.NET (C #) poll that will ask the user a yes / no question and register that voice in the database. To prevent spam, I would like users to be able to vote only once. I was thinking about registering users IP addresses. If this is the answer, someone can give me a tutorial that shows how this can be done. If this is not the answer, then give me your suggestions.

Edit: I do not ask users to register as this is not my site.

+6

c # asp.net ip-address

Kredns Feb 07 '09 at 1:16

source share

8 answers

You can only garage that each user has one vote, if you can authenticate the user. Thus, you will need an authentication mechanism that allows you to prevent the user from registering multiple accounts.

I can only see this work in an environment where the user has invested something in their account, for example, a subscriber to an online newspaper or a reputation system, like on StackOverflow.

+12

Dave van den eynde Feb 07 '09 at 1:22

source share

If you have a registered list of users, send them an email containing a unique link that is generated with an indication of the manual (for example), write down the GUID in the database and combine it with the vote.

If you are talking about a public and secure, then the IP address alone is not enough (electronic voting for voting on many issues related to secure public voting).

Have you ever thought about using one of the free voting services?

Condorcet Internet Voting Service

+4

Mitch wheat Feb 07 '09 at 1:23

source share

You cannot restrict a single voice to one IP address. IP address is not equal to one user. An IP address represents one or more users.

+4

Shawn miller Feb 07 '09 at 1:36

source share

IP addresses will not work for millions of people who also work for proxies.

Cookies are a partial solution, but voting robots may simply not send cookies.

+3

eduesing Feb 07 '09 at 1:25

source share

Make a registration that requires confirmation by email for registration and make sure that the email address is a unique column in the database among your users. Then tie the vote to the email address. This will not completely prevent a toddler who has several email addresses, but that at least will make it inappropriate for most.

+1

Turnkey Feb 07 '09 at 1:34

source share

The combination of IP and useragent can give you a reasonable solution.

0

Chris ballance Feb 07 '09 at 1:39

source share

I agree that one IP address does not correspond to one user, but I believe that this is the safest way to save one vote per person. I usually use cookies to track who voted. Of course, this is a simple hack where you can simply delete cookies and then vote again. If voting is just random stuff, then I don't care. If the right voices are really important for your application, use the IP address.

0

azamsharp Feb 07 '09 at 3:28

source share

aleemb · Accepted Answer · 2009-02-07T01:28:37+0000

Recorded sessions are the only way to prevent double-vote fraud, but since you are explicitly requesting a way to register an IP address, you can get this via:

HttpContext.Current.Request.UserHostAddress;

or

HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];

It should be easy enough to save to the database and check if an IP address exists in each survey.

How to ensure that a user can vote only once in an ASP.NET poll

More articles: