{$unq_in_0_monthly}

[Morus]

Hi,

I'm just wondering if unique hit can be modify a little bit.
I'm using {$unq_in_0_monthly} for calculating it as Votes with recaptcha gate. Th eproblem I have is that everytime I restart router I can give a "vote". How that can be avoid so people even restarting routers and getting new IP will still not be able to vote (protection from cheating by adding more votes by changing IP).
I'm not sure but to do it its something to do with mask, internal IP address, etc (not sure).

Thanks

 

[Basti]

As far as iam aware you cant deal with changing ips. Think that issue is not only on this script but literally everywhere.
But iam not that good with ip related stuff, so i could be wrong, Mark is better there. Maybe he know if there is a solution

 

[Mark]

well 1 thing we could do is set a cookie, but that would be trivial to cheat (user can simply delete the cookie). These are really the only 2 ways to track a user on the internet.

 

[Morus]

Check these 2 websites that are able to do it please, maybe it will give you some hints
www.hopzone.net
www.l2topzone.com

They are using some system to avoid router restart.

 

[Mark]

I cant find a link to click to count a vote, sorry no time for exploring at the moment.

Really though, the solution is still to "set a cookie" that does not expire upon voting which is quite easy to do.. And/or log the IP which we already do. There is no other way, you can confirm those sites above are using a cookie easier than I can, simply check your cookies after you vote.

we can add the cookie system easy enough, but it is still easy to cheat (delete cookies) so it serves very little purpose

 

[Morus]

http://l2topzone.com/vote.php?id=5800

use that link twice in a row. keep attention on the vote and you will see what I mean.

 

[Mark]

I voted, then cleared my cookies... without checking them first. oops

I cannot change my IP with router restart so I need to wait until I am allowed to vote again, to confirm the cookie is set. Again, you can check your cookies and you will probably see one there from that domain for tracking.

 

[Morus]

Even if you would be able to restart router, you wouldn't be able to give a "vote" cause of protection. Just wondering how these 2 website made that.

 

[Mark]

that protection can only be a cookie So if I restart my router and delete brwoser cookies I can vote again 99% sure.

 

[CrazyCoder]

hi guys, huuumm what about setting up a session, neverending ))) hihihiiiiiii
then set in the session, some counter, allowing to vote every 24 hours.
on my tracker, my sessions do not allow to use vpn or router or proxy

 

[Basti]

And how are you determining that a session is for the user currently voting? How do you identify him if not through ip?

 

[ryancbarnes]

Perhaps a 'sneaky' way to do it would be to dynamically rename a very small 1x1 image with the session name (i.e. UF63647f73y2nh1hfy.gif/png). That image would then be stored in the user's cache.

When the page loads, the SessionID is determined, image name changed, and fed to the user. If they delete cookie, reload their IP, as long as they dont clear their cache that SessionID image would still be there. Not sure if PHP can do this, (I think it can) it could look within the webpage's DOM to see if something like webpage.supersecretimage.name.SessionID_png.loadstatus was fully loaded or not. If the page did not request the SessionID.png from the server, then it could be assumed that the image came from the cache, and therefore the same person. If it loaded, it's a new visit or a clean session.

But then again, I'm not a PHP coder, and have no idea if this would work. Maybe it'll spark an idea or something.

 

[Basti]

But still everything involves Ip. And working with cache is not a very good option. With browsers function to automatical delete cache when browser is closed this would also be trival to cheat.
Looking through websites dom is also not a good idea, that would put to much stress on button.php