Gossamer Forum
(Advanced Search)
for
Home : Products : Gossamer Links : Discussions :

Multiple votes for same site

Jul 20, 2004, 11:18 AM
Chas-a
User (194 posts)
Jul 20, 2004, 11:18 AM
Post #1 of 16
Views: 5068
Shortcut
Quote Reply
Multiple votes for same site
    
Hi all,

As an ongoing task Wink I'm looking into ways of making the Links SQL rating system more cheat proof.

Aside from setting a cookie and tracking IP's (which can be side tracked with proxies and a quick trip to the cookie manager folder).

Can you suggest how would I go about adding a mod to the rate.pm or cgi file to block multiple votes for same site? that is if the ClickTrack table's last 3 records was for the same site ID, block votes for that site till another site is voted for or something around that theme like block votes for the same site if its ID is in the first 5 records.

Thanks for your help,

Charlie

Last edited by:

Chas-a: Jul 20, 2004, 11:20 AM
Jul 20, 2004, 11:47 AM
VishalT
Veteran (1122 posts)
Jul 20, 2004, 11:47 AM
Post #2 of 16
Views: 4932
Shortcut
Quote Reply
Re: [Chas-a] Multiple votes for same site In reply to
I do not know how to implement the solution, but I think I know how it can be done.. now only if someone can work on the code.

Option 1) Links SQL Admin Option..where Directory Admin can choose how long (hours/days) to disallow the same IP to vote twice.

This would be good, but then still you are risking the chance of automated bot from your competitor which would wanna rate all the sites as bad. So this idea is not 100% safe

Option 2) If I am not mistake there is some code like

defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' );

in Mambo CMS Files where if the user is trying to access the file directory, then it won't allow it. Disallow direct view of the rate page, or in other words, if the user comes without any referral, then they cannot view it.

Option 3 : My Fav :) If somehow if it was possible to disallow user to visit rate.cgi page more than x number of times in y number of minutes, then I think it would be best protection against rating bots. This option would work great with Option 1.

I really really really wish someone can get this working. Cuz.. even though Links SQL is *THE BEST* link management script there, but the rating system in Links SQL is very much easy to exploit.

Any help would be very much apprecaited.



In Reply To:

Hi all,

As an ongoing task Wink I'm looking into ways of making the Links SQL rating system more cheat proof.

Aside from setting a cookie and tracking IP's (which can be side tracked with proxies and a quick trip to the cookie manager folder).

Can you suggest how would I go about adding a mod to the rate.pm or cgi file to block multiple votes for same site? that is if the ClickTrack table's last 3 records was for the same site ID, block votes for that site till another site is voted for or something around that theme like block votes for the same site if its ID is in the first 5 records.

Thanks for your help,

Charlie

Vishal
-------------------------------------------------------
Jul 20, 2004, 12:49 PM
Chas-a
User (194 posts)
Jul 20, 2004, 12:49 PM
Post #3 of 16
Views: 4970
Shortcut
Quote Reply
Re: [NeedScripts.Com] Multiple votes for same site In reply to
I hadn't considered bots... thinking about it if someone's gone to the trouble of writing a bot they should have no trouble by passing the tracked IP numbers / restricted access to the rate page - the same is true for visitors using proxy servers.

One way around proxies is to track local (client's machine) IP's using this applet - the drawback of this is people can disable Java on their browser.

Last edited by:

Chas-a: Jul 20, 2004, 12:53 PM
Jul 21, 2004, 1:01 AM
Gypsypup
User (226 posts)
Gypsypup's avatar
Jul 21, 2004, 1:01 AM
Post #4 of 16
Views: 4984
Shortcut
Quote Reply
Re: [Chas-a] Multiple votes for same site In reply to
Andy & Pugdog have a members access plugin. Although it appears it is not configured to allow 'members only' to access the rate.cgi I guess it would only take a bit of tweaking to make it do so.
Might get rid of bots etc. May not solve a lot of the rest of the problems however it is a start perhaps.
The other side of the coin is everyone nowadays is so paranoid about the 'big brother' syndrome that by having to log-in they would be worried that their every action is logged and therefore their actions traceable even though it isn't. That may stop a lot from trying stunts.
Jul 21, 2004, 6:57 AM
Andy
Veteran / Moderator (18436 posts)
Andy's avatar
Jul 21, 2004, 6:57 AM
Post #5 of 16
Views: 4923
Shortcut
Quote Reply
Re: [Gypsypup] Multiple votes for same site In reply to
Quote:
Andy & Pugdog have a members access plugin. Although it appears it is not configured to allow 'members only' to access the rate.cgi I guess it would only take a bit of tweaking to make it do so.

heheh.. it would probably be easier to just change the settings in Setup > User Options :)

Quote:
Might get rid of bots etc. May not solve a lot of the rest of the problems however it is a start perhaps.
The other side of the coin is everyone nowadays is so paranoid about the 'big brother' syndrome that by having to log-in they would be worried that their every action is logged and therefore their actions traceable even though it isn't. That may stop a lot from trying stunts.

Totally agree. Everyone is pretty paranoid on the internet now (especially with all the bad publicity, i.e hackers etc). Its a shame really :(

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Jul 21, 2004, 8:01 AM
Chas-a
User (194 posts)
Jul 21, 2004, 8:01 AM
Post #6 of 16
Views: 5024
Shortcut
Quote Reply
Re: [Gypsypup] Multiple votes for same site In reply to
 
Limiting rating to members is not a viable option IMO as all it takes is multiple email accounts (Hotmail, Yahoo etc. or non-free) to abuse the system.

Im going to look into getting some Perl code posted here later that prevents voting for the same site if it was voted for in the first 5 records of the ClickTrack table.

Cheers,

Charlie
Jul 21, 2004, 12:24 PM
VishalT
Veteran (1122 posts)
Jul 21, 2004, 12:24 PM
Post #7 of 16
Views: 4927
Shortcut
Quote Reply
Re: [Chas-a] Multiple votes for same site In reply to
Hi Chas-a,

If you are going to be working on the code, then I would request you to work on the code that will disallow anyone (any IP) to visit rate.cgi page more than x number of times within y number of minutes/hours and disallow same IP to vote for same link/listing more than once in z number of days.

Vishal

Vishal
-------------------------------------------------------
Jul 21, 2004, 12:50 PM
Chas-a
User (194 posts)
Jul 21, 2004, 12:50 PM
Post #8 of 16
Views: 4893
Shortcut
Quote Reply
Re: [Chas-a] Multiple votes for same site In reply to
Here's what i've got so far:

Code:
# Snippet from rate.pm

# Update the rating unless they have already voted.
my $click_db = $DB->table ('ClickTrack');

my $site_in_top_five = $click_db->count ( { LinkID => $id, ClickType => 'Rate' } ) || return $GT::SQL::error;

my $rows = $click_db->count ( { LinkID => $id, IP => $ENV{REMOTE_ADDR}, ClickType => 'Rate' } );

if ($rows) {
return { error => Links::language('RATE_VOTED', $id), %$rec };
} elsif ($site_in_top_five) {
return { error => Links::language('RATE_INVALIDRATE', $rating), %$rec };
} else {
my $tmp = $rec->{Rating} * $rec->{Votes};
$rec->{Rating} = ($rec->{Rating} * $rec->{Votes}) + $rating;
$rec->{Votes} = $rec->{Votes} + 1;
$rec->{Rating} = $rec->{Rating} / $rec->{Votes};
my @cids = $DB->table('CatLinks')->select('CategoryID', { LinkID => $rec->{ID} })->fetchall_list;
$rec->{'CatLinks.CategoryID'} = \@cids;
$db->modify($rec);
$click_db->insert ( { LinkID => $id, IP => $ENV{REMOTE_ADDR}, ClickType => 'Rate', Created => \"NOW()" } );
return $rec;
}


I've added the RATE_INVALIDRATE as a simple way of displaying the type of error returned.

atm it blocks votes if the voted for sites id is in the ClickTrack table (or the IP address is assiciated with that sites id).

The error with this code is it doesn't update the ClickTrack table if either of the first two conditionals are false tho it does display the Thanks for voting message.

Could this be an error with setting two variables from the one my $click_db = $DB->table ('ClickTrack'); call?

Thanks for your help Smile

Charlie
Jul 22, 2004, 9:32 AM
Chas-a
User (194 posts)
Jul 22, 2004, 9:32 AM
Post #9 of 16
Views: 4883
Shortcut
Quote Reply
Re: [NeedScripts.Com] Multiple votes for same site In reply to
Hi Vishal,

If I understand you right - the "disallow same IP to vote for same link/listing more than once in z number of days." is already a part of the default rating process.

When someone votes their IP number is added to the ClickTrack table and if they try voting again for the same site using the same IP the script blocks them.

Quote:
disallow anyone (any IP) to visit rate.cgi page more than x number of times within y number of minutes/hours

Vishal, I dont see the point of that, as it would require adding a new set of functions to get that working that will rely on either a cookie or IP - both of which are easy to work around as detailed above.

That's why I feel blocking votes for the same site (regardless of IP) if its in the top 5 of the ClickTrack table is the best solution to this.

Perhaps if Andy isn't too pi**ed off with me bringing his plugin writting abilities into question in a previous thread Smile he may be able to share his Perl skills on this.

It would be great if you can spare the time Andy Cool

Last edited by:

Chas-a: Jul 22, 2004, 9:44 AM
Jul 22, 2004, 9:46 AM
Andy
Veteran / Moderator (18436 posts)
Andy's avatar
Jul 22, 2004, 9:46 AM
Post #10 of 16
Views: 4918
Shortcut
Quote Reply
Re: [Chas-a] Multiple votes for same site In reply to
Quote:
Perhaps if Andy isn't too pi**ed off with me bringing his plugin writting abilities into question in a previous thread he may be able to share his Perl skills on this.

I'm not ;) Just been very busy :|

Should be something like this that would work;

Code:
my $ID = $IN->param('ID');
my $MAX = $DB->table('ClickTrack')->count( { ClickType => 'Rate' } );
my $MIN = $MAX - 5;

my $table = $DB->table('ClickTrack');
$table->select_options("LIMIT $MIN, 5");
my $sth = $table->select( { ClickType => 'Rate' } ) || return $GT::SQL::error'

while (my $hit = $sth->fetchrow_hashref) {
if ($ID == $hit->{LinkID}) {

print $IN->header;
print Links::SiteHTML::display('error', { error => 'Sorry, this link has been voted too many times...' } );
exit;
}
}

Not sure where the best place would be to put it (without looking). I guess somewhere in Rate.pm, just before its about to submit the rating (i.e after all the prelim checks, as they are less CPU consuming).

Hope that helps.

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!

Last edited by:

Andy: Jul 23, 2004, 6:31 AM
Jul 22, 2004, 12:15 PM
VishalT
Veteran (1122 posts)
Jul 22, 2004, 12:15 PM
Post #11 of 16
Views: 4894
Shortcut
Quote Reply
Re: [Chas-a] Multiple votes for same site In reply to
Quote:
disallow anyone (any IP) to visit rate.cgi page more than x number of times within y number of minutes/hours


The main reason I said this, cuz I have had an end user send me an email along with few lines of HTML code and told me how that code can pratically ruin the entire rating system of any directory, also to satisfy my desire, I tested the code and to my surprize it worked.

So along with any other good options, I really think it would be very good to implement such a method too, other wise, it would take anyone about an average of 10 minutes to rate 1000 listings. But if such a method is setup, then it can make a big difference.

Vishal

Vishal
-------------------------------------------------------
Jul 23, 2004, 6:29 AM
Chas-a
User (194 posts)
Jul 23, 2004, 6:29 AM
Post #12 of 16
Views: 4874
Shortcut
Quote Reply
Re: [Andy] Multiple votes for same site In reply to
Cheers Andy, I think its almost there - returning an error atm:

GT::SQL::Table (21571): Unknown method 'fetchrow_hashref' called at line...


Code:
my $MAX = $DB->table('ClickTrack')->count( { ClickType => 'Rate' } );
my $MIN = $MAX - 5;

my $table = $DB->table('ClickTrack');
$table->select_options("LIMIT $MIN, 5", ClickType => 'Rate');

while (my $hit = $table->fetchrow_hashref) {
if ($id == $hit->{LinkID}) {

print $IN->header;
print Links::SiteHTML::display('error', { error => 'Sorry, this link has been voted too many times...' } );
exit;
}
}

I added the ClickType => 'Rate' so Hits arn't called Wink

Thanks for your help,


Quote:
So along with any other good options, I really think it would be very good to implement such a method too, other wise, it would take anyone about an average of 10 minutes to rate 1000 listings. But if such a method is setup, then it can make a big difference.

True, sites like Flashkit seem to use the default rating setup with Links SQL and IMO their ratings are a joke Pirate

Charlie
Jul 23, 2004, 6:32 AM
Andy
Veteran / Moderator (18436 posts)
Andy's avatar
Jul 23, 2004, 6:32 AM
Post #13 of 16
Views: 4907
Shortcut
Quote Reply
Re: [Chas-a] Multiple votes for same site In reply to
Sorry ... had been a long day :(

I missed out the $sth stuff, and the reference for $table->fetchrow_hashref should read $sth->fetchrow_hashref.

I've updated my above post to reflect this.

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Jul 23, 2004, 7:31 AM
Chas-a
User (194 posts)
Jul 23, 2004, 7:31 AM
Post #14 of 16
Views: 4891
Shortcut
Quote Reply
Re: [Andy] Multiple votes for same site In reply to
Works well Cool

Would I need to add a SORTBY to be certain the table sorts on the Created column first?


Thanks again,

Charlie

Last edited by:

Chas-a: Jul 23, 2004, 7:31 AM
Jul 23, 2004, 8:22 AM
Andy
Veteran / Moderator (18436 posts)
Andy's avatar
Jul 23, 2004, 8:22 AM
Post #15 of 16
Views: 4884
Shortcut
Quote Reply
Re: [Chas-a] Multiple votes for same site In reply to
Good good :)

This should order it by "Created";

Code:
$table->select_options("ORDER BY Created ASC","LIMIT $MIN, 5");

... other than that, you shouldn't have any problems :)

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Jul 23, 2004, 9:30 AM
Chas-a
User (194 posts)
Jul 23, 2004, 9:30 AM
Post #16 of 16
Views: 4903
Shortcut
Quote Reply
Re: [Andy] Multiple votes for same site In reply to
Cool! cheers Andy! Smile


Comedy Quotes - Glinks 3.3.0, PageBuilder, StaticURLtr, CAPTCHA, User_Edit_Profile