我正在研究投票系统而且我坚持确保某人只能投票一次。我看了存储IP,但我读到像大学这样的地方使用的知识产权很少,所以如果一个人投票,大部分大学都被排除在投票之外。目前我使用cookies,这是很好的,直到人们意识到我正在使用cookie。然后他们很容易删除cookie并再次投票。有没有可靠的方法存储用户的投票并确保他们不能再投票?这是我目前的投票脚本:
<?php
include("config.php");
//Checks URL for any GET variables and removes them.
$url = $_POST['url'];
$arr = explode("?", $url, 2);
$url = $arr[0];
//Makes sure someone didn't just go to /vote.php.
if (empty($_POST['url'])) {
print '<script>window.location = "errorpage";</script>';
} else {
//Gets unique ID number for specific match up.
$idnumber = $_POST['id'];
//Checks to see if there is a cookie by the name of the unique matchup ID.
if (!empty($_COOKIE[$idnumber])) {
//If voted, go back and display already voted error.
print '<script> window.location = "'.$url.'?error=voted";</script>';
} else {
//If user doesn't have the cookie, then set it to expire in 1 year.
setcookie("$idnumber", "1", strtotime( '+1 year' ));
//Sets variable for a_vote or b_vote.
$voteRow = $_POST['hiddenvote'];
//Array of allowed values for column name.
$allowed = array("a_vote","b_vote");
//If $voteRow is not a_vote or b_vote, then go to error page.
if(!in_array($voteRow, $allowed)) {
print '<script>window.location = "errorpage";</script>';
} else {
//Gets current votes and adds one for new value.
foreach($db->query("SELECT $voteRow FROM votes WHERE matchup = '$idnumber'") as $row) {
$votes = $row[$voteRow];
}
$newvotes = $votes + 1;
//Update query to send new vote amount.
$sql = "UPDATE `votes` SET $voteRow = :newvotes WHERE `matchup` = :id";
$statement = $db->prepare($sql);
$statement->bindValue(":newvotes", $newvotes);
$statement->bindValue(":id", $idnumber);
$count = $statement->execute();
$db = null;
//Go to vote success page.
print '<script type="text/javascript">window.location = "'.$url.'?vote=success";</script>';
}
}
}
?>