我需要实施一个匿名投票系统(用户注册是不行的)。我已经决定,最好的选择是将单个项目的投票限制为每个IP 10个(考虑到学校等)。
解决这个问题的最佳方法是什么?我正在使用PHP + MySQL。在高峰时段,每秒最高可达20票。我正在使用负载均衡的前端和专用的MySQL服务器。
我担心每次投票都会在数据库中插入一行,然后查询该数据以查看它们是否达到了限制,这可能对服务器来说太过分了?
观看MongoDB或其他什么东西会更好吗?
还有其他想法吗?
答案 0 :(得分:4)
我建议在Cookie中保存“已投票”状态。这将允许整个学校和办公室投票。每IP执行10次将允许一个地址的用户投票10次。
显然有很多方法可以解决这个问题,例如清除cookies等,但我认为这是一个很好的选择。
答案 1 :(得分:3)
我认为关键/价值数据库在这里会更好。
此外,您不需要为每个投票排,每个IP只需要1行,并使用查询LIKE
INSERT INTO .. ON DUPLICATE KEY UPDATE
答案 2 :(得分:2)
我需要实施一个匿名投票系统(用户注册是一个 没有去)
IP不是解决这个问题的方法,因为很多公司/学校都有数千人映射到几个IP地址。如果您不希望用户因匿名投票而登录,我建议您使用CAPTCHA(recaptcha)来保护群发投票,因为熟练的程序员可以绕过所有其他技术。甚至可以spoof IP address。我相信在许多Linux发行版中你都可以轻松欺骗IP。
alfred@alfred-laptop:~/bash$ apt-cache search ^fake$
fake - IP address takeover tool
http://en.wikipedia.org/wiki/IP_address_spoofing#Defense_against_spoofing:
还建议设计网络协议和服务 他们不依赖IP源地址进行身份验证。
但是熟练的程序员不能绕过经过良好测试的CAPTCHA,例如recaptcha。投票有点难,但在我看来,这是对抗虚假投票的唯一方法。验证码也不能使投票系统不受错误投票的影响。制作此类系统的唯一方法是使用身份验证。保留允许投票的用户(身份)列表。
解决这个问题的最佳方法是什么?我正在使用PHP + MySQL。中 高峰时段每秒最高可达20票。
这甚至不会出汗Redis,因为它非常快。
Redis是一个开源的高级键值存储。经常这样 称为数据结构服务器,因为键可以包含字符串, 哈希,列表,集合和排序集。
首先是我的系统信息。我喜欢它,但它已经很老了。
-Computer-
Processor : 2x Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz
Memory : 2051MB (1403MB used)
Operating System : Ubuntu 10.10
User Name : alfred (alfred)
Date/Time : Sat 16 Jul 2011 07:53:20 PM CEST
-Display-
Resolution : 1280x800 pixels
OpenGL Renderer : Unknown
X11 Vendor : The X.Org Foundation
-Multimedia-
Audio Adapter : HDA-Intel - HDA Intel
-Input Devices-
Power Button
Lid Switch
Sleep Button
Power Button
AT Translated Set 2 keyboard
Dell Dell USB Keyboard
Logitech Trackball
PS/2 Logitech Wheel Mouse
Video Bus
-Printers (CUPS)-
Canon-MP150 : <i>Default</i>
HP-Photosmart-b110
-SCSI Disks-
HL-DT-ST DVDRAM GSA-T20N
ATA WDC WD1600BEVS-2
接下来我将对我的redis-server进行基准测试:
alfred@alfred-laptop:~/database/redis-2.2.0-rc4/src$ ./redis-server --version
Redis server version 2.1.12 (00000000:0)
alfred@alfred-laptop:~/database/redis-2.2.0-rc4/src$ ./redis-benchmark
====== PING (inline) ======
10000 requests completed in 0.23 seconds
50 parallel clients
3 bytes payload
keep alive: 1
94.11% <= 1 milliseconds
97.77% <= 2 milliseconds
98.97% <= 3 milliseconds
99.02% <= 4 milliseconds
99.51% <= 6 milliseconds
99.88% <= 7 milliseconds
100.00% <= 7 milliseconds
44052.86 requests per second
====== PING ======
10000 requests completed in 0.23 seconds
50 parallel clients
3 bytes payload
keep alive: 1
87.97% <= 1 milliseconds
97.44% <= 2 milliseconds
98.83% <= 3 milliseconds
99.41% <= 4 milliseconds
99.51% <= 5 milliseconds
99.70% <= 6 milliseconds
100.00% <= 6 milliseconds
43478.26 requests per second
====== MSET (10 keys) ======
10000 requests completed in 0.37 seconds
50 parallel clients
3 bytes payload
keep alive: 1
11.02% <= 1 milliseconds
82.00% <= 2 milliseconds
93.94% <= 3 milliseconds
97.18% <= 4 milliseconds
98.17% <= 5 milliseconds
98.89% <= 6 milliseconds
99.44% <= 7 milliseconds
99.51% <= 9 milliseconds
99.52% <= 10 milliseconds
100.00% <= 10 milliseconds
26881.72 requests per second
====== SET ======
10000 requests completed in 0.24 seconds
50 parallel clients
3 bytes payload
keep alive: 1
86.50% <= 1 milliseconds
96.08% <= 2 milliseconds
97.45% <= 3 milliseconds
97.87% <= 4 milliseconds
99.02% <= 5 milliseconds
99.51% <= 6 milliseconds
99.52% <= 7 milliseconds
100.00% <= 7 milliseconds
40983.61 requests per second
====== GET ======
10000 requests completed in 0.23 seconds
50 parallel clients
3 bytes payload
keep alive: 1
86.06% <= 1 milliseconds
97.51% <= 2 milliseconds
98.89% <= 3 milliseconds
99.65% <= 4 milliseconds
100.00% <= 4 milliseconds
42553.19 requests per second
====== INCR ======
10000 requests completed in 0.23 seconds
50 parallel clients
3 bytes payload
keep alive: 1
90.72% <= 1 milliseconds
96.92% <= 2 milliseconds
98.12% <= 3 milliseconds
98.33% <= 4 milliseconds
99.27% <= 5 milliseconds
99.51% <= 7 milliseconds
100.00% <= 7 milliseconds
43103.45 requests per second
====== LPUSH ======
10000 requests completed in 0.23 seconds
50 parallel clients
3 bytes payload
keep alive: 1
87.92% <= 1 milliseconds
96.35% <= 2 milliseconds
98.26% <= 3 milliseconds
99.51% <= 7 milliseconds
100.00% <= 7 milliseconds
42735.04 requests per second
====== LPOP ======
10000 requests completed in 0.24 seconds
50 parallel clients
3 bytes payload
keep alive: 1
87.75% <= 1 milliseconds
96.67% <= 2 milliseconds
97.77% <= 3 milliseconds
98.64% <= 4 milliseconds
98.65% <= 5 milliseconds
99.80% <= 6 milliseconds
100.00% <= 6 milliseconds
41841.00 requests per second
====== SADD ======
10000 requests completed in 0.23 seconds
50 parallel clients
3 bytes payload
keep alive: 1
89.55% <= 1 milliseconds
96.56% <= 2 milliseconds
97.80% <= 3 milliseconds
98.76% <= 4 milliseconds
99.50% <= 5 milliseconds
99.63% <= 6 milliseconds
100.00% <= 6 milliseconds
42553.19 requests per second
====== SPOP ======
10000 requests completed in 0.25 seconds
50 parallel clients
3 bytes payload
keep alive: 1
88.12% <= 1 milliseconds
96.21% <= 2 milliseconds
97.45% <= 3 milliseconds
97.99% <= 4 milliseconds
98.53% <= 5 milliseconds
99.51% <= 6 milliseconds
100.00% <= 6 milliseconds
40322.58 requests per second
====== LPUSH (again, in order to bench LRANGE) ======
10000 requests completed in 0.24 seconds
50 parallel clients
3 bytes payload
keep alive: 1
89.41% <= 1 milliseconds
96.05% <= 2 milliseconds
97.76% <= 3 milliseconds
98.76% <= 4 milliseconds
99.01% <= 5 milliseconds
99.51% <= 7 milliseconds
99.96% <= 8 milliseconds
100.00% <= 8 milliseconds
42016.81 requests per second
====== LRANGE (first 100 elements) ======
10000 requests completed in 0.40 seconds
50 parallel clients
3 bytes payload
keep alive: 1
11.56% <= 1 milliseconds
76.23% <= 2 milliseconds
91.93% <= 3 milliseconds
94.47% <= 4 milliseconds
97.80% <= 5 milliseconds
99.23% <= 6 milliseconds
99.87% <= 9 milliseconds
100.00% <= 9 milliseconds
24937.66 requests per second
====== LRANGE (first 300 elements) ======
10000 requests completed in 0.86 seconds
50 parallel clients
3 bytes payload
keep alive: 1
2.28% <= 1 milliseconds
10.90% <= 2 milliseconds
35.68% <= 3 milliseconds
63.74% <= 4 milliseconds
86.00% <= 5 milliseconds
92.65% <= 6 milliseconds
94.96% <= 7 milliseconds
97.50% <= 8 milliseconds
98.04% <= 9 milliseconds
98.75% <= 10 milliseconds
99.56% <= 11 milliseconds
99.96% <= 12 milliseconds
100.00% <= 12 milliseconds
11682.24 requests per second
====== LRANGE (first 450 elements) ======
10000 requests completed in 1.15 seconds
50 parallel clients
3 bytes payload
keep alive: 1
1.13% <= 1 milliseconds
6.20% <= 2 milliseconds
10.38% <= 3 milliseconds
27.37% <= 4 milliseconds
53.45% <= 5 milliseconds
74.60% <= 6 milliseconds
89.41% <= 7 milliseconds
95.40% <= 8 milliseconds
98.04% <= 9 milliseconds
98.98% <= 10 milliseconds
99.46% <= 11 milliseconds
99.58% <= 12 milliseconds
99.73% <= 13 milliseconds
99.87% <= 14 milliseconds
100.00% <= 14 milliseconds
8695.65 requests per second
====== LRANGE (first 600 elements) ======
10000 requests completed in 1.45 seconds
50 parallel clients
3 bytes payload
keep alive: 1
0.52% <= 1 milliseconds
6.23% <= 2 milliseconds
10.67% <= 3 milliseconds
16.37% <= 4 milliseconds
27.51% <= 5 milliseconds
46.06% <= 6 milliseconds
60.82% <= 7 milliseconds
79.70% <= 8 milliseconds
90.96% <= 9 milliseconds
96.01% <= 10 milliseconds
97.99% <= 11 milliseconds
99.43% <= 12 milliseconds
99.90% <= 13 milliseconds
100.00% <= 13 milliseconds
6896.55 requests per second
incr操作就是您所需要的,您可以看到我的系统可以处理43103.45 requests per second。
观看MongoDB或其他什么东西会更好吗?
我建议redis如上所述。
答案 3 :(得分:1)
只需确保索引IP字段,并考虑将其表示为字符串以外的其他内容(例如整数)。有关详情,请参阅此处:http://daipratt.co.uk/mysql-store-ip-address/
此外,adlawson的cookie创意很好。你可以使用两者,也许让IP地址只是触发你的警报,在那里你可以去一些管理员屏幕,并决定那些IP看起来像是某人试图欺骗系统而不是学校。
关于ipv6的更新:我对ipv6没有太多了解w /关于当前的虚拟主机,所以不确定是否有用户专门在ipv6上。如果是这样,您可以考虑这些帖子中提供的一些想法如何存储它们:
答案 4 :(得分:1)
正如您所描述的负载平衡应该没问题。专用的MySQL服务器不应该对该查询率有任何问题。我不认为MongoDB可以帮助解决这样的问题。像memcached这样的东西性能要高得多,但你仍然需要在某些时候将数据发送到更持久的MySQL数据库。
我同意adlawston使用cookies代替。您仍然可以使用单个IP
进行投票的上限答案 5 :(得分:1)
10是完全随意的值,并不会考虑单个面向公众的IPv4地址背后可能有数百甚至数千人的办公室。更不用说你可能允许个人投票十次了。
显然,这不是一个强大的或适合用途的解决方案。
找到另一种独特识别人的方式。