In life, many people will encounter the need to vote. But often the place of vote is also weak, may not verify the source of the vote, will lead to brush the ticket, serious words will also lead to the site fall.
The following article is about how to brush the ticket, although not 100% can prevent, but also from the root causes to prevent a large number of rookie damage to the system. I just turned around: Just made a brush ticket system, feeling a lot, just at the beginning is also encountered a lot of brush tickets. After the correction of time and again, basically put an end to the process of brushing the ticket.
The following is a detailed list of the votes.:
1. First
a complex verification codeis very very important, just started with a very simple small authentication code, simply avoid the brush ticket program to crack. So on the internet to find a very complex verification code, even the artificial vote must be refreshed two. There is a need to leave a mailbox, I will be the first time to send the past. 2. Because the voting is real name, fill in the ID number, so
verification of the ID card number is also necessary。 First, the ID number must be 18 digits (a generation ID is now almost invisible), the first 17 digits must be numbers. The code now writes out a reference if (((Strlen ($SFZ))!=18 and (strlen ($SFZ))!=15) or (!is_numeric (substr ($SFZ, 0,strlen ($SFZ)-1))) "$sfz" Is the received ID number, which can be followed by a hint. In addition in
Verify that the current ID card has been voted before the vote, or no counting. 3. If the mechanism for voting after registration is particularly formal, it should be registered
registration information to Judge, you must add a validation code to limit the registration. 4. The security mechanism of the program is also important, if the use of object-oriented procedures,
The counting function must be set to private.To prevent SQL injection! 5. Another is
use cookies to limit time on the client, this way is to prevent a gentleman from the villain, professional brush ticket team will certainly first think of this point. But the suggestion is added. 6. There is one more
IP Restrictions, such as each IP only allowed to vote 100 votes (given that some companies use a large local area network, the public network IP is a use, otherwise it may appear unfair phenomenon). 7. The last and most important,
The Verification Code input box is implemented with asynchronous communication。 The original page verification code is not displayed, click the Verification Code input box to display the verification code, and after the successful vote unset verification code session. So you can avoid the vast majority of the brush ticket machine. This article probably provides some conventional ideas, the so-called prevention of human heart can not be, you can not ensure that each user input is safe. Finally say: Check the time to remember the white list, which is necessary.
