PHP supports online voting and PHP voting, which leads you to the top spot

The case was a month and a half ago. There are two reasons for failing to release the domain name in time. One reason is that my blog domain name has not been filed and I am not in the mood to write anything. Second, the most important thing is to release a website with serious damage to the case in a timely manner. it is not because I waited for the PHP vote that the IT staff should have, so that you will be on the top! This document describes the ticket swiping method and defense strategy.
The case was a month and a half ago. There are two reasons for failing to release the domain name in time. One reason is that my blog domain name has not been filed and I am not in the mood to write anything. Second, the most important thing is to release the website with serious damage to the case in a timely manner, which is not what I should expect from IT personnel.
Ps: There is a risk of ticket swiping. exercise caution when using this service. This article is intended for study and discussion and cannot be used for improper purposes!

This post is a masterpiece of this blog. the subject of this post is recently asked by a friend because her sister participated in a calligraphy competition and asked me if I could vote on my website. As a rookie who just debuted for a year, I am very scared. When I first came into contact with PHP a year ago, I did not know how to do it. now the first response is Curl.

If you don't talk much about it, simply add the code.
Header ('content-type: text/html; charset = gb2312 ');
// Randomly generate IP addresses
$ Ip1 = rand (101,255 ).'.';
$ Ip2 = rand (1,255 ).'.';
$ Ip3 = rand (1,255 ).'.';
$ Ip4 = rand (1,255 );
$ Ip = $ ip1. $ ip2. $ ip3. $ ip4;
$ ClientIp = 'client-IP: '. $ ip;
$ Xforwarded = 'x-FORWARDED-FOR: '. $ ip;
// Set the target and source
$ Url = 'http: // www.dunhuangwomen.org.cn/vote/Vote.asp? Id = 67 ';
$ Referer = 'http: // www.dunhuangwomen.org.cn/vote/list.asp? Id = 2 ';
// Curl
$ Ch = curl_init ();
Curl_setopt ($ ch, CURLOPT_URL, $ url); // target
Curl_setopt ($ ch, CURLOPT_HTTPHEADER, array ($ xforwarded, $ clientIp); // Construct an IP address
Curl_setopt ($ ch, CURLOPT_REFERER, $ referer); // source
Curl_setopt ($ ch, CURLOPT_RETURNTRANSFER, 1 );
Curl_setopt ($ ch, CURLOPT_HEADER, 0 );

$ Ret = curl_exec ($ ch );
Curl_close ($ ch );
Echo $ ret;
?>
Well, let's analyze it.
1. counterfeit IP addresses. a website has a limited IP address that can only be cast once a day.
2. fill in the source. The website will determine whether the source of the request is a valid path.
Other options are the common Curl options.

How to prevent it?

I am not easy to learn, just as a brick-and-mortar.

1. IP address restriction
This article has been cracked
2. restrict source
This article has been cracked
3. verification code. As one of the most anti-human inventions, we can use a fully automated Turing test with a tall name to distinguish computers from humans.
Opencv is available.
4. record the MAC address.
In theory, each network card has a unique MAC address. if it is changed, it may cause a conflict and cannot access the Internet. Currently, you can also use software to modify
5. registered members
Although the verification code can still be broken through, Curl fills in the parameter and then POST it, but the threshold is a little higher after all, ignore it.
6. mobile phone
Input the mobile phone number and text message verification code during voting. The cost is high and the unit is unwilling. The user sends the xx command to XX, and the user pays for it. the user does not want.

Currently, verification codes are only available on mobile phones, and verification of mobile phone effectiveness is the best prevention and treatment measure.