Simple PHP implementation of the Web brush voting program

Source: Internet
Author: User
Tags curl rand


PHP Brush vote, let you top of the list! This article is attached to the method of brush and defense strategy.

Case is 1.5 months ago. Did not release the reason has two, one is because the blog domain name record does not come down, does not have the mood to write the thing. Second, the most important, timely release of the case site has serious damage, not me and other it people should be.
Ps: The ticket has the risk, the use should be cautious. This article is to do study and discussion of the use, can not be used for improper use!

This article for the Virgin of this blog, the theme stems from a recent friend request, is because her sister took part in a calligraphy contest, asked me if I can brush the vote on the website. As a rookie just a year ago, I am very frightened. A year ago just contact with PHP, completely do not know to do, now the first reaction is curl.

Nonsense not much said, directly on the code.

<?php
Header (' content-type:text/html; charset=gb2312 ');
Randomly generating IP
$ip 1 = rand (101, 255). '. ';
$ip 2 = rand (1, 255). '. ';
$ip 3 = rand (1, 255). '. ';
$ip 4 = rand (1, 255);
$ip = $ip 1. $ip 2. $ip 3. $ip 4;
$clientIp = ' Client-ip: '. $ip;
$xforwarded = ' x-forwarded-for: '. $ip;
Set goals and sources
$url = ' http://www.dunhuangwomen.org.cn/vote/Vote.asp?id=67 ';
$referer = ' http://www.dunhuangwomen.org.cn/vote/list.asp?id=2 ';
Curl
$ch = Curl_init ();
curl_setopt ($ch, Curlopt_url, $url); Goal
curl_setopt ($ch, Curlopt_httpheader, Array ($xforwarded, $clientIp)); Constructing IP
curl_setopt ($ch, Curlopt_referer, $referer); Source
curl_setopt ($ch, Curlopt_returntransfer, 1);
curl_setopt ($ch, Curlopt_header, 0);

$ret = curl_exec ($ch);
Curl_close ($ch);
Echo $ret;
?>


OK, let's analyze it.
1, imitation IP, the site has restrictions on an IP in a day can only be cast once
2, fill in the source, the site will determine the source of the request is the legal path
The other is Curl's regular options.

How to prevent and cure?

I talents, only for running bricks to lure Jade.

1. Restrict IP

This article has cracked

2. Limiting sources

This article has cracked

3, verification code. As one of the most anti-human inventions, it is possible to use this fully automatic computer and human Turing test that has a tall name.
Available OPENCV.
4, record MAC address.
Theoretically each NIC has a unique MAC address, and if the change may cause a conflict, it will not be able to access the Internet. can also be modified with software at present
5, Registered Members
Although still can break through the verification code, curl fill in parameters and then post the past, but the threshold is high after all, or ignore it.
6. Mobile phone
Vote in the mobile phone number and text message verification code, high cost, the unit does not want to. Users to send so-and-so instructions to So-and-so, the user's own pocket, users do not want.

At present, only the verification code, mobile phone and verify the effectiveness of the phone is the best preventive measures.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.