Cookies

Discussion in 'ASP .Net' started by Saber, Jul 24, 2004.

  1. Saber

    Saber Guest

    I want to prevent users from voting more than 1 time in a simple poll.
    I tried:

    Session.Timeout = 40

    Dim objCookie As HttpCookie
    objCookie = New HttpCookie("before", "voted")

    If Session("before") = "" And Request.Cookies("before") Is Nothing Then
    Session("before") = "voted: true"
    Response.Cookies.Add(objCookie)
    ....

    But the If block runs again when I close and open page, then re-submit the
    form, I mean Request.Cookies("before") Is Nothing always is Nothing!
    why? what I've to do?
     
    Saber, Jul 24, 2004
    #1
    1. Advertising

  2. Saber

    Jos Guest

    Saber wrote:
    > I want to prevent users from voting more than 1 time in a simple poll.
    > I tried:
    >
    > Session.Timeout = 40
    >
    > Dim objCookie As HttpCookie
    > objCookie = New HttpCookie("before", "voted")
    >
    > If Session("before") = "" And Request.Cookies("before") Is Nothing
    > Then Session("before") = "voted: true"
    > Response.Cookies.Add(objCookie)
    > ...
    >
    > But the If block runs again when I close and open page, then
    > re-submit the form, I mean Request.Cookies("before") Is Nothing
    > always is Nothing!
    > why? what I've to do?


    You need to set an expiration time to the cookie to make it
    a persistent cookie.
    If you don't, the cookie will be a session cookie, and it
    will expire with the session.

    objCookie.Expires = Date.Now().AddDays(30)

    --

    Jos
     
    Jos, Jul 25, 2004
    #2
    1. Advertising

  3. "M. Posseth" <> wrote in message
    news:ce001l$lle$...
    > The coockie procedure is so common known to everyone , that fraudulent

    users
    > will just clear there temporary internet files and will vote and vote and
    > vote again :)
    >
    > A better way in my eyes would be to retrieve the ip number of the client
    > store this in a database ( or XML file ) and write your voting logic

    around
    > that


    This won't work if the client is behind a firewall or proxy, as you'll only
    be able to get the IP address of the firewall or proxy.
    --
    John Saunders
    johnwsaundersiii at hotmail
     
    John Saunders, Jul 25, 2004
    #3
  4. Saber

    Shan Plourde Guest

    I don't think any solution is perfect. If you need more security then
    another option is to create user accounts and only allow logged in
    people to vote. This is about the only way to prevent people from voting
    1,000,000 times each simply because people won't be as inclined to spend
    the energy to create multiple accounts unless, and you make it more
    difficult for them to create multiple user accounts depending on the
    questions that you ask as part of the user account creation process. Of
    course one option would be to have enter their credit card information
    and then validate it, but then who would create a user account right? :p

    Otherwise if your votes are not security crucial things such as "what is
    your favourite colour?" then I'm sure that your cookie solution or the
    IP address solution will work at least somewhat. Personally I wouldn't
    recommend creating user accounts just for the purpose of a simple vote,
    so then what are you left with? Well, something imperfect I guess, but
    those are your only options and the chances of people voting over and
    over are really dependent on many factors, your user demographics being
    one of them.

    Which leads me back to your first cookie solution - you're probably ok
    to keep it simple and recognize that people might vote more than once.
    No big deal. For every voter who votes for favourite colour = green 10
    times there's likely someone else who votes for favourite colour =
    orange 10 times.

    Shan Plourde


    M. Posseth wrote:

    >The coockie procedure is so common known to everyone , that fraudulent users
    >will just clear there temporary internet files and will vote and vote and
    >vote again :)
    >
    >A better way in my eyes would be to retrieve the ip number of the client
    >store this in a database ( or XML file ) and write your voting logic around
    >that
    >
    >this way you have everything server side and fraudulent use will be much
    >harder to acomplish
    >
    >
    >happy coding :)
    >
    >M. Posseth MCP
    >
    >
    >
    >"Jos" <> wrote in message
    >news:...
    >
    >
    >>Saber wrote:
    >>
    >>
    >>>I want to prevent users from voting more than 1 time in a simple poll.
    >>>I tried:
    >>>
    >>>Session.Timeout = 40
    >>>
    >>>Dim objCookie As HttpCookie
    >>>objCookie = New HttpCookie("before", "voted")
    >>>
    >>>If Session("before") = "" And Request.Cookies("before") Is Nothing
    >>> Then Session("before") = "voted: true"
    >>> Response.Cookies.Add(objCookie)
    >>>...
    >>>
    >>>But the If block runs again when I close and open page, then
    >>>re-submit the form, I mean Request.Cookies("before") Is Nothing
    >>>always is Nothing!
    >>>why? what I've to do?
    >>>
    >>>

    >>You need to set an expiration time to the cookie to make it
    >>a persistent cookie.
    >>If you don't, the cookie will be a session cookie, and it
    >>will expire with the session.
    >>
    >>objCookie.Expires = Date.Now().AddDays(30)
    >>
    >>--
    >>
    >>Jos
    >>
    >>
    >>
    >>

    >
    >
    >
    >
     
    Shan Plourde, Jul 25, 2004
    #4
  5. Saber

    Saber Guest

    It is not a very important poll and many of the users of this page don't
    know what is cookie and how to delete.
    in another hand, using IP address isn't a good idea, because dial-up users
    have not a static IP and it changes every time they connect to internet.
    "M. Posseth" <> wrote in message
    news:ce001l$lle$...
    > The coockie procedure is so common known to everyone , that fraudulent
    > users
    > will just clear there temporary internet files and will vote and vote and
    > vote again :)
    >
    > A better way in my eyes would be to retrieve the ip number of the client
    > store this in a database ( or XML file ) and write your voting logic
    > around
    > that
    >
    > this way you have everything server side and fraudulent use will be much
    > harder to acomplish
    >
    >
    > happy coding :)
    >
    > M. Posseth MCP
    >
    >
    >
    > "Jos" <> wrote in message
    > news:...
    >> Saber wrote:
    >> > I want to prevent users from voting more than 1 time in a simple poll.
    >> > I tried:
    >> >
    >> > Session.Timeout = 40
    >> >
    >> > Dim objCookie As HttpCookie
    >> > objCookie = New HttpCookie("before", "voted")
    >> >
    >> > If Session("before") = "" And Request.Cookies("before") Is Nothing
    >> > Then Session("before") = "voted: true"
    >> > Response.Cookies.Add(objCookie)
    >> > ...
    >> >
    >> > But the If block runs again when I close and open page, then
    >> > re-submit the form, I mean Request.Cookies("before") Is Nothing
    >> > always is Nothing!
    >> > why? what I've to do?

    >>
    >> You need to set an expiration time to the cookie to make it
    >> a persistent cookie.
    >> If you don't, the cookie will be a session cookie, and it
    >> will expire with the session.
    >>
    >> objCookie.Expires = Date.Now().AddDays(30)
    >>
    >> --
    >>
    >> Jos
    >>
    >>

    >
    >
     
    Saber, Jul 25, 2004
    #5
  6. Saber

    Saber Guest

    thanks,
    i forgot to set an expire date..duh!

    "Jos" <> wrote in message
    news:...
    > Saber wrote:
    >> I want to prevent users from voting more than 1 time in a simple poll.
    >> I tried:
    >>
    >> Session.Timeout = 40
    >>
    >> Dim objCookie As HttpCookie
    >> objCookie = New HttpCookie("before", "voted")
    >>
    >> If Session("before") = "" And Request.Cookies("before") Is Nothing
    >> Then Session("before") = "voted: true"
    >> Response.Cookies.Add(objCookie)
    >> ...
    >>
    >> But the If block runs again when I close and open page, then
    >> re-submit the form, I mean Request.Cookies("before") Is Nothing
    >> always is Nothing!
    >> why? what I've to do?

    >
    > You need to set an expiration time to the cookie to make it
    > a persistent cookie.
    > If you don't, the cookie will be a session cookie, and it
    > will expire with the session.
    >
    > objCookie.Expires = Date.Now().AddDays(30)
    >
    > --
    >
    > Jos
    >
    >
     
    Saber, Jul 25, 2004
    #6
  7. Saber

    M. Posseth Guest

    The coockie procedure is so common known to everyone , that fraudulent users
    will just clear there temporary internet files and will vote and vote and
    vote again :)

    A better way in my eyes would be to retrieve the ip number of the client
    store this in a database ( or XML file ) and write your voting logic around
    that

    this way you have everything server side and fraudulent use will be much
    harder to acomplish


    happy coding :)

    M. Posseth MCP



    "Jos" <> wrote in message
    news:...
    > Saber wrote:
    > > I want to prevent users from voting more than 1 time in a simple poll.
    > > I tried:
    > >
    > > Session.Timeout = 40
    > >
    > > Dim objCookie As HttpCookie
    > > objCookie = New HttpCookie("before", "voted")
    > >
    > > If Session("before") = "" And Request.Cookies("before") Is Nothing
    > > Then Session("before") = "voted: true"
    > > Response.Cookies.Add(objCookie)
    > > ...
    > >
    > > But the If block runs again when I close and open page, then
    > > re-submit the form, I mean Request.Cookies("before") Is Nothing
    > > always is Nothing!
    > > why? what I've to do?

    >
    > You need to set an expiration time to the cookie to make it
    > a persistent cookie.
    > If you don't, the cookie will be a session cookie, and it
    > will expire with the session.
    >
    > objCookie.Expires = Date.Now().AddDays(30)
    >
    > --
    >
    > Jos
    >
    >
     
    M. Posseth, Jul 25, 2004
    #7
  8. Saber

    wl Guest

    On Microsoft MSDN pages you can vote for the usefulness of documents.
    They also check whether you vote just once: I did some testing and it seems
    they use a combination of IP and useragent name.

    With the same IP and a different useragent you can still vote.... And also
    with the same useragent and a different IP.

    Wim


    "Jos" <> wrote in message
    news:...
    > Saber wrote:
    > > I want to prevent users from voting more than 1 time in a simple poll.
    > > I tried:
    > >
    > > Session.Timeout = 40
    > >
    > > Dim objCookie As HttpCookie
    > > objCookie = New HttpCookie("before", "voted")
    > >
    > > If Session("before") = "" And Request.Cookies("before") Is Nothing
    > > Then Session("before") = "voted: true"
    > > Response.Cookies.Add(objCookie)
    > > ...
    > >
    > > But the If block runs again when I close and open page, then
    > > re-submit the form, I mean Request.Cookies("before") Is Nothing
    > > always is Nothing!
    > > why? what I've to do?

    >
    > You need to set an expiration time to the cookie to make it
    > a persistent cookie.
    > If you don't, the cookie will be a session cookie, and it
    > will expire with the session.
    >
    > objCookie.Expires = Date.Now().AddDays(30)
    >
    > --
    >
    > Jos
    >
    >
     
    wl, Jul 26, 2004
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Alex Nitulescu

    Response.Cookies vs Request.Cookies

    Alex Nitulescu, Feb 3, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    8,544
    Hans Kesting
    Feb 3, 2005
  2. Andy Fish
    Replies:
    3
    Views:
    6,560
    Fredrik Lindner
    Nov 6, 2003
  3. user
    Replies:
    3
    Views:
    683
    =?ISO-8859-1?Q?G=F6ran_Andersson?=
    Mar 31, 2007
  4. archana
    Replies:
    1
    Views:
    520
  5. _Who
    Replies:
    7
    Views:
    2,725
Loading...

Share This Page