there's a way to protect votes? there's a way to protect votes?
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

there's a way to protect votes?

Started by fontafox, January 23, 2008, 11:43:21 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

fontafox

Hi...

i have a question and i hope this is the right place to post it...

There is a way to protect the votes that users give to the pics???

i mean...if someone deletes his cookies he's able to rate a picture sevreal times...
if somone is using a proxy he's able to vote even he's banned...

how can i fix these exploits ???

François Keller

Quotei have a question and i hope this is the right place to post it...
No, nothing to do with plugin, mooving to the miscellanous board
Avez vous lu la DOC ? la FAQ ? et cherché sur le forum avant de poster ?
Did you read the DOC ? the FAQ ? and search the board before posting ?
Mon Blog

Joachim Müller

Don't allow guests to vote then. There is only one option to track guest votings: by cookie. No workaround existing, because there can't be one.
Allow only registered users to vote, then you're safe.

fontafox

i asked this because i found some problems with the users of my website... someone says that when he votes the board returns the statement :

We are sorry, but actually it's not allowed to vote while using ip hiding systems

this happens for users that for work, for example from an office, or from university are behind a proxy.

Ok the new question is, cpg has a feature about this? I dont really understand it.

Joachim Müller

Coppermine doesn't check IP addresses or other client data when voting. Reason is: you'd be locking out a load of users who are not even aware how to disable that feature. Notorious "Norton Internet Security" comes to mind for example.
Anyway, there's no such method. Would be silly anyway.