1
tedsmith
Serious Problem with Polls Module
  • 2006/7/10 15:17

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


Xoops 2.0.13.2 commercially hosted.

It's been a problem for a while (I think) the issue with the Polls module basing itself on IP addresses.

The problem with this is that anyone behind default gateways may talk to the Internet via one server and one IP address. So for example, organisation has 100 staff using an internal IP address range of 10.1.1.1 - 10.1.1.255 (255 IP Addresses) communicating to the outside world via one server with the external facing IP address of 82.199.10.10 (for example).

Once one person votes from that organisation of 100 staff using the XOOPS polls, no one else can vote from the same organisation because XOOPS logs 82.199.10.10 as the IP address. They would just receive the 'You have already voted' message.

Is there anyway to get round this? Is there any other module to get round it? A hack, anything?

I have an important voting process that is required for the election\re-election of a bunch of committee staff. We want to use the Polls module on the website to do the voting of about 1000 members split amongst several hundred individual organisations. The current Poll module will not enable this to be done in a democractic fashion.

And ideas, hacks, suggestions, alternatives...please???

Ted

2
davidl2
Re: Serious Problem with Polls Module
  • 2006/7/10 15:35

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


The quickest way I can think of Ted, is to remove the IP check from the module - but this would leave it open to abuse for mass-voting.

3
tedsmith
Re: Serious Problem with Polls Module
  • 2006/7/10 16:02

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


Thanks David

True, I had thought of that myself, but obviously mass voting is not acceptable either.

The only thing I can think of is to

a) disable the IP check
b) create\enable a username check by somehow assigning the vote to the User Name (and user ID which is unique). That way once the user has voted he can't vote again regardless of what machine he tries to use and regardless of whether he is or is not behind a default gateway.

Problem : I have no idea how to do it! Other than the fact that it won't be entirely anonymous, does anyone know how I'd do this?

Thanks

Ted

4
MadFish
Re: Serious Problem with Polls Module
  • 2006/7/10 16:20

  • MadFish

  • Friend of XOOPS

  • Posts: 1056

  • Since: 2003/9/27


Could you use one of the custom form building modules as a substitute, like formulize or liaise? One of them (I forget which) records the user name in the admin section so you can check manually that noone voted twice if you need to (it has an option to prevent repeat submission, but I can't remember if its based on IP or username).

5
McNaz
Re: Serious Problem with Polls Module
  • 2006/7/10 17:15

  • McNaz

  • Just can't stay away

  • Posts: 574

  • Since: 2003/4/21


Quote:
b) create\enable a username check by somehow assigning the vote to the User Name (and user ID which is unique). That way once the user has voted he can't vote again regardless of what machine he tries to use and regardless of whether he is or is not behind a default gateway.

Problem : I have no idea how to do it! Other than the fact that it won't be entirely anonymous, does anyone know how I'd do this?


Should be easy to do . Are you using the default 2.0.13.2 Polls module? I can hack this to support uid based checking.

Is someone looking at this or should I just go ahead?

Cheers.

McNaz.

6
davidl2
Re: Serious Problem with Polls Module
  • 2006/7/10 17:25

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


I had a quick look, but I've no coding talent in Php (if it was Z80 Assembler... perhaps ) - so please go for it McNaz!

7
tedsmith
Re: Serious Problem with Polls Module
  • 2006/7/10 18:40

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


Yes McNaz - please gor for it in a big way! You have my blessing! I too, like David, only have basic PHP coding abilities and am trying to learn.

If you have the time to spare it will be much appreciated. I'm amazed, frankly, that no one has thought of basing the polls mod on usernames before. It seems infintately sensible to me.

I will await (enthusiastically) your hacked info.

I am using XOOPS 2.0.13.2 with the standard Polls modules.

Thanks a lot

Ted

8
McNaz
Re: Serious Problem with Polls Module
  • 2006/7/10 20:42

  • McNaz

  • Just can't stay away

  • Posts: 574

  • Since: 2003/4/21


I'll hack it tomorrow morning.. getting late here (yaawn).

Cheers.

McNaz.

9
davidl2
Re: Serious Problem with Polls Module
  • 2006/7/10 21:04

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


This is definately a useful module that really needs a dust and polish

10
tedsmith
Re: Serious Problem with Polls Module
  • 2006/7/10 21:52

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


I seem to recall Rowdie was doing lots with the Polls module, or another kind of Polls module? I remember making several suggestions (including the one above) to him back then (about a year ago) but I forgot all about it and never heard anything since. Does Rowdie still get involved with XOOPS or has he gone elsewhere? Did he ever finish his work on the module I wonder?

Login

Who's Online

193 user(s) are online (104 user(s) are browsing Support Forums)


Members: 0


Guests: 193


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Mar 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits