Sending the email is only the first step for fraud prevention because some people have a thousand email addresses. Someone could (and would) vote for the same song using all of their email addresses and skew the results in that way. Because of situations like that, the system also needs to verify that fans aren’t using multiple email addresses. The verification email also needs some sort of key so that the verification script cannot be easily hacked.

Two scripts comprise the bulk of the system. One script, vote.php, casts the vote and sends the verification email. Another script, verify.php sets the vote as valid after Dick clicks the link in his inbox. A table in the database will need to be created to store votes.

First, we’ll setup the table in the database to store the votes that are cast. We need a basic primary key called ID. We’ll store the email address of the voter. We’ll timestamp the vote. We need a column that shows whether the vote has been verified. It will be a Boolean flag. We’ll store the ID of the band receiving the vote. We’ll store the song name and finally the IP address of the voter.

CREATE TABLE `votes` (
`ID` int(10) unsigned NOT NULL auto_increment,
`email` varchar(255) NOT NULL default '0',
`time` timestamp(14) NOT NULL,
`pending` tinyint(1) unsigned NOT NULL default '0',
`bandID` int(10) unsigned NOT NULL default '0',
`song` varchar(255) default NULL,
`IP` varchar(15) NOT NULL default '0',
PRIMARY KEY (`ID`),
UNIQUE KEY `ID` (`ID`),
KEY `ID_2` (`ID`)
) TYPE=MyISAM AUTO_INCREMENT=0;