Now that there is a vote in the system, we need a simple verification script that will determine if the vote is legitimate. We’ll call this script, Verify.php. It looks like this:
//Select the database
mysql_select_db($database, $db);
//Update the record to set the Boolean flag to true if the timestamp in the verification email matches the timestamp in the database record.
$selectSQL = sprintf("UPDATE votes set pending=1 where bandID=%s AND email=%s AND time=%s", GetSQLValueString($_GET['band'], "int"),
GetSQLValueString($_GET['email'], "text"),
GetSQLValueString($_GET['time'], "text"));
$Result2 = mysql_query($selectSQL, $UB_DATA);
//Message for voter.
$messages = "Thanks for voting. Remember, you can only vote once a day for a band , but you can vote for as many bands a day as you want.";
This completes the general design of a fraud-proof voting system. There are a few ways to get around this system. ‘Fraud-proof’ is used in the general sense. Dick could obviously go around from computer to computer in the White House and keep voting for his favorite band. There’s some other ways around this system too, but I’ll let you figure that out. However, with this basic design, a voting system that prevents the basest level of fraud can be setup to your specific purpose relatively simply. Happy voting
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |