Poll abuse

[Kahmoon]

Hi there,

i hope i am at the right section to post my question.

I´m using your quickpoll extension and sadly its abused very often. Just a cookie blocking is not enough. Is there any optional IP blocking planned? Maybe with a x minute ipblocking which you can define in localconfig?

Another question for quickpoll. I got a table tl_quickpoll_votes but no entries at all. All voting results are stored in tl_quickpoll -> results. But i can´t see any ip adresses or details to delete abusevotings. So tl_quickpoll_votes is useless?

I´ve read your hint in quickpoll documentation about ipblocking etc. and i know that it is not possible to block voting abuse at all...but i can put some more barriers to prevent it.

greetings from germany
Franky

[thyon]

This is the right section.

The IP issue, I'll try to address in an updated version, but since the Catalog is a major development, that is taking priority with the other 2 developers to get that to beta and final release.

New Version
I'll allow you to configure Poll Groups in the next release, and I'll make it compatible, so that if you upgrade, there is process to place the existing polls into a default group. You'll be able to assign permissions to BE users for poll groups, making it much more flexible.

Also on the plan is a single rendering module, where you select the poll group and then either all polls or you can manually select specific polls to display or simply restrict to the latest 3, etc. This also makes it easier to assign a poll group to a page/member area.

tl_quickpoll_votes
The poll votes table you see, was added to record polls when members register for a poll, not guests.

IP Notes:
I will put the IP address recording and blocking in (can't vote again from the same IP), but the problem with using IP addresses is that most ISP have run out of IP addreses, so we have to move to IPv6. At the moment, IP addresses are proxied anyway, so you don't really have an IP address on the NET, you have a variable IP address from a random assigned pool, almost like DHCP. And of course just like DHCP, there is no guarantee that your IP will remain constant during a communication.

You might open the website on your iPhone using 3G, where you get an Operator assigned IP, then you move to a WiFi cell and your phone automatically switches to wifi and you get a complely different IP address, and you can continue the communication using a web browse, since the session state is preserved, even though your IP changed.

Also almost ALL the ISPs in South Africa generate a dynamic IP to Europe or USA based communcations, so we never have the same IP ever, it constantly changes and we have to pay a lot of money to get a access package with a static IP address.

I hope that helps you understand why I've been so hesitant in implementing the IP check/block situation, as I'm not sure that alone will be enough.

[Kahmoon]

Thx for your reply. I know those problems and i have them at work again and again....

I´ve read your hint in quickpoll documentation about ipblocking etc. and i know that it is not possible to block voting abuse at all...but i can put some more barriers to prevent it.

IP Blocking
Especially in germany ip blocking is kinda uselesse cause everytime you connect to your ISP you get a new ip adress. That´s why i suggest a ip blocking of x minutes (configurable with a variable in localconfig) just to prevent actual abuse (some funny guys voting 100 times with cookie deactivated).

tl_quickpoll_votes
For now im not working with any registered users at all on several sites. Every user is guest. Would be nice if every vote could be stored inside with ipadress. User id optional for registered users. Guest = 0 or anything like that. Just to see and manage abusevoting. That would help a lot!

new Version
i didn´t get the group thing of quickpoll....but i will see when its done . Hopefully it will work with TL 2.6.7. I cannot upgrade to 2.7 due several modules which are not compatible

greetz

[thyon]

The group thing is easy to grasp => it will work like News, where you first create an Archive and then news items in each archive. Then you can make QuickPoll "Groups/Archives" for each sub-area and then the module can list the top 3 polls for that "group/archive" just like the News List modules do it. You can also then assign permissions to a group, so that some BE users can only create polls in certain a group/archive.

[Kahmoon]

ok...now i get it. nice idea. I´m looking forward

[thyon]

You can try the new version 1.8.1 which should be ok for TL 2.7.x

[Kahmoon]

Can i see changes in the new version? Is there anything new about decreasing abuse?

thx

[thyon]

The changes are in the release notes on the extension repository... I just made it TL 2.7 compatible, no new version, as I said no time.

[Kahmoon]

All right