Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

Re^2: proposition for Voting system

by spx2 (Deacon)
on Jun 21, 2008 at 16:59 UTC ( #693286=note: print w/replies, xml ) Need Help??


in reply to Re: proposition for Voting system
in thread proposition for Voting system

I'm not aware of any way that a js like this could be cheated ...
Are you ?

Replies are listed 'Best First'.
Re^3: proposition for Voting system
by psini (Deacon) on Jun 21, 2008 at 17:17 UTC

    Ignoring it.

    If you put in the page a js that detect the time interval between get and post, it must pass its result as a post parameter.

    If I decide to cheat, I can make a post setting the value to anything I like.

    You can use javascript, cookies, anything you want but in the end the server sees only what I pass it in the post...

    This is the fundamental reason against the use of client-side only validation of data: one can always bypass them.

    A working strategy could be to assign (server-side) an unique identifier to every get of every page, store it in a db along with a timestamp, and compute the interval (server-side) between the post time and the get stored timestamp. This is certainly possible, but would be an enormous overhead

    And, last but not least, cui prodest?

    Update: bootnote: I don't think that the idea in itself is good: most of my (few) downvotes are to badly formatted and incomprehensible questions. You don't need (and don't want to spend) much time to decide that a question saying "HELP!!! MY PROGRAM DOESN'T WORK!!!!!" doesn't deserve an answer...

    Careful with that hash Eugene.

      MY PROGRAM DOESN'T WORK, TOO!!!!
      Please send the codez :-D


      holli, /regexed monk/
      so it seems that there are methods to prohibit cheating.

        Yes, but AFAIK not using javascript!

        And, frankly, what is the problem you want to resolve?

        Are you concerned with monks voting without thinking first? I'm pretty sure you can't measure thinking with a stopwatch.

        And, for instance, when I go to Newest Nodes page, as a habit I open several tabs, one for each post seemingly interesting, and then I read them, one by one, answering, voting and so on. Your change to voting system would result only in weighting more the votes given to older posts: not much of an improvement in my sight...

        Careful with that hash Eugene.

Re^3: proposition for Voting system
by moritz (Cardinal) on Jun 24, 2008 at 10:38 UTC
    In principle you can't rely on anything that comes from the client. A javascript is useless in such a context unless it sends something to the server. That can easily be intercepted or modified.

    There are a myriad of other possibilities to manipulate javscript - for example you can override some behaviour with costum js (via greaksmonkey), automatically patch it on downloading, fiddling with the js interpreter etc.

    Remeber, perlmonks is regularly used by geeks who know very well how to deal with web technology. Just because you can't cheat something doesn't mean it can't be cheated at all.

Re^3: proposition for Voting system
by bart (Canon) on May 13, 2009 at 20:25 UTC
    I'm not aware of any way that a js like this could be cheated ...
    One word: Firebug.

    And what will you do with people who disable Javascript?

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://693286]
help
Chatterbox?
[Discipulus]: marto i had in mind something for stupid peoples with smart phones; a free app (this is the the non perl part..) and some hardware to sell in big cities
[marto]: use libPD on Android/IOS, route to something listening on the pi :P
[marto]: libpd
[marto]: OSC
[Discipulus]: choroba i'm just behind you at 100 points

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (8)
As of 2017-10-17 10:11 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    My fridge is mostly full of:

















    Results (225 votes). Check out past polls.

    Notices?