"I just really want the functionality to work"
You may wish to reconsider your definition of "technicalities" and of "to work" as -- to me -- a working script/package is one which does what's expected, pretty much regardless of "technicalities (aka "unexpected events") and without opening yawning security holes.
Then you should probably review html standards (4.01 assumed, as it will be much easier to find help on that than on 5.) and read (in Tutorials) about CGI; about SQLite, and other basics for the voting operation you're trying to set up.
This is a case where there are "simple" answers and "safe" answers... and -- IMO --the two sets have very few intersections. You may want to consider running this year's election on dead trees or by fone or... and postpone realization of your ambitions until you have enough information (knowledge) to accomplish them.
| [reply] |
my main problem is making a script that lets only members vote, vote only once
Then the first problem you need to solve (and the problem is only partial solvable by coding) is "how do I recognize a user", and "how much I'm willing to spend on it". There are all kinds of solutions, from just asking who the user is (easily forged) to encrypted connections, one-time-only paths, RSA dongles, etc. Things to consider (but the list isn't exhaustive):
- How anonymous must the voting process be? Tracking who voted gives up some of the anonymity.
- Do you need to exclude man-in-the-middle attacks?
- Do the voters themselves need to know they're talking to your voting system? That is, does authentication need to be both ways?
- The more complicated it gets, the more people won't bother to vote. Where's the trade-off when balancing "security" vs "voter count"?
| [reply] |
If corrupting all your vote data is a mere "technicality", then you should just stick with paper voting.
| [reply] |
