in reply to
Re^2: simple voting script
in thread simple voting script
my main problem is making a script that lets only members vote, vote only once
Then the first problem you need to solve (and the problem is only partial solvable by coding) is "how do I recognize a user", and "how much I'm willing to spend on it". There are all kinds of solutions, from just asking who the user is (easily forged) to encrypted connections, one-time-only paths, RSA dongles, etc. Things to consider (but the list isn't exhaustive):
- How anonymous must the voting process be? Tracking who voted gives up some of the anonymity.
- Do you need to exclude man-in-the-middle attacks?
- Do the voters themselves need to know they're talking to your voting system? That is, does authentication need to be both ways?
- The more complicated it gets, the more people won't bother to vote. Where's the trade-off when balancing "security" vs "voter count"?