Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent spam and duplicate votes from same user #934

Closed
3rownz opened this issue May 24, 2020 · 1 comment
Closed

Prevent spam and duplicate votes from same user #934

3rownz opened this issue May 24, 2020 · 1 comment
Labels
wontfix

Comments

@3rownz
Copy link

3rownz commented May 24, 2020
edited
Loading

Is your feature request related to a problem? Please describe.
I find it frustrating that when using a public link there is not way to prevent spam/duplicate votes from the same user. the only prevention included is a simple name input, this does nothing but identify a vote.

Describe the solution you'd like
Intergrate a ip address check or email input or even both before sending to the vote screen:

  • So first check the current user's ip address is not stored with voter info.
  • If it isnt route to email input screen - user inputs email address.
  • Sent email (similar to invited user contacts email).
  • Email link sends to vote page, where ip address is stored on form submition.

Describe alternatives you've considered
Another option could be to check and add a browser cookie as an alternative to ip check or maybe as an addition.

Additional context
The inclusion of all three would still not make it perfect prevtion of spam/duplicate votes, but would greatly decrease the chances of some one altering the results. Perhaps have all three of these features as options on creation of the poll.
@dartcafe
Copy link
Collaborator

dartcafe commented May 24, 2020
edited
Loading

@3rownz
The notification is designed as voting events are stored in a queue. If the same event (same poll, same user) exists unprocessed in the queue, it will not be added again. Every 5 minutes the queue gets processed and notifications are sent. Then new or changed votes will be added again, to get informed about events in the subscribed polls. A compromise between less notification and short term notifications.

In the future, we will use the NC notification system, so this will be mainly handled by core.

  • We do not deal with IP addresses
    Storing IP addresses is not helpful, because most people use dynamic IP addresses and we have to handle IPv4 and IPv6.

  • We do not use any cookies
    Cookies are confidential due to some privacy regulations in different countries. Additionally your solution is rather complex.

  • Storage of personal information follows the rules of preventing of data collection (if not necessary).
    Email addresses for public votes is a to do, but will stay optional. They will only be used for notifications in public votes.

@dartcafe dartcafe mentioned this issue May 26, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
wontfix
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dartcafe @3rownz