• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Using Cookies to Prevent Multiple Sends

 
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I've got a polling system that sets a cookie on vote and then if the user votes twice it shouldn't record the vote again. I dont' see the problem with my code (below). Especially since it is setting things correctly as my JSP checks for an attempt to vote again and tells the user "Sorry you can only vote once" yet it still records it twice. I'm thinking it may have something to do with the view.forward but I'm not sure.



and then my JSP results page:


[ August 08, 2006: Message edited by: Mike Spenser ]
 
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Before diving into your cookie problem, you do realize that cookies, being a client-side mechanism, are not a very secure way to do what you are trying to do?

A temp cookie can be removed simpley by closing and re-opening the browser, and disk cookies are easily removed either through browser controls or by removing the cookie file from the disk.

If you want a more secure way of preventing voting fraud, you'll need a server-side solution.
 
Marshal
Posts: 28193
95
Eclipse IDE Firefox Browser MySQL Database
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This code:is executed unconditionally every time the servlet runs. And you're right, it's something to do with the view.forward. After you execute that, control carries right on to the code that stores the vote.
 
Mike Spenser
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
@Bear
Yes I realize that. However its just a poll. The two easiest to implement solutions would've been to either use cookies or use IP addresses. With IP addresses you are erring on the side of not allowing a vote, such as if someone from within a private network votes thus preventing anyone else from within that network from voting as I'm recording their public IP. While with a cookie you err on the side of letting them vote, because they may just have cookies blocked in which case the code never errors or they may clear them, or whatever. But for a poll it really doesn't matter. I still record their IPs just in case there is a case of abuse. And besides any system, client or server-side can be gotten around if the user really wants to. So if they want to invest the time and effort to make 2 votes go ahead.
------------------------------------------------------
is executed unconditionally every time the servlet runs. And you're right, it's something to do with the view.forward. After you execute that, control carries right on to the code that stores the vote.[/qb]<hr></blockquote>

How do I get around that? Or better phrased: How do I shortcircuit out after the view.forward call like I'm trying to do?
[ August 09, 2006: Message edited by: Mike Spenser ]
 
Ranch Hand
Posts: 144
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

How do I get around that? Or better phrased: How do I shortcircuit out after the view.forward call like I'm trying to do?



How about a 'return;' statement inside the if loop after the view.forward() ?
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic