I''m creating a site where a profile can be voted on by guest users.
I want to prevent basic fraud by disallowing multiple votes for the
same profile in one session.
I was thinking about using a session array and checking for the
profile ID in the session array.
So far, it''s not working correctly and I''m not even sure if
this is
the best approach.
Any ideas?
I''m open to new ideas, or at least debugging on my code:
unless session[:voted_user_ids]
session[:voted_user_ids] = Array.new
end
unless session[:voted_user_ids].include? params[:voted_user_id]
@vote = Vote.create(...)
session[:voted_user_ids].push params[:vosted_user_id]
end
Thanks,
Andy
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
On Mar 31, 2009, at 11:03 AM, Andy wrote:> > I''m creating a site where a profile can be voted on by guest users. > > I want to prevent basic fraud by disallowing multiple votes for the > same profile in one session. > > I was thinking about using a session array and checking for the > profile ID in the session array. > > So far, it''s not working correctly and I''m not even sure if this is > the best approach. > > Any ideas? > > I''m open to new ideas, or at least debugging on my code: > > unless session[:voted_user_ids] > session[:voted_user_ids] = Array.new > end > > unless session[:voted_user_ids].include? params[:voted_user_id] > @vote = Vote.create(...) > session[:voted_user_ids].push params[:vosted_user_id] > endIf that''s your exact code, it''s not working cause you have "vosted_user_id" (see that extra ''s'') in one of your lines... Also you can replace your first three lines with: session[:voted_user_ids] ||= [] -philip --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
You could take a look at http://blog.peteonrails.com/vote-fu/ On Mar 31, 8:03 am, Andy <andym...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> I''m creating a site where a profile can be voted on by guest users. > > I want to prevent basic fraud by disallowing multiple votes for the > same profile in one session. > > I was thinking about using a session array and checking for the > profile ID in the session array. > > So far, it''s not working correctly and I''m not even sure if this is > the best approach. > > Any ideas? > > I''m open to new ideas, or at least debugging on my code: > > unless session[:voted_user_ids] > session[:voted_user_ids] = Array.new > end > > unless session[:voted_user_ids].include? params[:voted_user_id] > @vote = Vote.create(...) > session[:voted_user_ids].push params[:vosted_user_id] > end > > Thanks, > Andy--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---