Option to restrict anonymous voting by cookies rather than IP

I didn't really understand this initially, but after http://drupal.org/node/105587 it makes sense.

The implication is that restricting anonymous voting by IP should be optional - so if this feature isn't desired advpoll should set a cookie on the user's computer to record that they've voted. This is a good feature to implement eventually as it's standard among polling/survey systems.

I'm also interested in giving separate voices to multiple anonymous users who share an IP.

I think there are a number of options that could be possible for the admin setting up a poll:

- as now, limit to 1 vote per IP
- as requested here, limit 1 vote per cookie
- as requested at http://drupal.org/node/105587, limit to 1 vote per IP/cookie per time period
- allow admin to set a poll to unlimited anonymous votes from the same IP / cookie / time period

As an alternative to time periods, hook_cron could come in and wipe the IPs/hostnames recorded over an hour / day / week ago. I think I'm going to work on this for my 4.7 install until there's an official solution.

Were you able to get this to implement any of this yet?
I'd be interested in it if you did..

thanks

I should note that I'm currently working with the 4.7dev branch, not 5.x, but it sounds like this request has not been resolved for either. Correct?

My main interest here is with the IRV implementation, so my comments reflect that.

It looks to me like the setup to the problem is:
-- Anonymous users on the same IP address all show up as the same hostname.
-- Adv poll records each ranking within a ballot as a separate line in the votingapi_vote table.
-- Multiple rankings from an anonymous user can only be reassembled into one ballot by selecting all of the votes in votingapi_vote that match a certain node ID and hostname (IP address).

SO, the only "quick" way to allow multiple ballots (voters) per anonymous hostname would be to append some string (as suggested) to the hostname when it is stored in the database (like a timestamp). But the problem is, votingapi.module sets the hostname which is recorded. There is no API in votingapi so far as I can tell for another module (advpoll) to set its own interpretation of the hostname.

Seems like the root problem is in votingapi, not advpoll. The question I'm looking at is: is it easier to mod advpoll to use an alternate vote storage table, or to mod how votingapi stores its hostnames? I will go look into the votingapi features requests to see if this is addressed at all. Get back to me if you have seen anything further on this, please.

Following up on my comment, this is the feature request I lodged with votingapi project:

http://drupal.org/node/123916

The more I think about it, the more a cookie makes the most sense. Votingapi is looking for a unique ID, so storing the same hostname for multiple votes messes up the counting of the votes.

If advpoll passed the user's cookie ID to votingapi as 'hostname', the cookie ID could be stored in the hostname field.

I was able to apply an ugly patch without touching VotingAPI, however.

I edited advpoll.module and modes/binary.inc to allow anonymous users to vote on binary polls every 24 hours. This created other problems, especially with the way votes are tallied. I'm only using binary polls, so I don't know what havoc this would wreak on rankings.

In the advpoll function advpoll_load, which decides if we should display the results or the poll, I made a few changes.

For the hostname, votingAPI records the environment variable HTTP_X_FORWARDED_FOR if available and REMOTE_ADDR if not, but advpoll wasn't checking for HTTP_X_FORWARDED_FOR, so I added and changed, below "else {":

Now the poll displays for an anonymous user who has already voted after 24 hours have gone by.

In modes/binary.inc, I changed the routine for counting votes in advpoll_view_results_binary. Advpoll assumes that multiple votes from the same IP are one "vote" chosing multiple options.

Above "if ($node->choice && $total_votes > 0) {", I added a quick check to recalculate the total votes if there was a limit of 1 choice per vote on the poll:

The total votes as called from votingapi are still in error, however, so it looks bad when the bottom of the node reports 129 votes and you add up the individual results and get 135.

The cron solution I mentioned above would probably work better. To change anonymous votes older than 24 hours to unique IDs:

Any cleaner patches on this yet? I'm looking for the same thing... Intranets really need this feature :) We're all on the same IP

I don't know if there's a similar post to this issue for 4.7, but on this site i develop http://www.teachingexpertise.com i had the same issue with multiple voting on the same ips, all i did to get round this is hacked the code to store the session_id() instead of the hostname(ip). This meant voting was restricted to the users computer, and the only way they could do more than one vote is clear their cache to get rid of the cookie that stores the session or find another computer on the same ip to allow them to vote again. I know the down fall of this is cookies could be switched off, but atleast it'll still stop the spammers. Hope that made sense and hope this helps someone.

Hi, #8, I have the same problem can you tell me exactly how you did this? It sounds liek a great idea you came up with. I have read several sites online about this topic and your solution sounds like the bset so far. I would really liek to see how it works.

i'm interested in #8 solution as well. if you could post it would be greatly appreciated. thanks

A year has passed since the last comment and I don't believe this has been worked on at all. It would seem to be an important feature for a poll system. Any new thoughts on an approach to tackle this?

Yes, I've implemented it in http://fest.hmsu.org/mix-contest.html and it really needs cookie restriction too...